Enforce Direct Sign-on List Toggle

We know how important it is to control who can access your Domo instance and how they sign in. The Direct Sign-on List is a powerful tool for this: when enforced, only users on the List (plus Admins) can log in with Domo credentials, while everyone else must use SSO. But we’ve made managing this feature even more straightforward.

Previously, enforcement of the Direct Sign-on List was tied to your SAML configuration, creating a hidden dependency that made it unclear when the List was actually active. This sometimes led to unexpected sign-in behavior or confusion about who could access what.

That’s why we’ve introduced the Enforce Direct Sign-on List toggle. Turn it on, and the list is enforced. Turn it off, and it isn’t. No hidden dependencies, no surprises. When toggled on, the “Use Direct Sign-on” link now always appears on the Domo login page, even if no users are on the Direct Sign-on List. Previously, this link only appeared if at least one user was included on the list. The toggle only activates when OIDC or SAML is enabled, preventing accidental lockouts. If your instance was already enforcing the list, the toggle starts in the "on" position—your existing authentication flows continue working exactly as before.

Greater transparency in your authentication configuration means faster setup, easier troubleshooting, and more confidence in managing access. You'll find the toggle in Admin Settings > Authentication > Single Sign-On (SSO) > Configuration, with the Direct Sign-on List managed in the same section.