Regenerate integrations.js (#18715)

Co-authored-by: juacker <2930882+juacker@users.noreply.github.com>
2025-04-06 22:38:55 +00:00 · 2024-10-08 04:22:32 -04:00 · 2024-10-08 04:22:32 -04:00 · a6db290927
commit a6db290927
parent 2a5c8c8a20
3 changed files with 29 additions and 13 deletions
--- a/integrations/cloud-authentication/integrations/scim.md
+++ b/integrations/cloud-authentication/integrations/scim.md
@ -26,6 +26,20 @@ The System for Cross-domain Identity Management (SCIM) specification is designed
 - The Space must be on a paid plan
 - OIDC/SSO integration must already be enabled in one of your Spaces

+### Supported Features
+This integration adheres to SCIM v2 specifications. Supported features include:
+
+- User Resource Management (urn:ietf:params:scim:schemas:core:2.0:User)
+- Create users
+- Update user attributes
+- Deactivate users
+- Patch operations: Supported
+- Bulk operations: Not supported
+- Filtering: Supported (max results: 200)
+- Password synchronization: Not supported, as we rely on SSO/OIDC authentication
+- eTag: Not supported
+- Authentication schemes: OAuth Bearer Token
+
 ### Netdata Configuration Steps
 1. Click on the Space settings cog (located above your profile icon).
 2. Click on the **User Management** section and access **Authentication and Authorization** tab.
@ -37,6 +51,19 @@ The System for Cross-domain Identity Management (SCIM) specification is designed
   - **Base URL**: Use this URL as the base URL for your SCIM client.
   - **Token**: Use this token for Bearer Authentication with your SCIM client.

+## Client Configuration Steps
+
+### Okta
+If you're configuring SCIM in Okta, and you already have the Token from the previous section, follow these steps:
+
+1. Go to the **Applications** menu on the left-hand panel and select the **Netdata** application.
+2. In the **Netdata** application, navigate to the **Provisioning** tab.
+3. Click on **Configure API Integration** and check the box for **Enable API Integration**.
+4. Enter the Token (obtained in the *Netdata Configuration Steps* section) into the **API Token** field, then click **Test API Credentials** to ensure the connection is successful.
+5. If the test is successful, click **Save** to apply the configuration.
+
+## Troubleshoot
+
 ### Rotating the SCIM Token
 You can rotate the token provided during SCIM integration setup if needed.

@ -47,17 +74,6 @@ Steps to rotate the token:
 4. Click **Regenerate Token**.
 5. If successful, you will receive a new token for Bearer Authentication with your SCIM client.

-### Supported Features
-This integration adheres to SCIM v2 specifications. Supported features include:
-
- User Resource Management (urn:ietf:params:scim:schemas:core:2.0:User)
- Patch operations: Supported
- Bulk operations: Not supported
- Filtering: Supported (max results: 200)
- Password synchronization: Not supported, as we rely on SSO/OIDC authentication
- eTag: Not supported
- Authentication schemes: OAuth Bearer Token
-
 ### User Keying Between SCIM and OIDC
 Our SCIM (System for Cross-domain Identity Management) integration utilizes OIDC (OpenID Connect) to authenticate users.
