Skip to main content

Miro SSO issue

  • February 25, 2026
  • 1 reply
  • 7 views
A

Hey all, Hope you are doing well.

So, this case is regarding being able to login into MIRO. So, little background, we had a incident in last year so for that incident as a remediation for that we had to remove users from MIRO. So, right now its configured like this that a user gets added to AD group and through SCIM provisioning he/she gets synced up with SSO and then the user gets able to access MIRO via SSO. But, in this incident, we removed all the users from AD group, so inturn shortly after majority of the users were not able to login into MIRO as SSO is forced for login. But, there was some set of users who accessed the MIRO application by bypassing SSO and they were in the application.

 

I would like to know how this was possible and in which direction I should focus upon?

    1 reply

    Eca
    Mironeer
    Forum|alt.badge.img+2
    • Eca
    • Mironeer
    • February 26, 2026

    Hi ​@AkshayShar 

    Thanks for the detailed explanation — since this involves potential authentication bypass, this is something that really needs to be reviewed by Support directly. They’ll have access to backend information, which we don’t have visibility into here in the Community.

    I recommend opening a support ticket and include the following information to the ticket:

    • Your IdP (e.g., Azure AD / Okta)

    • Confirmation that SSO enforcement is enabled

    • A few example user emails

    • Approximate timestamps of the access

     

    Eca :)

    Join the Miro MCP Challenge!

    Terms & ConditionsAccessibility statement