Understanding Login Behavior After Enabling SAML SSO

Applies To: Admins configuring SAML SSO authentication

Overview

This article addresses a common question regarding login methods after enabling SAML Single Sign-On (SSO) integration. Specifically, it clarifies whether users can still access the platform via the default login method after initially logging in through SSO.

Expected Behavior

• SSO-Only Accounts:

Users whose accounts are created via SSO are required to log in using the Student Credentials (SSO) button every time. These users do not have a valid password for the default login form, which is why it returns an "incorrect password" error.

• Default Login Accounts:

Users who originally created their accounts outside of SSO (e.g., manually or via default login) can continue to log in using their email and password via the default login screen, unless SSO enforcement has been enabled.

Recommendation

If your organization is using SSO as the primary authentication method, we recommend disabling the default login method to avoid confusion. This ensures a consistent login experience for users and prevents login errors related to incorrect credentials.

Updated on: 17/12/2025