Can I force users to login with Federated SSO only?
|Knowledge Article Number||000003861|
Some organizations have a requirement to force users to login to Salesforce using SAML Assertion / Federated SSO only, and to restrict them from logging in using the standard salesforce login (login.salesforce.com), while using Federated SSO.
This can be achieved by using the 'mydomain' feature. In summary, you must restrict users from using "login.salesforce.com", forcing them to use your own Identity Provider's login URL for authentication.
Doing this will result in the following behaviour:
Here are the steps to implement this: