The default configuration most customers use for SSO with us is to have SSO as the only way to authenticate to Reclaim. We realize calendar and authentication configurations can be complex so we're try to enable a flexible model to support all use cases.
We have an option when enabling SSO for our customers to leave the default Google authentication enabled in ADDITION to the SSO provider as a valid login mechanism.
Why would someone want this? Here are some examples of when a customer may want to consider this:
The customer is a larger organization with multiple teams, and they want to enable SSO only for a specific team at this time. This single team with SSO enabled could be for testing, for a trial, or a few other reasons, but this allows people outside the team in the organization to still use, and sign-up for Reclaim.
There are users in your organization who have an email address and a connected calendar from your domain, but their primary email address with Reclaim is NOT on your domain. This is often the case with 3rd party consultants who may have an email address provided by you.
The customers simply want to allow their users to authenticate with their personal, or other Gmail address not associated with your Organization.