Login error says to use email and password but Single Sign-On is required

Feature(s) impacted

One of our users in unable to log back in to ForestAdmin after their login timed out.

Observed behavior

When the person tries to log in using Single Sign-On (which is the required login method for our project) they are given an error saying “Please use email and password to access your … account” (the error includes their email which I’ve excluded here).

I think this may be because they originally used email and password login before our project switched over to requiring SSO.

Expected behavior

When we switched the project to requiring SSO, we were told that any users currently using email and password logins would simply be prompted to switch to SSO. If that’s not the case, let us know, so that can turn off SSO for our project to allow these users to log back in!

Failure Logs

Please use email and password to access your <email-address> account.

Context

  • Project name: GumboUI
  • Team name: DepMap
  • Environment name: Production
  • Agent type & version: django-forestadmin
  • Recent changes made on your end if any: Several months ago, we switched our project to requiring SSO

Hello @Sarah_Wessel,

Thanks for reaching out and for this clear and detailed topic.

Unfortunately, I’m not able to reproduce the same behavior.

It shouldn’t cause any trouble as long as they are registered in your SSO (IDP provider).

I just had a look at your SSO configuration and it turns out it is not set up for now. SSO is turn-on from the organization settings. Then you can log in to Forest Admin using the Single Sign-On as described here.

  • Did you change anything in the meanwhile?

When you enable SSO in your organization any user must use the SSO to access any projects in this organization.

What you are describing sounds like Two-Factor Authentication (2FA) which can be enforced for a particular project/environment for users using email and password logins. 2FA is an identity and access management security method that requires two forms of identification to access resources. You can find more information in this documentation!

But I just look at your project and it is not set up either. :confused:

Let’s get back to the failure. This error specifically happens when a user tries to connect with 0Auth2 (in our case Sign in with Google from the login page) but they registered/signed up using email and password logins.

To sum up (and respond to the SSO required), in your current configuration users can still connect using either Sign in with Google or Standard email and password login as you don’t have the SSO enabled in your organization. If you need some help to set up it for your project don’t hesitate to reach out to the Customer Success team as you’re a paying client.

Let me know if it helps.

Kind regards,
Morgan

1 Like

Hello,

How do we contact the Customer Success team? The only contact info I’ve been able to find on your site directs me to the forums or the email address hello@forestadmin.com.

(I sent an email to hello@forestadmin.com but I haven’t heard anything yet, but I’m also not clear if that’s the right channel that I should be using.)

Thanks,
Phil

Hello @pmo,

Someone from our Customer Success team should have contacted you.

Let me know about this subject to ensure there ain’t any issues on our side. :pray:

Thank you for your time. I’m looking forward to hearing from you.

Kind regards,
Morgan