Disabling "Require SSO" option is not honored, SSO is still (apparently) required

[rdsedmundo]

Environment

SaaS (https://sentry.io/)

Steps to Reproduce

This is essentially a long-standing bug that had already been reported here in #4633, I don't think it should've been closed.

1. Enable SSO for an organization.
2. Uncheck "Require SSO" ('Require members use a valid linked SSO account to access this organization').

Expected Result

Both options of using email/password and SSO should be allowed if the option is not checked.

We confirmed that via https://sentry.io/auth/login users are able to get in.

Actual Result

Only SSO is provided, as if "Require SSO" was enabled. We want to be able to log via SSO for internal users, but also allow external parties to register via email. If they access the login page without using the SaaS subdomain it works, which makes the whole experience really odd (see last screenshot).

Configuration:

Result:

Product Area

Sign In

Link

No response

DSN

No response

Version

No response

[getsantry]

Assigning to @getsentry/support for routing ⏲️

[getsantry]

Routing to @getsentry/product-owners-settings-auth for triage ⏲️

[getsantry]

Routing to @getsentry/product-owners-sign-in for triage ⏲️

[leedongwei]

Thanks for the report! We are aware of this issue and taking it into account for the redesign of our auth experience.