- Ably FAQs
- Account and app setup and configuration
- Accounts and apps
-
Account billing and packages
-
General
-
Realtime API and client libraries
-
Troubleshooting
-
Channels
-
REST API and client libraries
-
Ably error codes
-
Account and app setup and configuration
-
Ably architecture, transports, and security
-
Performance and Redundancy
-
Push Notifications
-
Reactor Queues, Events and Firehose
-
Migrating to Ably from an existing service
-
API Streamer
-
Connections
How can I force all account users to authenticate with SSO?
A setting called Strict Mode allows accounts to restrict access to only those members that are currently authenticated with the account's IdP (e.g. Okta). Members authenticated with other providers (e.g. email/password or Google/GitHub/Twitter) will be forced to re-authenticate with their IdP when accessing the account.
This allows companies to have full control over access to their Ably accounts. If a user is removed from the IdP, he will no longer be able to access the account once his current session expires.
To enable Strict Mode:
- Navigate to the Home → Account Settings page.
- Toggle Enable Strict Mode? (note: this setting only appears if SSO is activated)
Note: Account owners can access account resources regardless of their current authentication method.