I’ve asked for this before, but I’m not sure anyone at LM gets it:
Other multi-IdP connected services prompt for the username first, then based on the username redirect to the appropriate authentication method (local, IdP1, IdP2, etc.). LM still assumes that local logins are the way most people will be doing things, so based on that assumption, they prompt for username and password on the main logon page. If you are SSO (which you might not know you are), you have to click the SSO button to be redirected, put your username in there, then get logged in.
Essentially, the first logon page should look like this:
And if you put in a username that doesn’t match any of the configured IdPs, you get this:
If you were to enter a username that matched a configured IdP, you’d either be
logged in immediately because you’re already authenticated with your IdP
or prompted to log in to your IdP (preferably in a modal that doesn’t lose your original target page in LM) and then logged in to LM
What LM has failed to realize is that this single login page could also provide the ability to manage logins to multiple portals at once (and tie into support portal and community logins). If I provide a username to the logon page, LM can easily figure out which portals I have user accounts in. It could populate a dropdown box listing those portals, defaulting to the one I’ve visited most recently (hello cookies).
Can you imagine going to logon.logicmonitor.com and logging into any/all your portals at once? Can you imagine LM having a single place to login instead of thousands of logon pages that all should be monitored by the portal owners for nefarious activity?