make the SSO user setting just like the Workspace Admin: unchangeable by yourself on your user

make the SSO user setting just like the Workspace Admin: unchangeable by yourself on your user

Years ago, Anaplan users used to remove their own model builder accesses, sometimes leaving the workspace without any MB to give it back.

Anaplan updated the platform so that you cannot remove your own WSA access. 

Anaplan should do the same for SSO login: today if you check the SSO and you don't belong to the workspace (partner/Anaplan users), you cannot access it back.

5 Comments
Miran
Super Contributor
 
Status changed to: Your support is needed
andrewtye
Master Anaplanner/Community Boss

@nathan_rudman - there's also this on #IdeaExchange which I think is covering off some of the same suggestion... https://community.anaplan.com/t5/Idea-Exchange/Add-default-Security-Admin-and-Data-Admin-roles-to-su...

connie.j
Occasional Contributor

We are planning to move this functionality from the model and surface it in Tenant Administration.  This means only Tenant Security Administrators are allowed to configure users for SSO (or for the ability to bypass SSO).

Status changed to: Considered for Future Roadmap
david.savarin
Regular Contributor

That s definetely the way to go to get the sso settings accessible through a security admin, not model builders

connie.j
Occasional Contributor

Our roadmap includes moving this setting to Administration in our new SS SAML configuration.  As part of setting up an SSO connection in Admin, the Tenant Security Admin can specify which users should be exception users for that connection (which can be associated with one or more workspaces).

Status changed to: On Roadmap