Thank you!

Thank you! I didn't see it, so I created a new request. Cheers!

Yes, we do not want to have separate usernames + Google Authenticator OTP codes. It suffices for now, but we have increased security requirements coming from our customer that require biotmetric authentication to access their systems. We are implementing these changes and have a SAML provider that does this for us, but we need our systems to suppor SAML 2.0 authentication to make this happen.

Recently, Google OTP codes were hacked in the wild and these are starting to get labeled as less secure than other methods (like how SMS is no longer considered secure). Our requirement needs to allow us to FORCE SAML authentication and turn off the use of Username+Password+OTP Codes.