 To ensure users are correctly identified and authenticated between SCIM and OIDC, we use the following mapping:
--- a/integrations/integrations.js
+++ b/integrations/integrations.js
@ -22286,7 +22286,7 @@ export const integrations = [
            "identity-management"
        ],
        "overview": "# SCIM\n\nThe System for Cross-domain Identity Management (SCIM) specification is designed to simplify the management of user identities in cloud-based applications and services.\n",
-        "setup": "## Setup\n\n### Prerequisites\n- A Netdata Cloud account\n- Admin access to the Space\n- The Space must be on a paid plan\n- OIDC/SSO integration must already be enabled in one of your Spaces\n\n### Netdata Configuration Steps\n1. Click on the Space settings cog (located above your profile icon).\n2. Click on the **User Management** section and access **Authentication and Authorization** tab.\n3. In the SCIM card, click on **Activate**.\n4. Depending on your situation:\n   - If OIDC/SSO integration is already enabled in your Space, click **Activate**.\n   - If you already have a SCIM integration in another Space and want to create a linked integration here, enter the SCIM token from the original integration and click **Activate**.\n5. If the setup is successful, you will receive two parameters:\n   - **Base URL**: Use this URL as the base URL for your SCIM client.\n   - **Token**: Use this token for Bearer Authentication with your SCIM client.\n\n### Rotating the SCIM Token\nYou can rotate the token provided during SCIM integration setup if needed.\n\nSteps to rotate the token:\n1. Click on the Space settings cog (located above your profile icon).\n2. Click on the **User Management** section and access **Authentication and Authorization** tab.\n3. In the already configured SCIM card, click **Configure**.\n4. Click **Regenerate Token**.\n5. If successful, you will receive a new token for Bearer Authentication with your SCIM client.\n\n### Supported Features\nThis integration adheres to SCIM v2 specifications. Supported features include:\n\n- User Resource Management (urn:ietf:params:scim:schemas:core:2.0:User)\n- Patch operations: Supported\n- Bulk operations: Not supported\n- Filtering: Supported (max results: 200)\n- Password synchronization: Not supported, as we rely on SSO/OIDC authentication\n- eTag: Not supported\n- Authentication schemes: OAuth Bearer Token\n\n### User Keying Between SCIM and OIDC\nOur SCIM (System for Cross-domain Identity Management) integration utilizes OIDC (OpenID Connect) to authenticate users.\nTo ensure users are correctly identified and authenticated between SCIM and OIDC, we use the following mapping:\n\n- SCIM externalID \u2194 OIDC sub\n\nThis mapping ensures that the identity of users remains consistent and secure across both systems.\n\n**Important**: Ensure that your OIDC and SCIM systems follow this mapping strictly.\nThe externalID in SCIM must correspond to the subfield in OIDC. Any deviation from this mapping may result\nin incorrect user identification and authentication failures.\n\n## FAQ\n\n### Why aren\u2019t users automatically added to Netdata spaces when they\u2019re created through SCIM?\n\nCurrently, our SCIM server supports only the User resource. We plan to add support for the Group resource in the future.\n\nIn a Netdata space, users can belong to multiple rooms and have different roles (e.g., admin, manager). Additionally, the same organization may have multiple spaces.\n\nAs we don't yet support groups, when a user is created through SCIM, we don\u2019t have a way to determine which spaces, rooms, and roles the user should be assigned to.\n\nOnce we implement support for the Group resource, admins will be able to map SCIM groups to Netdata memberships, so this assignment will be done automatically.\n\nUntil then, SCIM can only be used to grant or block access to Netdata for users in your organization. After a user is created, it is up to the Netdata administrator to manually invite them to spaces, rooms and assign roles.\n\n### Reference\n[SCIM Specification](https://scim.org)\n\n",
