mirror of
https://github.com/gravitational/teleport
synced 2024-10-21 01:34:01 +00:00
Fix more options for Okta (#3019)
This commit is contained in:
parent
2df2561a51
commit
77d5a8c730
|
@ -56,6 +56,22 @@ We are going to create groups `okta-dev` and `okta-admin`:
|
|||
We are going to map these Okta groups to SAML Attribute statements (special signed metadata
|
||||
exposed via SAML XML response).
|
||||
|
||||
GENERAL
|
||||
|
||||
- Single sign on URL `https://teleport-proxy.example.com:3080/v1/webapi/saml/acs`
|
||||
|
||||
- Audience URI (SP Entity ID)`https://teleport-proxy.example.com:3080/v1/webapi/saml/acs`
|
||||
|
||||
- Name ID format `EmailAddress`
|
||||
|
||||
- Application username `Okta username`
|
||||
|
||||
GROUP ATTRIBUTE STATEMENTS
|
||||
|
||||
- Name: `groups` | Name format: `Unspecified`
|
||||
|
||||
- Filter: `Matches regex` | `.*`
|
||||
|
||||
![Configure APP](img/okta-saml-3.png)
|
||||
|
||||
**Notice:** We have set NameID to email format and mappped groups with wildcard regex in Group Attribute statements.
|
||||
|
|
|
@ -51,6 +51,22 @@ We are going to create two groups: "okta-dev" and "okta-admin":
|
|||
We are going to map the Okta groups we've created above to the SAML Attribute
|
||||
statements (special signed metadata exposed via a SAML XML response).
|
||||
|
||||
GENERAL
|
||||
|
||||
- Single sign on URL `https://teleport-proxy.example.com:3080/v1/webapi/saml/acs`
|
||||
|
||||
- Audience URI (SP Entity ID)`https://teleport-proxy.example.com:3080/v1/webapi/saml/acs`
|
||||
|
||||
- Name ID format `EmailAddress`
|
||||
|
||||
- Application username `Okta username`
|
||||
|
||||
GROUP ATTRIBUTE STATEMENTS
|
||||
|
||||
- Name: `groups` | Name format: `Unspecified`
|
||||
|
||||
- Filter: `Matches regex` | `.*`
|
||||
|
||||
![Configure APP](img/okta-saml-3.png)
|
||||
|
||||
!!! tip "Important":
|
||||
|
|
|
@ -51,6 +51,22 @@ We are going to create two groups: "okta-dev" and "okta-admin":
|
|||
We are going to map the Okta groups we've created above to the SAML Attribute
|
||||
statements (special signed metadata exposed via a SAML XML response).
|
||||
|
||||
GENERAL
|
||||
|
||||
- Single sign on URL `https://teleport-proxy.example.com:3080/v1/webapi/saml/acs`
|
||||
|
||||
- Audience URI (SP Entity ID)`https://teleport-proxy.example.com:3080/v1/webapi/saml/acs`
|
||||
|
||||
- Name ID format `EmailAddress`
|
||||
|
||||
- Application username `Okta username`
|
||||
|
||||
GROUP ATTRIBUTE STATEMENTS
|
||||
|
||||
- Name: `groups` | Name format: `Unspecified`
|
||||
|
||||
- Filter: `Matches regex` | `.*`
|
||||
|
||||
![Configure APP](img/okta-saml-3.png)
|
||||
|
||||
!!! tip "Important":
|
||||
|
|
|
@ -47,6 +47,22 @@ We are going to create two groups: "okta-dev" and "okta-admin":
|
|||
We are going to map the Okta groups we've created above to the SAML Attribute
|
||||
statements (special signed metadata exposed via a SAML XML response).
|
||||
|
||||
GENERAL
|
||||
|
||||
- Single sign on URL `https://teleport-proxy.example.com:3080/v1/webapi/saml/acs`
|
||||
|
||||
- Audience URI (SP Entity ID)`https://teleport-proxy.example.com:3080/v1/webapi/saml/acs`
|
||||
|
||||
- Name ID format `EmailAddress`
|
||||
|
||||
- Application username `Okta username`
|
||||
|
||||
GROUP ATTRIBUTE STATEMENTS
|
||||
|
||||
- Name: `groups` | Name format: `Unspecified`
|
||||
|
||||
- Filter: `Matches regex` | `.*`
|
||||
|
||||
![Configure APP](img/okta-saml-3.png)
|
||||
|
||||
!!! tip "Important":
|
||||
|
|
|
@ -47,6 +47,22 @@ We are going to create two groups: "okta-dev" and "okta-admin":
|
|||
We are going to map the Okta groups we've created above to the SAML Attribute
|
||||
statements (special signed metadata exposed via a SAML XML response).
