Support for User Groups with Separate Authentication Configurations
Currently Atlas only uses a single (flat) user group which only allows for 1 type of authentication per Organization.
However if Federated Authentication is enabled, the authentication mechanism in Atlas is bypassed for the IdP based on the domain name of the user and the configuration of Atlas Authentication.
This causes a problem if there are multiple groups of users who all share a domain name, some of whom are registered in an IdP, and some of whom are not registered in an IdP (for example users in 2 divisions of the same company).
In this scenario, users who are not registered in the IdP are not able to log in.
Implement User Groups in Atlas with separate configuration settings, so that if 1 group enables Federated Authentication, they will not impact any other groups, even if they all share the same domain name in the user accounts.
I ran into the same issue. Ideally there'd be an option where the Atlas login page doesn't forward users with emails in my domain to my IdP, but I can still log in using my IdP's Login URL.