+        "setup": "## Setup\n\n### Prerequisites\n- A Netdata Cloud account\n- Admin access to the Space\n- The Space must be on a paid plan\n- OIDC/SSO integration must already be enabled in one of your Spaces\n\n### Supported Features\nThis integration adheres to SCIM v2 specifications. Supported features include:\n\n- User Resource Management (urn:ietf:params:scim:schemas:core:2.0:User)\n- Create users\n- Update user attributes\n- Deactivate users\n- Patch operations: Supported\n- Bulk operations: Not supported\n- Filtering: Supported (max results: 200)\n- Password synchronization: Not supported, as we rely on SSO/OIDC authentication\n- eTag: Not supported\n- Authentication schemes: OAuth Bearer Token\n\n### Netdata Configuration Steps\n1. Click on the Space settings cog (located above your profile icon).\n2. Click on the **User Management** section and access **Authentication and Authorization** tab.\n3. In the SCIM card, click on **Activate**.\n4. Depending on your situation:\n   - If OIDC/SSO integration is already enabled in your Space, click **Activate**.\n   - If you already have a SCIM integration in another Space and want to create a linked integration here, enter the SCIM token from the original integration and click **Activate**.\n5. If the setup is successful, you will receive two parameters:\n   - **Base URL**: Use this URL as the base URL for your SCIM client.\n   - **Token**: Use this token for Bearer Authentication with your SCIM client.\n\n## Client Configuration Steps\n\n### Okta\nIf you're configuring SCIM in Okta, and you already have the Token from the previous section, follow these steps:\n\n1. Go to the **Applications** menu on the left-hand panel and select the **Netdata** application.\n2. In the **Netdata** application, navigate to the **Provisioning** tab.\n3. Click on **Configure API Integration** and check the box for **Enable API Integration**.\n4. Enter the Token (obtained in the *Netdata Configuration Steps* section) into the **API Token** field, then click **Test API Credentials** to ensure the connection is successful.\n5. If the test is successful, click **Save** to apply the configuration.\n\n## Troubleshoot\n\n### Rotating the SCIM Token\nYou can rotate the token provided during SCIM integration setup if needed.\n\nSteps to rotate the token:\n1. Click on the Space settings cog (located above your profile icon).\n2. Click on the **User Management** section and access **Authentication and Authorization** tab.\n3. In the already configured SCIM card, click **Configure**.\n4. Click **Regenerate Token**.\n5. If successful, you will receive a new token for Bearer Authentication with your SCIM client.\n\n### User Keying Between SCIM and OIDC\nOur SCIM (System for Cross-domain Identity Management) integration utilizes OIDC (OpenID Connect) to authenticate users.\nTo ensure users are correctly identified and authenticated between SCIM and OIDC, we use the following mapping:\n\n- SCIM externalID \u2194 OIDC sub\n\nThis mapping ensures that the identity of users remains consistent and secure across both systems.\n\n**Important**: Ensure that your OIDC and SCIM systems follow this mapping strictly.\nThe externalID in SCIM must correspond to the subfield in OIDC. Any deviation from this mapping may result\nin incorrect user identification and authentication failures.\n\n## FAQ\n\n### Why aren\u2019t users automatically added to Netdata spaces when they\u2019re created through SCIM?\n\nCurrently, our SCIM server supports only the User resource. We plan to add support for the Group resource in the future.\n\nIn a Netdata space, users can belong to multiple rooms and have different roles (e.g., admin, manager). Additionally, the same organization may have multiple spaces.\n\nAs we don't yet support groups, when a user is created through SCIM, we don\u2019t have a way to determine which spaces, rooms, and roles the user should be assigned to.\n\nOnce we implement support for the Group resource, admins will be able to map SCIM groups to Netdata memberships, so this assignment will be done automatically.\n\nUntil then, SCIM can only be used to grant or block access to Netdata for users in your organization. After a user is created, it is up to the Netdata administrator to manually invite them to spaces, rooms and assign roles.\n\n### Reference\n[SCIM Specification](https://scim.org)\n\n",
        "integration_type": "authentication",
        "edit_link": "https://github.com/netdata/netdata/blob/master/integrations/cloud-authentication/metadata.yaml",
        "troubleshooting": ""
--- a/integrations/integrations.json
+++ b/integrations/integrations.json
@ -22284,7 +22284,7 @@
                "identity-management"
            ],
            "overview": "# SCIM\n\nThe System for Cross-domain Identity Management (SCIM) specification is designed to simplify the management of user identities in cloud-based applications and services.\n",
