💡Feature Idea: SSO Integration per email domain

AndyT
AndyT ✭
edited October 2021 in Feature Ideas

My organisation has different communities on different networks using different email domains. We all want to use MURAL together! Our SSO federation is a poor user experience and causes us extra support admin.

Today MURAL is limited to one SSO endpoint per company. How about allowing a different SSO endpoint for each email domain you've configured for your account? I appreciate I may be the only org in the world with this problem :(

Tagged:
10
Up
10 votes

Open for voting · Last Updated

Would you like to see this? 👀 Up vote the idea, and share your use cases below to help us understand how you would use this idea. 💡

Comments

  • simonsmallchua
    simonsmallchua

    We have a different but related issue with Google's SSO.

    We changed our domain name in Google, so default/sign-in email addresses changed domain.

    We couldn't update our email addresses to the new name because it was locked to our SSO.

    Then when people tried to login with their google account it created a new account in Mural with the new email address. Then we couldn't log back into the old account or reset our password because cookies were locked to our new login. I worked with support on various workarounds to solve this, but it's insanely complex.

    Two suggestions

    1. Let a user signing in with Google change their email address and sign in with a password
    2. Use the Google User ID, not their email address as their login identifier - then IF their google domain changes Mural will see it as the same user - because their ID doesn't change

Categories