STEP 3: Enabling to Use Only SAML Authentication When Logging In

Article Number:02036

You can configure to use only SAML authentication when logging in to Kintone.
If this setting is enabled, users will not be able to log in to the service using password authentication. The setting is disabled by default.

APIs Affected by This Restriction

If you enable "Require SAML authentication", running REST API with password authentication will be allowed to only Kintone Users & System Administrators.
If you don't want to restrict users to run API, leave "Require SAML authentication" disabled.

Enabling the Restriction to Use Only SAML Authentication When Logging In

  1. Configure SAML authentication.
    For details, refer to Configuring SAML authentication inKintone.
    You cannot go to Step 2 without completing the SAML authentication configuration.

  2. Click gear shaped administration menu icon in the header.

  3. Click "Users & System Administration".

  4. Click Login. Example of menu

  5. Confirm that "Enable SAML authentication" is enabled.

  6. Select "Require SAML authentication".
    Image of the option being enabled

  7. Notify users that they need to enter the login information of the SAML IdP when they log in to Kintone.

URL to Skip SAML Authentication

Kintone Users & System Administrators can still log in to Kintone using password authentication even if the "Require SAML authentication" option is enabled.

  1. Access the URL below.
    https://(subdomain_name).kintone.com/login?saml=off
  2. Log in to Kintone using the login name and password registered in Kintone Users & System Administration.

This URL is used to avoid the situation where no one can log in to Kintone after the failure of SAML authentication. You cannot disable this feature.