In clouds with external authentication enabled, any domain account can, by default, log in to your Perfecto cloud URL (for example clouldname.app.perfectomobile.com). This gives all domain users access to the Manual Testing, Scriptless, and Test Analysis views of the cloud, where they can consume licenses for web cradles. In addition, in the Live Stream, existing test executions are visible to those users even if they do not have admin privileges.
Solution
Your organization's local IdP (Identity Provider) should make configuration changes to restrict access to the Perfecto cloud URL to prevent unauthorized cloud users that have a functional domain account from accessing sensitive information. We suggest that you engage your organization's security team to allow or restrict access to the Perfecto cloud URL as appropriate to control the usage of the site. For more information, see the New users section of the Perfecto SSO for external IdP article.
