Option to remove non-SAML members when enabling SSO enforcement
What
Allow group admins to choose if they wish to remove existing non-SAML members when they first enable enforced_sso. We'd need to be careful not to remove the group admin themselves, or perhaps offer the option once they have authenticated with SAML.
Why
Gives organizations confidence that all members in the group are using SAML SSO