You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Add a new "Require SSO" section to the dashboard SSO docs explaining how Enterprise admins can enforce SSO-only sign-in and restrict allowed authentication methods.
Changes
Add a "Require SSO" section after JIT provisioning to dashboard/sso.mdx covering: toggling Require SSO from the SSO settings page, choosing allowed auth methods (SSO, password, magic link, Google OAuth), the default-connection requirement, and the SSO step-up behavior when non-SSO users switch into an enforced org.
Mirror the new section in zh/dashboard/sso.mdx and fr/dashboard/sso.mdx.
Context
Source PRs:
mintlify/mint#8459 — adds the Require SSO toggle and allowed-auth-methods UI to the SSO settings modal.
mintlify/server#5983 — enforces SSO across magic-link, password, password-reset, callback, and active-session exchange paths, surfaces an SSO step-up on org switch, and rejects enforcement attempts when no default SSO connection is configured.
Note
Low Risk
Documentation-only changes with no application or auth logic modified.
Overview
Adds a Require SSO section to the dashboard SSO docs (English plus es, fr, and zh locales), placed after JIT provisioning and before SAML group RBAC mapping.
The new content explains how Enterprise admins can turn on Require SSO from the SSO settings page (with an active default SSO connection required to avoid lockout), optionally pick allowed sign-in methods (SSO, password, magic link, Google OAuth) including empty-list and SSO-only save rules, and what happens when a multi-org member on a non-SSO session switches into an SSO-enforced organization (SSO step-up via the IdP).
Reviewed by Cursor Bugbot for commit 316ee9c. Bugbot is set up for automated code reviews on this repo. Configure here.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Add a new "Require SSO" section to the dashboard SSO docs explaining how Enterprise admins can enforce SSO-only sign-in and restrict allowed authentication methods.
Changes
dashboard/sso.mdxcovering: toggling Require SSO from the SSO settings page, choosing allowed auth methods (SSO, password, magic link, Google OAuth), the default-connection requirement, and the SSO step-up behavior when non-SSO users switch into an enforced org.zh/dashboard/sso.mdxandfr/dashboard/sso.mdx.Context
Source PRs:
Note
Low Risk
Documentation-only changes with no application or auth logic modified.
Overview
Adds a Require SSO section to the dashboard SSO docs (English plus
es,fr, andzhlocales), placed after JIT provisioning and before SAML group RBAC mapping.The new content explains how Enterprise admins can turn on Require SSO from the SSO settings page (with an active default SSO connection required to avoid lockout), optionally pick allowed sign-in methods (SSO, password, magic link, Google OAuth) including empty-list and SSO-only save rules, and what happens when a multi-org member on a non-SSO session switches into an SSO-enforced organization (SSO step-up via the IdP).
Reviewed by Cursor Bugbot for commit 316ee9c. Bugbot is set up for automated code reviews on this repo. Configure here.