To further extend TeamDesk capabilities we added an ability to use mixed mode single sign-on.
What is mixed mode single sign-on for? Previously, once you enable Single Sign-On we forwarded all the users to your identity provider (IdP) to authenticate. This way is called as Forced Single Sign-on. In contrast mixed mode allows to mark some users to login via IdP. Others will use regular TeamDesk login process.
Mixed mode is particularly useful in case of external users. Сorporate users will still be protected by your IdP they are already configured on, while external users will be freely added to TeamDesk, thus lowering the costs to support administration of the corporate environment.
To choose between forced and mixed mode we split former Enabled option into two: Enabled for all users for forced mode and Enabled for selected users for mixed mode.
To manage who’s eligible to use IdP, we added extra SSO Login checkbox to users’ settings. And there a pair of quick Enable/Disable SSO Login actions to operate on a set of selected users.
Please note that SSO Login checkbox appears only in mixed mode. It has no effect in forced mode.
As a bonus we added options to mass-enable/disable users and force password change.
On first attempt to login in mixed mode the user will see the prompt to use either corporate system or regular login/password pair.
Once the user logs in via corporate system successfully, on next login attempt we will forward the user to IdP automatically.