Description of enhancement: The login page at anaplan.com should provide options for SSO (Single Sign On) users to log in Why enhancement is required: Users who require SSO may still go to anaplan.com and assume they can log in. They'll try various passwords, eventually locking themselves out. There is no indication that SSO is never going to work from this page. User and admin frustration escalates. Why this is a security problem: In fruitless attempts to log in, uers will try password that are for non-anaplan services, thus sending valid credentials to anplan which could be logged or abused. Possible implementation: Anaplan knows your IDP based on your email address, so it has the information required to send you to the right place. The only piece that is missing is the UI. There are many options other providers use, such as the following: A "Login with SSO" button is shown on the username/password page. When clicked, it takes you to a page where you can put in your email address. Once input, it does an SP initiated login for your specific IDP. On the existing username/password page, once the email address is specified an ajax call is made to determine if the user has SSO enabled, and if so does an SP initiated login rather than allowing a password.
... View more