From 77d5a8c7307fd8fb1a44cd27a413f32ebbc25209 Mon Sep 17 00:00:00 2001 From: Ben Arent Date: Tue, 24 Sep 2019 16:42:52 -0700 Subject: [PATCH] Fix more options for Okta (#3019) --- docs/2.0/saml.md | 16 ++++++++++++++++ docs/2.3/saml.md | 16 ++++++++++++++++ docs/2.4/saml.md | 16 ++++++++++++++++ docs/2.5/ssh_okta.md | 16 ++++++++++++++++ docs/2.7/ssh_okta.md | 16 ++++++++++++++++ docs/3.0/ssh_okta.md | 16 ++++++++++++++++ docs/3.1/ssh_okta.md | 16 ++++++++++++++++ docs/3.2/ssh_okta.md | 16 ++++++++++++++++ docs/4.0/ssh_okta.md | 16 ++++++++++++++++ 9 files changed, 144 insertions(+) diff --git a/docs/2.0/saml.md b/docs/2.0/saml.md index 9f77b5fbc39..740784f21eb 100644 --- a/docs/2.0/saml.md +++ b/docs/2.0/saml.md @@ -56,6 +56,22 @@ We are going to create groups `okta-dev` and `okta-admin`: We are going to map these Okta groups to SAML Attribute statements (special signed metadata exposed via SAML XML response). +GENERAL + +- Single sign on URL `https://teleport-proxy.example.com:3080/v1/webapi/saml/acs` + +- Audience URI (SP Entity ID)`https://teleport-proxy.example.com:3080/v1/webapi/saml/acs` + +- Name ID format `EmailAddress` + +- Application username `Okta username` + +GROUP ATTRIBUTE STATEMENTS + +- Name: `groups` | Name format: `Unspecified` + +- Filter: `Matches regex` | `.*` + ![Configure APP](img/okta-saml-3.png) **Notice:** We have set NameID to email format and mappped groups with wildcard regex in Group Attribute statements. diff --git a/docs/2.3/saml.md b/docs/2.3/saml.md index dda058630ff..01405500ac8 100644 --- a/docs/2.3/saml.md +++ b/docs/2.3/saml.md @@ -51,6 +51,22 @@ We are going to create two groups: "okta-dev" and "okta-admin": We are going to map the Okta groups we've created above to the SAML Attribute statements (special signed metadata exposed via a SAML XML response). +GENERAL + +- Single sign on URL `https://teleport-proxy.example.com:3080/v1/webapi/saml/acs` + +- Audience URI (SP Entity ID)`https://teleport-proxy.example.com:3080/v1/webapi/saml/acs` + +- Name ID format `EmailAddress` + +- Application username `Okta username` + +GROUP ATTRIBUTE STATEMENTS + +- Name: `groups` | Name format: `Unspecified` + +- Filter: `Matches regex` | `.*` + ![Configure APP](img/okta-saml-3.png) !!! tip "Important": diff --git a/docs/2.4/saml.md b/docs/2.4/saml.md index dda058630ff..01405500ac8 100644 --- a/docs/2.4/saml.md +++ b/docs/2.4/saml.md @@ -51,6 +51,22 @@ We are going to create two groups: "okta-dev" and "okta-admin": We are going to map the Okta groups we've created above to the SAML Attribute statements (special signed metadata exposed via a SAML XML response). +GENERAL + +- Single sign on URL `https://teleport-proxy.example.com:3080/v1/webapi/saml/acs` + +- Audience URI (SP Entity ID)`https://teleport-proxy.example.com:3080/v1/webapi/saml/acs` + +- Name ID format `EmailAddress` + +- Application username `Okta username` + +GROUP ATTRIBUTE STATEMENTS + +- Name: `groups` | Name format: `Unspecified` + +- Filter: `Matches regex` | `.*` + ![Configure APP](img/okta-saml-3.png) !!! tip "Important": diff --git a/docs/2.5/ssh_okta.md b/docs/2.5/ssh_okta.md index 72068c1f19a..ace4a6008d9 100644 --- a/docs/2.5/ssh_okta.md +++ b/docs/2.5/ssh_okta.md @@ -47,6 +47,22 @@ We are going to create two groups: "okta-dev" and "okta-admin": We are going to map the Okta groups we've created above to the SAML Attribute statements (special signed metadata exposed via a SAML XML response). +GENERAL + +- Single sign on URL `https://teleport-proxy.example.com:3080/v1/webapi/saml/acs` + +- Audience URI (SP Entity ID)`https://teleport-proxy.example.com:3080/v1/webapi/saml/acs` + +- Name ID format `EmailAddress` + +- Application username `Okta username` + +GROUP ATTRIBUTE STATEMENTS + +- Name: `groups` | Name format: `Unspecified` + +- Filter: `Matches regex` | `.