SAML Enforcement Options
Once you have SAML configured, Replicated provides 2 options that can be enabled or disabled at any time.
Enable SAML for team logins
Turning on the “Enable SAML for team logins” toggle will allow members of your team to log in to the Vendor Portal from your SSO provider. This will not remove, change or restrict any other authentication methods you have configured on Replicated. If you enable SAML and your team already is logging in with accounts provisioned in Replicated, they will be able to continue logging in with those accounts. Allowing both login methods is a good way to test SAML without risking any interruption for the rest of your team.
Only allow SAML logins
Once you’ve enabled SAML and validated it, you can toggle on “Only allow SAML logins”. Selecting this will prevent any non-SAML accounts from logging in.
We don’t delete the existing accounts. If you turn this on and then later disable it, accounts that never logged in via SAML will be able to log in again. If an account exists outside of SAML, and if then authenticated with SAML, the account is converted and will not be able to authenticate using a password again.