What is this feature?
Today we released the ability to disable access with passwords for agents, admins and end-users when single sign-on (SSO) is enabled. Disabling passwords will require whoever is logging in via SSO to only use SSO and will not have the option to log in using a username and password.
Right now, you can enable SSO on your account through your Security Settings. However, if the identity provider is down or your SSO integration is misconfigured, a user or agent can bypass the SSO and log-in by entering in a Zendesk username and password. This could potentially create issues if users choose a Zendesk password which does not satisfy the password policy specified in your Identity Provider.
Who can use this feature?
All Support customers using SSO can utilize this feature
How can I enable this feature?
If you are an admin and would like to require your agents or end-users to only log-in via SSO:
- Click the Admin icon in the sidebar, then select Security in the Settings category.
- Click the Admins & Agents or End-users tab. Go to the social or business SSO option you have enabled.
- Check the disabled box next to Passwords.
- For Admins & Agents tab, you have the options of allowing Admins or the Account Owner to request a one-time sign-in link.
- Hit Save.
Please note: Disabling passwords will affect your Zendesk mobile app log-in as well.
For more information on SSO options and how to set it up for your Agents or End-users: https://support.zendesk.com/hc/en-us/articles/203663766-Enabling-social-and-business-single-sign-on-SSO