Redesign the implementation of SSO enforcement
Based on
- Draft: Resolve "Group SAML - Check SSO status o... (!73642 - closed)
- Draft: [POC] Resolve "Group SAML - Check SSO st... (!74240 - closed)
Related to https://docs.gitlab.com/ee/user/group/saml_sso/#sso-enforcement
The SSO enforcement works well for users. When it comes to details or the need for extension, it is challenging.
We wanted to provide SSO enforcement for API activity, but we haven't managed to complete that work.
Our current implementation of SSO enforcement check is not extendable, complicated, and quite confusing when it comes to details. We need to completely redesign and reimplement the SSO enforcement implementation.
TODO: Talk to @bdenkovych or ask him to improve the description of this issue with ideas for a new architecture of the implementation for SSO enforcement.
Edited by Bogdan Denkovych