In our environment, we have implemented SSO login via Microsoft Entra ID for DNSFilter. It would be useful to allow DNSFilter administrators to control authentication methods per user directly within DNSFilter, independently of Entra ID. Specifically, administrators should be able to define whether a user can authenticate: • only via Entra ID (SSO), or • only via local, application-specific credentials. This capability would improve access governance and support scenarios such as break-glass accounts and external users, while maintaining Entra ID SSO as the primary authentication method.
