self-hosted/teleport
self-hosted/teleport
1
0
Fork 0
mirror of https://github.com/gravitational/teleport synced 2024-10-21 01:34:01 +00:00
Code Issues Packages Projects Releases Wiki Activity

Fix more options for Okta (#3019)

Browse source
This commit is contained in:
Ben Arent 2019-09-24 16:42:52 -07:00 committed by Alexander Klizhentas
parent 2df2561a51
commit 77d5a8c730
9 changed files with 144 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

16
docs/2.0/saml.md
View file

@ -56,6 +56,22 @@ We are going to create groups `okta-dev` and `okta-admin`:
We are going to map these Okta groups to SAML Attribute statements (special signed metadata
exposed via SAML XML response).
GENERAL
- Single sign on URL `https://teleport-proxy.example.com:3080/v1/webapi/saml/acs`
- Audience URI (SP Entity ID)`https://teleport-proxy.example.com:3080/v1/webapi/saml/acs`
- Name ID format `EmailAddress`
- Application username `Okta username`
GROUP ATTRIBUTE STATEMENTS
- Name: `groups` | Name format: `Unspecified`
- Filter: `Matches regex` | `.*`
![Configure APP](img/okta-saml-3.png)
**Notice:** We have set NameID to email format and mappped groups with wildcard regex in Group Attribute statements.

16
docs/2.3/saml.md
View file

@ -51,6 +51,22 @@ We are going to create two groups: "okta-dev" and "okta-admin":
We are going to map the Okta groups we've created above to the SAML Attribute
statements (special signed metadata exposed via a SAML XML response).
GENERAL
- Single sign on URL `https://teleport-proxy.example.com:3080/v1/webapi/saml/acs`
- Audience URI (SP Entity ID)`https://teleport-proxy.example.com:3080/v1/webapi/saml/acs`
- Name ID format `EmailAddress`
- Application username `Okta username`
GROUP ATTRIBUTE STATEMENTS
- Name: `groups` | Name format: `Unspecified`
- Filter: `Matches regex` | `.*`
![Configure APP](img/okta-saml-3.png)
!!! tip "Important":

16
docs/2.4/saml.md
View file

@ -51,6 +51,22 @@ We are going to create two groups: "okta-dev" and "okta-admin":
We are going to map the Okta groups we've created above to the SAML Attribute
statements (special signed metadata exposed via a SAML XML response).
GENERAL
- Single sign on URL `https://teleport-proxy.example.com:3080/v1/webapi/saml/acs`
- Audience URI (SP Entity ID)`https://teleport-proxy.example.com:3080/v1/webapi/saml/acs`
- Name ID format `EmailAddress`
- Application username `Okta username`
GROUP ATTRIBUTE STATEMENTS
- Name: `groups` | Name format: `Unspecified`
- Filter: `Matches regex` | `.*`
![Configure APP](img/okta-saml-3.png)
!!! tip "Important":

16
docs/2.5/ssh_okta.md
View file

@ -47,6 +47,22 @@ We are going to create two groups: "okta-dev" and "okta-admin":
We are going to map the Okta groups we've created above to the SAML Attribute
statements (special signed metadata exposed via a SAML XML response).
GENERAL
- Single sign on URL `https://teleport-proxy.example.com:3080/v1/webapi/saml/acs`
- Audience URI (SP Entity ID)`https://teleport-proxy.example.com:3080/v1/webapi/saml/acs`
- Name ID format `EmailAddress`
- Application username `Okta username`
GROUP ATTRIBUTE STATEMENTS
- Name: `groups` | Name format: `Unspecified`
- Filter: `Matches regex` | `.*`
![Configure APP](img/okta-saml-3.png)
!!! tip "Important":

16
docs/2.7/ssh_okta.md
View file

@ -47,6 +47,22 @@ We are going to create two groups: "okta-dev" and "okta-admin":
We are going to map the Okta groups we've created above to the SAML Attribute
statements (special signed metadata exposed via a SAML XML response).
GENERAL
- Single sign on URL `https://teleport-proxy.example.com:3080/v1/webapi/saml/acs`
- Audience URI (SP Entity ID)`https://teleport-proxy.example.com:3080/v1/webapi/saml/acs`
- Name ID format `EmailAddress`
- Application username `Okta username`
GROUP ATTRIBUTE STATEMENTS
- Name: `groups` | Name format: `Unspecified`
- Filter: `Matches regex` | `.*`
![Configure APP](img/okta-saml-3.png)
!!! tip "Important":

16
docs/3.0/ssh_okta.md
View file

@ -47,6 +47,22 @@ We are going to create two groups: "okta-dev" and "okta-admin":
We are going to map the Okta groups we've created above to the SAML Attribute
statements (special signed metadata exposed via a SAML XML response).
GENERAL
- Single sign on URL `https://teleport-proxy.example.com:3080/v1/webapi/saml/acs`
- Audience URI (SP Entity ID)`https://teleport-proxy.example.com:3080/v1/webapi/saml/acs`
- Name ID format `EmailAddress`
- Application username `Okta username`
GROUP ATTRIBUTE STATEMENTS
- Name: `groups` | Name format: `Unspecified`
- Filter: `Matches regex` | `.*`
![Configure APP](img/okta-saml-3.png)
!!! tip "Important":

16
docs/3.1/ssh_okta.md
View file

@ -48,6 +48,22 @@ We are going to create two groups: "okta-dev" and "okta-admin":
We are going to map the Okta groups we've created above to the SAML Attribute
statements (special signed metadata exposed via a SAML XML response).
GENERAL
- Single sign on URL `https://teleport-proxy.example.com:3080/v1/webapi/saml/acs`
- Audience URI (SP Entity ID)`https://teleport-proxy.example.com:3080/v1/webapi/saml/acs`
- Name ID format `EmailAddress`
- Application username `Okta username`
GROUP ATTRIBUTE STATEMENTS
- Name: `groups` | Name format: `Unspecified`
- Filter: `Matches regex` | `.*`
![Configure APP](img/okta-saml-3.png)
!!! tip "Important":

16
docs/3.2/ssh_okta.md
View file

@ -48,6 +48,22 @@ We are going to create two groups: "okta-dev" and "okta-admin":
We are going to map the Okta groups we've created above to the SAML Attribute
statements (special signed metadata exposed via a SAML XML response).
GENERAL
- Single sign on URL `https://teleport-proxy.example.com:3080/v1/webapi/saml/acs`
- Audience URI (SP Entity ID)`https://teleport-proxy.example.com:3080/v1/webapi/saml/acs`
- Name ID format `EmailAddress`
- Application username `Okta username`
GROUP ATTRIBUTE STATEMENTS
- Name: `groups` | Name format: `Unspecified`
- Filter: `Matches regex` | `.*`
![Configure APP](img/okta-saml-3.png)
!!! tip "Important":

16
docs/4.0/ssh_okta.md
View file

@ -48,6 +48,22 @@ We are going to create two groups: "okta-dev" and "okta-admin":
We are going to map the Okta groups we've created above to the SAML Attribute
statements (special signed metadata exposed via a SAML XML response).
GENERAL
- Single sign on URL `https://teleport-proxy.example.com:3080/v1/webapi/saml/acs`
- Audience URI (SP Entity ID)`https://teleport-proxy.example.com:3080/v1/webapi/saml/acs`
- Name ID format `EmailAddress`
- Application username `Okta username`
GROUP ATTRIBUTE STATEMENTS
- Name: `groups` | Name format: `Unspecified`
- Filter: `Matches regex` | `.*`
![Configure APP](img/okta-saml-3.png)
!!! tip "Important":