If you're using SSO and want to ensure users cannot bypass the SSO security, follow these instructions.
Admin Permissions Required
1. Go to Admin and click Login Settings.
2. Click Edit Security Settings.
3. Expand the advanced settings, check Require SSO, and click Save.
Best practice is for the user(s) to be invited and accept the invite. After the invite is accepted, Admins should then set them to "Require SSO."
If you select Require SSO, you can exclude a user role from this restriction by checking the Bypass Single Sign-On option while setting up the role. This will allow users to sign in normally. For example, Admin users may still need to log into Marketo through the login screen.
When new users are invited, they receive invite emails. However, if Require SSO is selected, they won't receive these emails, unless they are assigned to a role which is set to Bypass Single Sign-On.
- Add Single Sign-On to a Portal
- Using a Universal ID for Subscription Login
- Inviting Marketo Users to Two Instances with Universal ID