Skip to main content

Hi team,

Is there a possibility or setting we need to be aware of where users will be able to log in via SSO even though they are not assigned to the SSO AD?

Thank you!

Hi ​@Flo, can you please clarify if you’re experiencing an issue where you have SSO set up and users that are not assigned the app in Active Directory are still able to log in? Or are you concerned that this could be a potential scenario?

 

 

 

 


Experiencing this issue.

Even though the users are not added to our SSO AD group, they are still able to log in to PagerDuty via SSO. It seems there is no issue from our AD. I am trying to understand if there are any settings in PagerDuty that enable SSO by default.


@Flo What is AD in this context?  If you’re using SAML, there is a setting in PagerDuty's Single Sign-on "auto-provision users on first login". For more information on auto-provisioning they can refer to our public docs: https://support.pagerduty.com/main/docs/sso#optional-attributes-for-auto-provisioning


Thank you very much.


Reply