Disable SSO-required for break-glass accounts

Ctrl + k

1 vote

Published a year ago

Since we encountered a bug that disabled our SSO but kept the SSO-required button active, we thought about adding an option to exclude special accounts like break-glass accounts from the SSO requirement. In our scenario, a large part of the company was unable to work, which could have been prevented with this option, allowing at least one account to access the passwords in the vaults.

Disable Force SSO on all users in Devolutions Hub Business using PowerShell - Devolutions Documentation

All Comments (1)

Maxime Forest

Published a year ago

Hi @jherber-c,

We've recently added new documentation that provides a break-glass solution for disabling Force SSO. This can be done using a PowerShell script executed through an Application Identity.

Doc: https://docs.devolutions.net/powershell/hub-powershell/disable-force-sso-on-all-users/

We’ve noted your suggestion about excluding break-glass accounts from the SSO requirement, and we’ll definitely keep it in mind for a future improvement.

Best regards,

Maxime Forest