salesforce Okta as the only method to authenticate
I configured Okta with Salesforce using SAML 2.0 following the configuring steps, setup the custom domain in SalesForce, configured SP-init and everything seems to work fine if my users go to our custom salesforce domain [company]my.salesforce.com
Users go there Get the Okta Login page MFA Then they're in
However if they go directly to login.salesforce.com and try to login from there with their login credentials, they can still login without the need for Okta. How do I stop the access from there? How do I force them to got to the custom domain and use Okta for signin on?
Here is the relevant portion of the instructions from Salesforce to force SSO login only:
Go to Setup | Domain Management (or Company Settings if using Lightning experience) | My Domain. 6. Under Authentication Configuration, Choose the Single Sign On Setting which you created under Single Sign On Settings. 7. In My Domain Settings Login Policy section, check Prevent login from https://login.salesforce.com.
Borrowed from here: https://help.salesforce.com/articleView?id=000003861&language=en_US&type=1