When a workspace is assigned to SSO, all users are selected as an SSO user by default. Once SSO is set up, exception users can log in using SSO or log in using the standard login mechanism at the Anaplan URL: https://sdp.anaplan.com/frontdoor/login.
Note: Exception Users should only be used for emergency or support situations and therefore the number of exception users should ideally be kept to a minimum.
To assign a user as an Exception User, clear the Single Sign-on checkbox for that user in the Users tab within Settings.
Warning: Once SSO is set up, users can only access Anaplan using SSO unless they are an Exception User. We therefore recommend that your organization assigns at least one exception user.
Your business must schedule an appropriate time to enforce SSO. It is essential that your organization educates end-users on accessing the Friendly URL.
Enforce SSO Authentication
By default all users are assigned as an SSO user. If you need to enforce SAML SSO authentication for an Exception User so that they can no longer use the standard login mechanism at the Anaplan URL:
Click Settings > Users
Select the Single Sign-on checkbox of the Exception User user for which you want to enforce SSO.
If you have more than one workspace, repeat this step for each workspace.
Note: This associates SSO with a model to which the user has access in the workspace. Once SSO is enforced for a user, they cannot log in with their user name and password at the Anaplan URL.