STEP 3: Enabling to Use Only SAML Authentication When Logging In

Article Number:02036

You can configure to use only SAML authentication when logging in to cybozu.com.
If this setting is enabled, users will not be able to log in to the service using password authentication. The setting is disabled by default.

Areas Affected by This Restriction

Services and Apps

You will not be able to use the following services and apps if you enable "Require SAML authentication".

API for cybozu.com

If you enable "Require SAML authentication", running API with password authentication will be allowed only to Administrators.
If you don't want to restrict users to run API, leave "Require SAML authentication" disabled.
For details on API, refer to the following website:
cybozu developer network

Enabling the Restriction to Use Only SAML Authentication When Logging In

  1. Configure SAML authentication.
    For details, refer to Configuring SAML authentication incybozu.com.
    You cannot go to Step 2 without completing the SAML authentication configuration.

  2. Click the gear-shaped menu button in the header.

  3. Click Users & System Administration.

  4. Click Login. Screenshot: "Login" is highlighted

  5. Confirm that "Enable SAML authentication" is enabled.

  6. Select "Require SAML authentication".
    Screenshot: "Require SAML authentication" checkbox is selected

  7. Notify users that they need to enter the login information of the SAML IdP when they log in to cybozu.com.

URL to Skip SAML Authentication

Administrators can still log in to cybozu.com using password authentication even if the "Require SAML authentication" option is enabled.
The URL below is used to avoid the situation where no one can log in to cybozu.com after the failure of SAML authentication. You cannot disable this feature.

  1. Access the URL below.
    https://(subdomain_name).cybozu.com/login?saml=off

  2. Log in to cybozu.com using the login name and password registered in Administration.