Enable SAML and exiting Users
I would like to know if it is possible to redirect the login page of Youtrack to the IdP? If not, what is the work around where there are existing user in Youtrack, pre-SAML user, who can still login with their local credentials, and also use SAML? Ideally I would like to have them only use the SAML solution, and avoid giving them the option to login.
Please sign in to leave a comment.
Hi,
I have replied to you in the direct support ticket but will post an answer here too just in case.
It is possible to totally disable the Hub authentication module - in this case, no one will be able to log in with native Hub credentials. To disable it, navigate to the Settings -> Access Management -> Auth modules page, select the Hub module and click "Disable". You can enable it back any time.
Also, you can just delete users' Hub credentials. In this case, logging in through the native Hub login and password will still be enabled but users will not have their Hub credentials anymore. However, they will be able to create them from scratch, so this option is less reliable.
If it happens that your IdP is out of service and you need to log in to YouTrack, you can restore the Hub authentication module by resetting the root account as described here: https://www.jetbrains.com/help/youtrack/standalone/Changing-or-Restoring-Password-and-Permissions-for-Root.html#reset-default-admin-account-standalone.