@Simon_Cossar I will be trying this solution soon. But I am also having a problem with 2FA and SSO.
Do you know if there I a way to make all this work with 2FA (2-factor authentication)?
I have 2FA enable for administrators only, but it creates a loop and admins cannot log in to wp-admin. For all other users, it works fine (but I don’t have 2FA for other users, only admins).
When I disable 2FA for the admins then they can sign in to back-end no problem.
The 2FA is being implemented through iThemes security.
Do you know if there is a way to fix this issue? I want to leave 2FA for all admins because they have access to back end.
And just for a peace of mind, I want to mention that the only reason I am doing this is because I have SSO activated through Wordpress and Wordpress is doing the email verification in addition to that. In addition, I also disabled public registrations meaning that the only way to create an account is through Wordpress.
the setting is by invite only . See below: