What happens to old username/pwd registrations when we set up SSO?

  • 22 July 2021
  • 2 replies

Userlevel 5
Badge +1

When you implement SSO late in the game, what happens to all your existing users who do not have SSO logins? Can they update the way they login? Or do they continue to use their username and password? Should a customer be mindful of anything when setting up SSO late in the game?


Implementing SSO without disabling username/password login:

As long as you do not disable the ability to login via username and password, the users will still be able to log in. If they are using the same email address that corresponds with the new SSO, they will now have two forms of logging in. Users can choose if they keep logging in the way they did (username + pw), or they choose SSO


Implementing SSO with disabling username/password login:

if you decide to move away from username/password login and only do SSO login, users will lose access to their manually registered accounts, if the SSO email doesn't match that existing account

An administer would have to manually change the email address of any existing accounts that do not match the SSO provided one.




2 replies

does it mean: when user accounts have been created prior to SSO being enable, their account, participation etc is all been kept when then they connect via SSO ?

Userlevel 5
Badge +1

@Jeanie Lee would it be possible to allow a user that registered with SSO to create a password so that they can still access the community once the SSO is no longer available to them.

ie. Our customers have SSO enabled but what if they are no longer customers can they use the normal authentication with that same account → create a password?