I have turned on the new functionality for authentication via single sign on, and it's working great.

One piece that is a bit confusing for my users is the login screen still has an option to log in with a username/password. All the users on my site are authenticating via single-sign on, so it is a bit confusing/unnecessary to have the username/password fields appear.

I could see a couple ways to improve this:

• Add a new configuration option to hide the username/password fields on the login page
• Add a new configuration option to automatically redirect from the login page to the configured Single-Sign On provider. This is how another popular open source project Audiobookshelf does it, and I like their approach: https://www.audiobookshelf.org/guides/oidc_authentication/. There is a setting Auto Launch that enables the automatic redirect. However, there is also a special query parameter that can be added to the end of the login page url ?autoLaunch=0 to disable the automatic redirect. This is useful if you want to keep the auto-generated admin account around and still have the ability to log in with it via username/password