Type of feedback
Design
Feedback
When I invite new admins, the link in their invitation lands on a sign in page that prominently invites them to “sign up” using their Google credentials. After doing so, they are trapped in a free individual instance of Cloudflare and cannot access our company instance. Why? My company generally uses SSO (Google), which is why the new admins go that route. But because we do not have a Cloudflare Enterprise license we can’t setup SSO for our Cloudflare dashboard; instead we rely on email/password and MFA. Because setting up MFA to enter our company dashboard requires you to enter your password, the new admin who signed up via SSO can’t get into our company account. When they try to reset (ie create) a password in their individual/personal instance, it requires their “old password” (despite being authenticated via SSO). It looks like they can’t delete/forget themselves and start over with email/password sign up - there is a warning that your email will still be recognized if you try to re-sign-up after deletion; KB docs indicate that emails are retained for up to a YEAR after deletion. If we lift the MFA requirement temporarily, after putting it back in place the new admin is still trapped. We gave up trying to fix it and added my colleague using an alternative email and will need to verbally warn all new admins to NOT sign up using their Google credentials.
My request: review this authentication trap and either 1) recognize the SSO authentication in place of prompting for password on the MFA and password reset page or 2) allow a user to trigger a password reset email (for ID validation without requiring their old password, which does not exist).