While managing workspaces in the Single Sign-On (SSO) settings, it was discovered that clicking the "minus" sign next to a workspace immediately removes it from the SSO configuration. This action can be easily mistaken for an expansion feature and currently happens without any confirmation popup or warning. Such a critical action can unintentionally remove user access, potentially leading to P1/P2 incidents. Additionally, this event is not captured in the audit logs, making it difficult to trace or investigate after the fact.
How often is this impacting your users?
This can impact any admin performing SSO configuration changes, especially during routine workspace management.
Who is this impacting?
Admins, tenant security teams, and any users relying on stable SSO access.
Ideal Solution:
Introduce a mandatory confirmation popup before removing a workspace from SSO, and ensure all such actions are logged in the audit logs for traceability.
Attachment:
(Include the provided screenshot showing the SSO workspace management page)
