SSO Should NOT Allow User Changes
Amanda Stançani
Merged in a post:
Single Sign on
Labib Assaf
We would like to have option to restrict users to use either SSO login, or email/pw, or enable both of them like now.
Amanda Stançani
Merged in a post:
URGENT Security Concern: Please allow disabling dual login!
Joel Andrews
I recently realized that the current setup with Single Sign-on allows users to continue using their Helpjuice-issued password to log into our private internal KB, even after their AD accounts have been closed. This means that if we terminate an employee, we have to manually delete their Helpjuice account in order to prevent them from being able to sign into the KB. We have a very large staff user base and a high turn-over rate. Our team does not even have access to the information about who has been termed, and wouldn't have the ability to keep up with this manually, even if we did. This constitutes a serious security breach for us, and will be a dealbreaker for our continued use of the platform if it can't be resolved. PLEASE make this a top priority! We love HJ and can't wait to see its use explode, once this is fixed.
Amanda Stançani
Merged in a post:
Restrict the user's ability to change their login email address
Alexis Billequin
We want our users to keep their professional email address for logging in, in order to control their authentication workflow. Notifications must also be received by our organization's mailboxes.
We don't want them to be able to change their address to a personal one.
Caleb Scharf
agreed. this is a bit of a miss.