Other: SSO sign in flow improvements (second password entry step & separate sso site)
Hello,
We are having issues with FiveTran's SSO login methods.
- Users can accidentally create a Fivetran account via username+password and then switch to SSO via account switching in Fivetran. We want to stop username+password signup for our @bbc.com (or whatever) domain as it's a bad experience for our users as they can get confused with this flow. Other SSO providers do not have this experience of accidental separate account creation - they will route you to your SSO sign in.
- I have raised a bug around account enumeration - the frontend switches if you guess an email for our account correctly. Most other SSO providers (snowflake, databricks, microsoft, etc) do not alter the UI based on email address. Instead they provide a second step where they take them to the SSO page or ask for a password. Microsoft routes you to your SSO page based on email domain. Snowflake lets you enter an email for a non-existant user, and does not hint the user does not exist. We would like an experience like this please. I can demo that to you.
Thanks,
Alex
+ Mark Doran mark.doran@bbc.com
-
Official comment
Hi Alex,
This is a good suggestion regarding SSO sign-in flow improvements, thank you for taking the time. The request has been added to our feature improvements backlog, but there is some non-trivial infrastructure work to accomplish this, and we'd need a few more customers asking for it do it soon. This is in the backlog, but doesn't have a date yet.
Updates and progress will be communicated on this thread to keep the community informed, as more votes/interest would help prioritize getting it done sooner
Thanks,
Pieter
Please sign in to leave a comment.
Comments
1 comment