diff --git a/ee/api/.gitignore b/ee/api/.gitignore
index f4fc2bc33..06eb982a9 100644
--- a/ee/api/.gitignore
+++ b/ee/api/.gitignore
@@ -236,7 +236,7 @@ Pipfile
 /chalicelib/utils/TimeUTC.py
 /chalicelib/core/heatmaps.py
 /entrypoint.bundle.sh
-#/entrypoint.sh
+/entrypoint.sh
 /env_handler.py
 /chalicelib/blueprints/app/v1_api.py
 /build.sh
diff --git a/ee/api/chalicelib/blueprints/bp_saml.py b/ee/api/chalicelib/blueprints/bp_saml.py
index 8267f3140..5bb42fead 100644
--- a/ee/api/chalicelib/blueprints/bp_saml.py
+++ b/ee/api/chalicelib/blueprints/bp_saml.py
@@ -72,13 +72,13 @@ def process_sso_assertion():
                               name=" ".join(user_data.get("firstName", []) + user_data.get("lastName", [])),
                               internal_id=internal_id)
     else:
-        if existing.get("origin") is None:
-            print(f"== migrating user to {SAML2_helper.get_saml2_provider()} ==")
-            users.update(tenant_id=t['tenantId'], user_id=existing[0]["id"],
-                         changes={"origin": SAML2_helper.get_saml2_provider(), "internal_id": internal_id})
-        elif t['tenantId'] != existing["tenantId"]:
+        if t['tenantId'] != existing["tenantId"]:
             print("user exists for a different tenant")
             return {"errors": ["user exists for a different tenant"]}
+        if existing.get("origin") is None:
+            print(f"== migrating user to {SAML2_helper.get_saml2_provider()} ==")
+            users.update(tenant_id=t['tenantId'], user_id=existing["id"],
+                         changes={"origin": SAML2_helper.get_saml2_provider(), "internal_id": internal_id})
 
     return users.authenticate_sso(email=email, internal_id=internal_id, exp=auth.get_session_expiration())
 
diff --git a/ee/api/chalicelib/core/users.py b/ee/api/chalicelib/core/users.py
index f6f1f28c8..baed9e487 100644
--- a/ee/api/chalicelib/core/users.py
+++ b/ee/api/chalicelib/core/users.py
@@ -388,7 +388,7 @@ def get_members(tenant_id):
                         (CASE WHEN users.role = 'member' THEN TRUE ELSE FALSE END) AS member,
                         DATE_PART('day',timezone('utc'::text, now()) \
                             - COALESCE(basic_authentication.invited_at,'2000-01-01'::timestamp ))>=1 AS expired_invitation,
-                        basic_authentication.password IS NOT NULL AS joined,
+                        basic_authentication.password IS NOT NULL OR users.origin IS NOT NULL AS joined,
                         invitation_token,
                         role_id,
                         roles.name AS role_name
diff --git a/ee/api/entrypoint.sh b/ee/api/entrypoint.sh
deleted file mode 100755
index 57ef8e42f..000000000
--- a/ee/api/entrypoint.sh
+++ /dev/null
@@ -1,4 +0,0 @@
-#!/bin/bash
-python env_handler.py
-#chalice local --no-autoreload --host 0.0.0.0 --stage ${ENTERPRISE_BUILD}
-chalice local --host 0.0.0.0 --stage ${ENTERPRISE_BUILD}