When enabling SSO authentication for users with any non-administrator roles (Admin or Super Admin), a login/password log in mechanism and the two-factor authentication will not be available. When SSO authentication is enabled, the user's password is erased and two-factor authentication is disabled.
The Admin and Super Admin roles can use login/password pair, two-factor authentication, and SSO authentication simultaneously.
To enable SSO authentication for Wallarm users go to Settings → Users. Find the desired user and open the user action menu by clicking the button on the right of the user's record. Click Enable SSO login.
In the pop-up window, you will be prompted to send a notification to the user that SSO authentication is enabled. Click the Send notification button. If the notification is not required, click Cancel.
After that, the user can authenticate through the identity provider.
To disable SSO authentication for Wallarm users, go to Settings → Users. Find the desired user and open the user action menu by clicking the button on the right of the user's record. Click Disable SSO.
After that, the user will be notified by an email that the login using SSO is disabled with a suggestion (link) to restore the password to log in with the login/password pair. In addition, two-factor authentication becomes available to the user.