When Jenkins is configured with SAML authentication, general access to Jenkins from a stand-alone Windows client that is not "logged in" locally is impossible. Because there is no local login session for Jenkins/SAML to use, Jenkins just shows an error. It would be ideal if, when Jenkins was configured this way, it could optionally fall back to another auth mechanism, such as the local Jenkins user DB. The specific use case we're thinking of is when Jenkins build status or dashboards are displayed on a TV for general viewing, using a stand-alone PC. These systems often are not joined to a corporate LDAP server for security reasons.