Our Box account was recently administered by a user ending in “@relateddomain.com” and had access to all of the admin settings in Box. This was one of the proxy addresses for that user in our Entra tenant.
After enabling SSO and provisioning, the user associated with that “@relateddomain.com” email address was provisioned by into Box by Entra as a separate user. However, their UserPrincipalName ends in “@maindomain.com” which forces the SSO login workflow.
Currently, when our admin tries to login to the initial “@relateddomain.com” address he is able to use the user:password method, but once the user:pass is verified it seems like the SAML login workflow is followed and he is instead logged in to the other provisioned account with less admin rights. This happens in an Incognito browser as well. This effectively means we cannot reach the settings to allow any users to bypass SSO or disable it entirely.
How can we regain access to our admin settings in order to fix this?
Thanks
