archive/netdata_netdata
0
0
Fork 0
mirror of https://github.com/netdata/netdata.git synced 2025-04-23 13:00:23 +00:00
Code Issues Projects Releases Wiki Activity

add instructions to configure SCIM integration in Okta ()

Browse source
This commit is contained in:
Juan Cañete 2024-10-08 09:57:45 +02:00 committed by GitHub
parent 263914daa3
commit 2a5c8c8a20
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
1 changed files with 27 additions and 11 deletions

38
integrations/cloud-authentication/metadata.yaml
View file

@ -125,6 +125,20 @@
- The Space must be on a paid plan - The Space must be on a paid plan
- OIDC/SSO integration must already be enabled in one of your Spaces - OIDC/SSO integration must already be enabled in one of your Spaces
### Supported Features
This integration adheres to SCIM v2 specifications. Supported features include:
- User Resource Management (urn:ietf:params:scim:schemas:core:2.0:User)
- Create users
- Update user attributes
- Deactivate users
- Patch operations: Supported
- Bulk operations: Not supported
- Filtering: Supported (max results: 200)
- Password synchronization: Not supported, as we rely on SSO/OIDC authentication
- eTag: Not supported
- Authentication schemes: OAuth Bearer Token
### Netdata Configuration Steps ### Netdata Configuration Steps
1. Click on the Space settings cog (located above your profile icon). 1. Click on the Space settings cog (located above your profile icon).
2. Click on the **User Management** section and access **Authentication and Authorization** tab. 2. Click on the **User Management** section and access **Authentication and Authorization** tab.
@ -136,6 +150,19 @@
- **Base URL**: Use this URL as the base URL for your SCIM client. - **Base URL**: Use this URL as the base URL for your SCIM client.
- **Token**: Use this token for Bearer Authentication with your SCIM client. - **Token**: Use this token for Bearer Authentication with your SCIM client.
## Client Configuration Steps
### Okta
If you're configuring SCIM in Okta, and you already have the Token from the previous section, follow these steps:
1. Go to the **Applications** menu on the left-hand panel and select the **Netdata** application.
2. In the **Netdata** application, navigate to the **Provisioning** tab.
3. Click on **Configure API Integration** and check the box for **Enable API Integration**.
4. Enter the Token (obtained in the *Netdata Configuration Steps* section) into the **API Token** field, then click **Test API Credentials** to ensure the connection is successful.
5. If the test is successful, click **Save** to apply the configuration.
## Troubleshoot
### Rotating the SCIM Token ### Rotating the SCIM Token
You can rotate the token provided during SCIM integration setup if needed. You can rotate the token provided during SCIM integration setup if needed.
@ -146,17 +173,6 @@
4. Click **Regenerate Token**. 4. Click **Regenerate Token**.
5. If successful, you will receive a new token for Bearer Authentication with your SCIM client. 5. If successful, you will receive a new token for Bearer Authentication with your SCIM client.
### Supported Features
This integration adheres to SCIM v2 specifications. Supported features include:
- User Resource Management (urn:ietf:params:scim:schemas:core:2.0:User)
- Patch operations: Supported
- Bulk operations: Not supported
- Filtering: Supported (max results: 200)
- Password synchronization: Not supported, as we rely on SSO/OIDC authentication
- eTag: Not supported
- Authentication schemes: OAuth Bearer Token
### User Keying Between SCIM and OIDC ### User Keying Between SCIM and OIDC
Our SCIM (System for Cross-domain Identity Management) integration utilizes OIDC (OpenID Connect) to authenticate users. Our SCIM (System for Cross-domain Identity Management) integration utilizes OIDC (OpenID Connect) to authenticate users.
To ensure users are correctly identified and authenticated between SCIM and OIDC, we use the following mapping: To ensure users are correctly identified and authenticated between SCIM and OIDC, we use the following mapping: