Details
-
Suggestion
-
Resolution: Not a bug
-
None
Description
Problem Definition
When SAML SSO is enabled the users can still use the Continue with ... from https://id.atlassian.com to log in. This might allow them to use a different authentication method (OAuth) than what the Org admins want (SAML SSO).
For example:
- User has a valid Google account with domain @domain.com
- The org admins' configured SAML SSO at Atlassian with Okta
- User will still be able to authenticate with the Continue with Google even if SAML is enforced to their account.
Suggested Solutions
Make it possible for the admins to allow/disallow the social login for their managed accounts.