Issue
We've added the SSO/SAML integration with Okta and now authentication no longer works because the domain is locked. Users cannot login. The login box says Single Sign On Enabled and we are no longer prompted for a password.
Resolution
Delete any text from the Email Domain field. This will allow users to log in via the Checkr dashboard or via your identity provider (IdP):
- Log into the Checkr Dashboard as an Admin
- Select Account Settings > Single Sign On
- Delete text from Email Domain field
- Select Save
If you are locked out of your account due to this issue contact Checkr Customer Support for assistance. See Account Settings: Single Sign On for more information
Cause
The Email Domain setting disables Checkr direct login. When a domain is entered in this field, account users will be forced to use SP-initiated SSO to authenticate. This should only be enabled/entered after confirming SSO is fully functioning when initiated via IdP.