I am looking at enabling SSO, but I wanted to clear up a few things. Everything is well documented except for the actual user experience. Question 1: Can someone clarify the user experience flow for SSO enabled orgs? Current: User enters email into dashboard.meraki.com, clicks next User enters password, clicks next User prompted to select org, pick the org User taken to org SSO enabled: User enters email into dashboard.meraki.com, clicks next Redirected to IdP process??? ??? ??? Question 2: How are multiple orgs handled if some have SSO and some don't? The part I am confused about is with Meraki you do not claim a domain (org such as @Acme.com). If email@example.com is an admin on a few orgs, some of which have SSO and some don't, how does the dashboard process know to invoke SSO or not? Other sites, like Cisco's Webex or Microsoft's O365, you actually claim "acme.com" as a company/org, so that anytime someone enters an @Acme.com email it will redirect to their respective IdP for authentication and authorization. In the case of Meraki, you are setting SSO parameters at the org level. Wouldn't it be possible to have multiple email domains within a specific org, and if so, how does that bubble up? Note, I am not a MSP but instead a customer. However, we might have a few orgs where we do not want SSO. We have also had access to other orgs without SSO, such as a company acquisition or joint venture type of scenario. Thanks in advance!
... View more