|
||||
|
||||
GENERAL
|
||||
|
||||
- Single sign on URL `https://teleport-proxy.example.com:3080/v1/webapi/saml/acs`
|
||||
|
||||
- Audience URI (SP Entity ID)`https://teleport-proxy.example.com:3080/v1/webapi/saml/acs`
|
||||
|
||||
- Name ID format `EmailAddress`
|
||||
|
||||
- Application username `Okta username`
|
||||
|
||||
GROUP ATTRIBUTE STATEMENTS
|
||||
|
||||
- Name: `groups` | Name format: `Unspecified`
|
||||
|
||||
- Filter: `Matches regex` | `.*`
|
||||
|
||||
![Configure APP](img/okta-saml-3.png)
|
||||
|
||||
!!! tip "Important":
|
||||
|
|
|
@ -47,6 +47,22 @@ We are going to create two groups: "okta-dev" and "okta-admin":
|
|||
We are going to map the Okta groups we've created above to the SAML Attribute
|
||||
statements (special signed metadata exposed via a SAML XML response).
|
||||
|
||||
GENERAL
|
||||
|
||||
- Single sign on URL `https://teleport-proxy.example.com:3080/v1/webapi/saml/acs`
|
||||
|
||||
- Audience URI (SP Entity ID)`https://teleport-proxy.example.com:3080/v1/webapi/saml/acs`
|
||||
|
||||
- Name ID format `EmailAddress`
|
||||
|
||||
- Application username `Okta username`
|
||||
|
||||
GROUP ATTRIBUTE STATEMENTS
|
||||
|
||||
- Name: `groups` | Name format: `Unspecified`
|
||||
|
||||
- Filter: `Matches regex` | `.*`
|
||||
|
||||
![Configure APP](img/okta-saml-3.png)
|
||||
|
||||
!!! tip "Important":
|
||||
|
|
|
@ -48,6 +48,22 @@ We are going to create two groups: "okta-dev" and "okta-admin":
|
|||
We are going to map the Okta groups we've created above to the SAML Attribute
|
||||
statements (special signed metadata exposed via a SAML XML response).
|
||||
|
||||
GENERAL
|
||||
|
||||
- Single sign on URL `https://teleport-proxy.example.com:3080/v1/webapi/saml/acs`
|
||||
|
||||
- Audience URI (SP Entity ID)`https://teleport-proxy.example.com:3080/v1/webapi/saml/acs`
|
||||
|
||||
- Name ID format `EmailAddress`
|
||||
|
||||
- Application username `Okta username`
|
||||
|
||||
GROUP ATTRIBUTE STATEMENTS
|
||||
|
||||
- Name: `groups` | Name format: `Unspecified`
|
||||
|
||||
- Filter: `Matches regex` | `.*`
|
||||
|
||||
![Configure APP](img/okta-saml-3.png)
|
||||
|
||||
!!! tip "Important":
|
||||
|
|
|
@ -48,6 +48,22 @@ We are going to create two groups: "okta-dev" and "okta-admin":
|
|||
We are going to map the Okta groups we've created above to the SAML Attribute
|
||||
statements (special signed metadata exposed via a SAML XML response).
|
||||
|
||||
GENERAL
|
||||
|
||||
- Single sign on URL `https://teleport-proxy.example.com:3080/v1/webapi/saml/acs`
|
||||
|
||||
- Audience URI (SP Entity ID)`https://teleport-proxy.example.com:3080/v1/webapi/saml/acs`
|
||||
|
||||
- Name ID format `EmailAddress`
|
||||
|
||||
- Application username `Okta username`
|
||||
|
||||
GROUP ATTRIBUTE STATEMENTS
|
||||
|
||||
- Name: `groups` | Name format: `Unspecified`
|
||||
|
||||
- Filter: `Matches regex` | `.*`
|
||||
|
||||
![Configure APP](img/okta-saml-3.png)
|
||||
|
||||
!!! tip "Important":
|
||||
|
|
|
@ -48,6 +48,22 @@ We are going to create two groups: "okta-dev" and "okta-admin":
|
|||
We are going to map the Okta groups we've created above to the SAML Attribute
|
||||
statements (special signed metadata exposed via a SAML XML response).
|
||||
|
||||
GENERAL
|
||||
|
||||
- Single sign on URL `https://teleport-proxy.example.com:3080/v1/webapi/saml/acs`
|
||||
|
||||
- Audience URI (SP Entity ID)`https://teleport-proxy.example.com:3080/v1/webapi/saml/acs`
|
||||
|
||||
- Name ID format `EmailAddress`
|
||||
|
||||
- Application username `Okta username`
|
||||
|
||||
GROUP ATTRIBUTE STATEMENTS
|
||||
|
||||
- Name: `groups` | Name format: `Unspecified`
|
||||
|
||||
- Filter: `Matches regex` | `.*`
|
||||
|
||||
![Configure APP](img/okta-saml-3.png)
|
||||
|
||||
!!! tip "Important":
|
||||
|
|
Loading…
Reference in a new issue