Group-based SSO configuration
Current Status and Issues:
SSO mode can only be set for all users.
If SSO is mandatory, when IdP fails, all users cannot log in to Box.
Desired Improvement:
I would like to specify a Box group to enable/disable/require SSO. If only the administrator can set "SSO Enabled", he/she can log in even in case of IdP failure, and by changing the setting of general users from "SSO Required" to "SSO Enabled", the business can continue.
Furthermore, if possible, we would like to set it up so that different groups can SSO in different IdPs.
Reason for need:
The IdP of SSO becomes a single point of failure, which causes problems in terms of business continuity.
In addition, some of the business companies do not use IdPs or have different Id management, making SSO impossible in some cases.