<iframe src="https://www.googletagmanager.com/ns.html?id=GTM-M74D8PB" height="0" width="0" style="display:none;visibility:hidden">
Loading
Skip to NavigationSkip to Main Content
0D54z00007IWltfCADOkta Classic EngineSingle Sign-OnAnswered2023-06-14T20:07:16.000Z2021-11-22T15:56:20.000Z2021-11-22T23:23:45.000Z

KarenH.16388 (The Aspen Institute) asked a question.

Okta & Salesforce SSO/SAML integration - password reset still works on generic login page

Hi, We have started setting up Okta & Salesforce SSO/SAML integration but found a loophole. We are not currently handling provisioning to Salesforce via Okta. We completed the first and second steps in this article https://help.salesforce.com/s/articleView?id=sf.sso_enforce_sso_login.htm&type=5 :

1. Disable direct logins through login.salesforce.com; and

2. Disable logins using Salesforce credentials.

 

Despite completing those two steps, a user was still able to request a password reset link from the generic login page login.salesforce.com. Looks like the Salesforce article indicates a third step is required to prevent this. Have others found this to be the case as well? Is it better to indicate SSO is enabled on the profile or through a permission set?

 

Thank you, Karen

 

 


This question is closed.
Loading
Okta & Salesforce SSO/SAML integration - password reset still works on generic login page