Post

2 followers Follow
0
Avatar

SSO with Azure AD

I have setup SSO with Azure AD.  I have noticed that I have to invite a new user to Clarizen and then they have to setup an user account and password on Clarizen then the SSO sign on works.  

When this is done the user has the option to login to Clarizen directly with the user account or use SSO.  If I disable the AD User account the User is still able to use the Clarizen account.  

Can I restrict login's to Clarizen to only use the SSO login?

Keith

Keith Schmeichel Answered

Please sign in to leave a comment.

3 comments

0
Avatar

Please refer to the following document: https://success.clarizen.com/hc/en-us/articles/205711618-Integration-With-Identity-Providers-SSO-?search=sso

Under the "Clarizen Side" section #8

Define who can access Clarizen with a user name and password instead of via SSO only.
From the Enable Password Authentication menu select:

  1. No one
  2. External users
  3. Internal users
  4. Everyone - both External and Internal users (default)
Bobby Benigno 0 votes
Comment actions Permalink
1
Avatar

When I select External Users I can still login without using federation even though I'm an internal Azure AD user.

Keith Schmeichel 1 vote
Comment actions Permalink
0
Avatar

Clarizen admins will bypass this setting in case they need to login and update the settings or the SSO certificate.

Bobby Benigno 0 votes
Comment actions Permalink