diff --git a/docs/documentation/platform/sso/azure.mdx b/docs/documentation/platform/sso/azure.mdx
index 35f287cdfa..25303fed6c 100644
--- a/docs/documentation/platform/sso/azure.mdx
+++ b/docs/documentation/platform/sso/azure.mdx
@@ -101,6 +101,11 @@ description: "Configure Azure SAML for Infisical SSO"
To enforce SAML SSO, you're required to test out the SAML connection by successfully authenticating at least one Azure user with Infisical;
Once you've completed this requirement, you can toggle the **Enforce SAML SSO** button to enforce SAML SSO.
+
+
+ We recommend ensuring that your account is provisioned the application in Azure
+ prior to enforcing SAML SSO to prevent any unintended issues.
+
diff --git a/docs/documentation/platform/sso/jumpcloud.mdx b/docs/documentation/platform/sso/jumpcloud.mdx
index 0366bbf7f0..d25ec0b6da 100644
--- a/docs/documentation/platform/sso/jumpcloud.mdx
+++ b/docs/documentation/platform/sso/jumpcloud.mdx
@@ -81,6 +81,11 @@ description: "Configure JumpCloud SAML for Infisical SSO"
To enforce SAML SSO, you're required to test out the SAML connection by successfully authenticating at least one JumpCloud user with Infisical;
Once you've completed this requirement, you can toggle the **Enforce SAML SSO** button to enforce SAML SSO.
+
+
+ We recommend ensuring that your account is provisioned the application in JumpCloud
+ prior to enforcing SAML SSO to prevent any unintended issues.
+
diff --git a/docs/documentation/platform/sso/okta.mdx b/docs/documentation/platform/sso/okta.mdx
index 354cc18000..bac8efb684 100644
--- a/docs/documentation/platform/sso/okta.mdx
+++ b/docs/documentation/platform/sso/okta.mdx
@@ -84,6 +84,11 @@ description: "Configure Okta SAML 2.0 for Infisical SSO"
To enforce SAML SSO, you're required to test out the SAML connection by successfully authenticating at least one Okta user with Infisical;
Once you've completed this requirement, you can toggle the **Enforce SAML SSO** button to enforce SAML SSO.
+
+
+ We recommend ensuring that your account is provisioned the application in Okta
+ prior to enforcing SAML SSO to prevent any unintended issues.
+
diff --git a/frontend/src/views/Org/MembersPage/components/OrgMembersTab/components/OrgMembersSection/OrgMembersSection.tsx b/frontend/src/views/Org/MembersPage/components/OrgMembersTab/components/OrgMembersSection/OrgMembersSection.tsx
index 246922b586..c73376aba8 100644
--- a/frontend/src/views/Org/MembersPage/components/OrgMembersTab/components/OrgMembersSection/OrgMembersSection.tsx
+++ b/frontend/src/views/Org/MembersPage/components/OrgMembersTab/components/OrgMembersSection/OrgMembersSection.tsx
@@ -46,7 +46,7 @@ export const OrgMembersSection = () => {
const handleAddMemberModal = () => {
if (currentOrg?.authEnforced) {
createNotification({
- text: "You cannot invite users when org-level auth is configured for your organization",
+ text: "You cannot manage users from Infisical when org-level auth is enforced for your organization",
type: "error"
});
return;
diff --git a/frontend/src/views/Org/MembersPage/components/OrgMembersTab/components/OrgMembersSection/OrgMembersTable.tsx b/frontend/src/views/Org/MembersPage/components/OrgMembersTab/components/OrgMembersSection/OrgMembersTable.tsx
index 5469bbf05e..0f9cfe0438 100644
--- a/frontend/src/views/Org/MembersPage/components/OrgMembersTab/components/OrgMembersSection/OrgMembersTable.tsx
+++ b/frontend/src/views/Org/MembersPage/components/OrgMembersTab/components/OrgMembersSection/OrgMembersTable.tsx
@@ -231,6 +231,14 @@ export const OrgMembersTable = ({ handlePopUpOpen, setCompleteInviteLink }: Prop
{(isAllowed) => (
{
+ if (currentOrg?.authEnforced) {
+ createNotification({
+ text: "You cannot manage users from Infisical when org-level auth is enforced for your organization",
+ type: "error"
+ });
+ return;
+ }
+
handlePopUpOpen("removeMember", { orgMembershipId, email });
}}
size="lg"