Enforce Non-Bypassable SSO with Optional Break-Glass Account | Feature Requests

Enforce Non-Bypassable SSO with Optional Break-Glass Account

Jesse Carter

Add a per-account setting that enforces SSO without bypass, even for Admins and Super-Admins. This would make SSO a true security requirement.

Created by David K.

May 16, 2025

Jesse Carter

We have regulatory requirements that we meet using SSO. E.g. conditional access policies on AzureAD which enforce device compliance, location, etc. If that can simply be bypassed, then SSO is simply there for convenience of sign-in, but offers zero security benefit.