Open for Voting

Create option to disable default Orion login while using SAML auth

Hey all,

Like the subject says, I would like a way to disable the default Orion username/password form while SAML authentication is enabled. We recently integrated our Solarwinds with Okta for authentication, and enabled a Solarwinds tile in Okta via reverse proxy. Now we are able to load Solarwinds with our phones while not on the VPN, but this has created a bit of a security risk. Since the Orion login is still enabled, this opens potential vulnerabilities to brute-force attacks. Additionally, the Okta integration was a bit confusing for folks since most apps, post-Okta integration, just take you straight to okta while on VPN, or forward you to okta for authentication. The Okta SSO button is located at the bottom of the prompt, which for most of our folks isn't a problem, but is for some.

In order to increase security, I think the username/password fields should be hidden if SAML auth is configured, and the username/password should only be displayed in the event of a SAML failure.

Thanks,
Bryan

Parents Comment Children
No Data