We’ve just implemented Okta as an identity provider for our Octopus Deploy server. We now wish to turn off forms authentication. Following this (https://octopus.com/docs/administration/authentication-providers/active-directory-authentication#ActiveDirectoryauthentication-Forms-basedauthenticationwithActiveDirectory), I’ve run the 3 required commands (see attached screenshot for output). However when I go to log-in the form still displays and I can still login with my OD username and password.
Octopus Deploy v4.1.3.
Thanks for getting in touch. Unfortunately, the setting you’re using there only applies when using Active Directory authentication (you can see it in the Active Directory area in the Configuration -> Settings in v4).
From the screenshot you’ve attached I can see that the Username/Password provider is still enabled. You can disable it from the command line if you like, or as of v4 you can edit all of the authentication provider settings in the Configuration -> Settings pages. As of v4 you also do not need to restart the server for these changes to take effect, I’ve just made a note to go and update these docs so that’s clearer.
Another setting that you may be interested in is in Configuration -> Settings -> Authentication, and relates to Auto Login. In the case where you’re only using Okta, this would skip the users past the Octopus login page and go straight to Okta when authentication is required (i.e. they won’t have to explicitly push the Okta button on the Octopus UI). This may or may not suit your needs, but thought I’d mention it in case you hadn’t come across it.
Hope all that helps and please let me know if I can be of further assistance.
Thanks for the prompt and helpful reply. That’s solved it. The extra info about Auto Login is also helpful.