Get help on Discord

How to revert from Okta SSO to Google Auth after deleting SAML config?

9 replies
Last updated: Jun 27, 2023
Hello - I ran into an issue while trying to set up Okta SSO and tried to back it out. I deleted the SAML SSO config, but when I invite a new user via email they're being recreated as an SSO user. Is there a way that I can revert this so they can use Google Auth?
AI Update

I understand this is a frustrating situation! When you delete a SAML SSO configuration, there can be some lingering settings that cause newly invited users to still be created as SSO users instead of regular users who can use Google Auth or email/password login.

Here's what's likely happening and how to fix it:

The Issue

When SAML SSO is configured for an organization in Sanity, it becomes the default authentication method. Even after deleting the SAML configuration, the organization may still have SSO as the preferred login method, which is why new invites are creating SSO users.

How to Fix It

  1. Check Organization Settings: Go to Sanity Manage and navigate to your organization's settings. Look for any remaining SSO-related settings under Settings β†’ SAML SSO or authentication preferences. Make sure everything related to SAML is fully disabled/removed.

  2. Contact Sanity Support: Since SAML SSO is an enterprise feature available on Business and Enterprise plans, some aspects of the configuration may require support intervention to fully reset. Reach out to Sanity support through the help menu in Manage or via email - they can verify that all SSO settings are completely removed from your organization.

  3. Re-invite Users: Once the SSO configuration is fully cleared, you'll need to re-invite the affected users. The new invitations should create standard user accounts that can authenticate via Google Auth or other standard methods.

Why This Happens

SAML SSO in Sanity works at the organization level and changes how users are provisioned. When enabled, it becomes the primary authentication method and can affect how user accounts are created even after the configuration appears to be removed from the UI.

The support team should be able to quickly verify your organization's authentication settings and ensure everything is properly reverted to standard authentication methods. They deal with these types of configuration reversals regularly and can make sure there are no hidden settings causing the issue.

Show original thread
9 replies
Hi (Removed Name). Has this step been reverted back?
Hi (Removed Name) - Yes
What about the 
auth
key in your sanity.config.ts file?
I never actually completed that step to begin with.
Ah, okay thank you.
I just had the user delete their account on their end and re-sent the invite. I'll let you know if that works 🀞
Recreating the account worked!
Nice! Thanks for letting us know!
I may be back when I reattempt this again πŸ˜…
Thanks for your help!

Sanity – Build the way you think, not the way your CMS thinks

Sanity is the developer-first content operating system that gives you complete control. Schema-as-code, GROQ queries, and real-time APIs mean no more workarounds or waiting for deployments. Free to start, scale as you grow.

Get started for freeExplore the demo

Was this answer helpful?