Manage / enable sso authentication at workspace level


As a tenant administrator or user admin i need to be able to manage users authentication mode (sso or exception users) at workspace level instead of model level.

Currently this is managed at the model level with 2 consequences :

- inconsistency and session crash : if a user is sso enabled on one workspace and sso disabled in another, the user loging in using one method or the other will result in a crash error when trying to switch to a model not consistent with how the user is logged in

- security and governance : at a tenant level, we cannot audit easily whether all users are compliant with a "all users are sso" policy type (with the exception of visiting users having to be non sso).

This is requested so that anaplan s platform capabilities are aligned with users and security governance and compliance required from an enterprise wise platform solution

2 votes

New · Last Updated


  • Not sure if I understand… SSO is managed on Workspace level. If a user is set to SSO in 1 workspace, it will apply to all models.

  • That is correct, I had a different behaviour in my mind ! I will amend the idea then to reflect that.

  • Amended the idea.

    The aim would be that security admin (like certificates, users creation and disabling, access grants...) could be managed through the admin console, instead of the current hybrid model + admin console

Get Started with Idea Exchange

See our Submission Guidelines and Idea Evaluation Criteria, then start posting your own ideas and showing support for others!