pingvin-share icon indicating copy to clipboard operation
pingvin-share copied to clipboard
verified publisher icon stonith404

🚀 Feature: Allow admins to disable "built-in" auth and force specific IDP

Open ukdaaan opened this issue 2 years ago • 2 comments

🔖 Feature description

Allow the administrator to disable the "built-in" accounts (and hide the username / password fields) and if only one social connector is enabled automatically redirect to the relevant IDPs auth flow.

The user should then also be able to create an account using the idp auth flow sign in request on successful sign in if they don't already have an account.

🎤 Pitch

I use SSO for all of my public / client facing services having the ability to hide other authentication methods and redirect the user automatically to the sign-in page if only one method is enabled would improve the user experience sign-in flow.

ukdaaan avatar Nov 15 '23 00:11 ukdaaan

@stonith404 Do you think this is a useful feature? The implementation should be pretty easy.

qingfua avatar Nov 16 '23 17:11 qingfua

@zz5840 Yeah I think this feature would make sense.

stonith404 avatar Nov 16 '23 22:11 stonith404

This was added in v1.1.0. If only one OAuth provider is present and password login is disabled, the user will get redirected automatically.

stonith404 avatar Sep 14 '24 16:09 stonith404