Hi, I have a nice idea that would increase the security for my scenario (maybe others too)
zammad does not support MFA, so we need to relay on third party integration for this, we use Office365 integration for login (office 365 logic will enforce MFA)
however we can still use the original user/pass fields and login without 365
it would been nice to achieve the following:
our domain is support-example.com (we can choose regular login or office365 login) (we are zammad admin and agents)
our customers have other domains: example1.com example2.com (customers role)
force zammd to allow login for support-example.com only via office365 button (if i use regular login, it will recognize my domain and redirect to office365)
and for all other domains, regular login (no integration) will still work as before
the main goal is to secure our login procedure to use specific IDP with MFA while all other customers can use regular login
this relevant for all versions
Thanks.