*` + ![Configure APP](img/okta-saml-3.png) !!! tip "Important": diff --git a/docs/2.7/ssh_okta.md b/docs/2.7/ssh_okta.md index 72068c1f19a..ace4a6008d9 100644 --- a/docs/2.7/ssh_okta.md +++ b/docs/2.7/ssh_okta.md @@ -47,6 +47,22 @@ We are going to create two groups: "okta-dev" and "okta-admin": We are going to map the Okta groups we've created above to the SAML Attribute statements (special signed metadata exposed via a SAML XML response). +GENERAL + +- Single sign on URL `https://teleport-proxy.example.com:3080/v1/webapi/saml/acs` + +- Audience URI (SP Entity ID)`https://teleport-proxy.example.com:3080/v1/webapi/saml/acs` + +- Name ID format `EmailAddress` + +- Application username `Okta username` + +GROUP ATTRIBUTE STATEMENTS + +- Name: `groups` | Name format: `Unspecified` + +- Filter: `Matches regex` | `.*` + ![Configure APP](img/okta-saml-3.png) !!! tip "Important": diff --git a/docs/3.0/ssh_okta.md b/docs/3.0/ssh_okta.md index e3ba0cba7a6..d0e4106268b 100644 --- a/docs/3.0/ssh_okta.md +++ b/docs/3.0/ssh_okta.md @@ -47,6 +47,22 @@ We are going to create two groups: "okta-dev" and "okta-admin": We are going to map the Okta groups we've created above to the SAML Attribute statements (special signed metadata exposed via a SAML XML response). +GENERAL + +- Single sign on URL `https://teleport-proxy.example.com:3080/v1/webapi/saml/acs` + +- Audience URI (SP Entity ID)`https://teleport-proxy.example.com:3080/v1/webapi/saml/acs` + +- Name ID format `EmailAddress` + +- Application username `Okta username` + +GROUP ATTRIBUTE STATEMENTS + +- Name: `groups` | Name format: `Unspecified` + +- Filter: `Matches regex` | `.*` + ![Configure APP](img/okta-saml-3.png) !!! tip "Important": diff --git a/docs/3.1/ssh_okta.md b/docs/3.1/ssh_okta.md index 8cc1a1ab78b..beae59a5478 100644 --- a/docs/3.1/ssh_okta.md +++ b/docs/3.1/ssh_okta.md @@ -48,6 +48,22 @@ We are going to create two groups: "okta-dev" and "okta-admin": We are going to map the Okta groups we've created above to the SAML Attribute statements (special signed metadata exposed via a SAML XML response). +GENERAL + +- Single sign on URL `https://teleport-proxy.example.com:3080/v1/webapi/saml/acs` + +- Audience URI (SP Entity ID)`https://teleport-proxy.example.com:3080/v1/webapi/saml/acs` + +- Name ID format `EmailAddress` + +- Application username `Okta username` + +GROUP ATTRIBUTE STATEMENTS + +- Name: `groups` | Name format: `Unspecified` + +- Filter: `Matches regex` | `.*` + ![Configure APP](img/okta-saml-3.png) !!! tip "Important": diff --git a/docs/3.2/ssh_okta.md b/docs/3.2/ssh_okta.md index 8cc1a1ab78b..beae59a5478 100644 --- a/docs/3.2/ssh_okta.md +++ b/docs/3.2/ssh_okta.md @@ -48,6 +48,22 @@ We are going to create two groups: "okta-dev" and "okta-admin": We are going to map the Okta groups we've created above to the SAML Attribute statements (special signed metadata exposed via a SAML XML response). +GENERAL + +- Single sign on URL `https://teleport-proxy.example.com:3080/v1/webapi/saml/acs` + +- Audience URI (SP Entity ID)`https://teleport-proxy.example.com:3080/v1/webapi/saml/acs` + +- Name ID format `EmailAddress` + +- Application username `Okta username` + +GROUP ATTRIBUTE STATEMENTS + +- Name: `groups` | Name format: `Unspecified` + +- Filter: `Matches regex` | `.*` + ![Configure APP](img/okta-saml-3.png) !!! tip "Important": diff --git a/docs/4.0/ssh_okta.md b/docs/4.0/ssh_okta.md index d0fff16a0a0..fc29426ee5b 100644 --- a/docs/4.0/ssh_okta.md +++ b/docs/4.0/ssh_okta.md @@ -48,6 +48,22 @@ We are going to create two groups: "okta-dev" and "okta-admin": We are going to map the Okta groups we've created above to the SAML Attribute statements (special signed metadata exposed via a SAML XML response). +GENERAL + +- Single sign on URL `https://teleport-proxy.example.com:3080/v1/webapi/saml/acs` + +- Audience URI (SP Entity ID)`https://teleport-proxy.example.com:3080/v1/webapi/saml/acs` + +- Name ID format `EmailAddress` + +- Application username `Okta username` + +GROUP ATTRIBUTE STATEMENTS + +- Name: `groups` | Name format: `Unspecified` + +- Filter: `Matches regex` | `.*` + ![Configure APP](img/okta-saml-3.png) !!! tip "Important":