Would like for Single-Sign-On to be selective for certain domains for managed users under their enterprise
Would like for Single-Sign-On to be selective for certain domains for managed users under their enterprise so they have the option to authenticate through their IDP while other managed users to not. Specific Comments from Kerim Below: Yes, I would definitely appreciate if you can provide this feedback to your product development team. For us, SSO is an all-or-nothing proposition. Meaning, we will not allow the user to choose whether or not they wish to use SSO. Rationale for this is, if a user leaves the company, they can then continue to login to their corporate Box account by bypassing SSO. Since we would are not able to reset their passwords ourselves from an admin level, our only choice would be to disable/delete the account (which is what we are currently doing anyway). Our objective in implementing SSO for Box would be primarily to enhance security – the login convenience aspect is an additional benefit. So, we need to look at turning it on for everyone and excluding any Managed Users who are not part of certain domain.