Force ThirdParty login for specific domain (SAML, O365, Google, etc')

Hi, I have a nice idea that would increase the security for my scenario (maybe others too)

zammad does not support MFA, so we need to relay on third party integration for this, we use Office365 integration for login (office 365 logic will enforce MFA)

however we can still use the original user/pass fields and login without 365

it would been nice to achieve the following:

our domain is support-example.com (we can choose regular login or office365 login) (we are zammad admin and agents)
our customers have other domains: example1.com example2.com (customers role)

force zammd to allow login for support-example.com only via office365 button (if i use regular login, it will recognize my domain and redirect to office365)

and for all other domains, regular login (no integration) will still work as before

the main goal is to secure our login procedure to use specific IDP with MFA while all other customers can use regular login

this relevant for all versions

Thanks.

1 Like