Like the subject says, I would like a way to disable the default Orion username/password form while SAML authentication is enabled. We recently integrated our Solarwinds with Okta for authentication, and enabled a Solarwinds tile in Okta via reverse proxy. Now we are able to load Solarwinds with our phones while not on the VPN, but this has created a bit of a security risk. Since the Orion login is still enabled, this opens potential vulnerabilities to brute-force attacks. Additionally, the Okta integration was a bit confusing for folks since most apps, post-Okta integration, just take you straight to okta while on VPN, or forward you to okta for authentication. The Okta SSO button is located at the bottom of the prompt, which for most of our folks isn't a problem, but is for some.
In order to increase security, I think the username/password fields should be hidden if SAML auth is configured, and the username/password should only be displayed in the event of a SAML failure.
SolarWinds solutions are rooted in our deep connection to our user base in the THWACK® online community.
More than 150,000 members are here to solve problems, share technology and best practices, and directly
contribute to our product development process.