https://github.com/osquery/osquery logo
#fleet
Title
# fleet
k

KK

05/05/2021, 9:43 AM
Hi, can I disable password-based authentication on the FleetDM UI? I'd like to enforce my admins to login only via SAML, not via password.
n

Noah Talerman

05/05/2021, 2:32 PM
Hi, there is no option in the Fleet UI for disabling password-based authentication. However, I believe users (and admin users) that have SAML SSO turned on in Fleet will not be able to log in via password-based authentication. With SAML SSO enabled, the login UI still displays the “Username” and “Password” fields but on attempted password-based login, this user should receive an “Authentication failed” message. Please let me know if you’re observing a different behavior.
k

KK

05/05/2021, 3:09 PM
I can confirm this behavior, thanks.
🍻 1
n

Noah Talerman

05/05/2021, 5:13 PM
Thank you for confirming. It’s confusing that the Fleet UI provides no indication that password-based authentication is actually disabled for SAML users. I’ve filed an issue here as a future improve to this experience in Fleet: https://github.com/fleetdm/fleet/issues/725
🙌 1
🙌🏽 1