-            "setup": "## Setup\n\n### Prerequisites\n- A Netdata Cloud account\n- Admin access to the Space\n- The Space must be on a paid plan\n- OIDC/SSO integration must already be enabled in one of your Spaces\n\n### Netdata Configuration Steps\n1. Click on the Space settings cog (located above your profile icon).\n2. Click on the **User Management** section and access **Authentication and Authorization** tab.\n3. In the SCIM card, click on **Activate**.\n4. Depending on your situation:\n   - If OIDC/SSO integration is already enabled in your Space, click **Activate**.\n   - If you already have a SCIM integration in another Space and want to create a linked integration here, enter the SCIM token from the original integration and click **Activate**.\n5. If the setup is successful, you will receive two parameters:\n   - **Base URL**: Use this URL as the base URL for your SCIM client.\n   - **Token**: Use this token for Bearer Authentication with your SCIM client.\n\n### Rotating the SCIM Token\nYou can rotate the token provided during SCIM integration setup if needed.\n\nSteps to rotate the token:\n1. Click on the Space settings cog (located above your profile icon).\n2. Click on the **User Management** section and access **Authentication and Authorization** tab.\n3. In the already configured SCIM card, click **Configure**.\n4. Click **Regenerate Token**.\n5. If successful, you will receive a new token for Bearer Authentication with your SCIM client.\n\n### Supported Features\nThis integration adheres to SCIM v2 specifications. Supported features include:\n\n- User Resource Management (urn:ietf:params:scim:schemas:core:2.0:User)\n- Patch operations: Supported\n- Bulk operations: Not supported\n- Filtering: Supported (max results: 200)\n- Password synchronization: Not supported, as we rely on SSO/OIDC authentication\n- eTag: Not supported\n- Authentication schemes: OAuth Bearer Token\n\n### User Keying Between SCIM and OIDC\nOur SCIM (System for Cross-domain Identity Management) integration utilizes OIDC (OpenID Connect) to authenticate users.\nTo ensure users are correctly identified and authenticated between SCIM and OIDC, we use the following mapping:\n\n- SCIM externalID \u2194 OIDC sub\n\nThis mapping ensures that the identity of users remains consistent and secure across both systems.\n\n**Important**: Ensure that your OIDC and SCIM systems follow this mapping strictly.\nThe externalID in SCIM must correspond to the subfield in OIDC. Any deviation from this mapping may result\nin incorrect user identification and authentication failures.\n\n## FAQ\n\n### Why aren\u2019t users automatically added to Netdata spaces when they\u2019re created through SCIM?\n\nCurrently, our SCIM server supports only the User resource. We plan to add support for the Group resource in the future.\n\nIn a Netdata space, users can belong to multiple rooms and have different roles (e.g., admin, manager). Additionally, the same organization may have multiple spaces.\n\nAs we don't yet support groups, when a user is created through SCIM, we don\u2019t have a way to determine which spaces, rooms, and roles the user should be assigned to.\n\nOnce we implement support for the Group resource, admins will be able to map SCIM groups to Netdata memberships, so this assignment will be done automatically.\n\nUntil then, SCIM can only be used to grant or block access to Netdata for users in your organization. After a user is created, it is up to the Netdata administrator to manually invite them to spaces, rooms and assign roles.\n\n### Reference\n[SCIM Specification](https://scim.org)\n\n",
+            "setup": "## Setup\n\n### Prerequisites\n- A Netdata Cloud account\n- Admin access to the Space\n- The Space must be on a paid plan\n- OIDC/SSO integration must already be enabled in one of your Spaces\n\n### Supported Features\nThis integration adheres to SCIM v2 specifications. Supported features include:\n\n- User Resource Management (urn:ietf:params:scim:schemas:core:2.0:User)\n- Create users\n- Update user attributes\n- Deactivate users\n- Patch operations: Supported\n- Bulk operations: Not supported\n- Filtering: Supported (max results: 200)\n- Password synchronization: Not supported, as we rely on SSO/OIDC authentication\n- eTag: Not supported\n- Authentication schemes: OAuth Bearer Token\n\n### Netdata Configuration Steps\n1. Click on the Space settings cog (located above your profile icon).\n2. Click on the **User Management** section and access **Authentication and Authorization** tab.\n3. In the SCIM card, click on **Activate**.\n4. Depending on your situation:\n   - If OIDC/SSO integration is already enabled in your Space, click **Activate**.\n   - If you already have a SCIM integration in another Space and want to create a linked integration here, enter the SCIM token from the original integration and click **Activate**.\n5. If the setup is successful, you will receive two parameters:\n   - **Base URL**: Use this URL as the base URL for your SCIM client.\n   - **Token**: Use this token for Bearer Authentication with your SCIM client.\n\n## Client Configuration Steps\n\n### Okta\nIf you're configuring SCIM in Okta, and you already have the Token from the previous section, follow these steps:\n\n1. Go to the **Applications** menu on the left-hand panel and select the **Netdata** application.\n2. In the **Netdata** application, navigate to the **Provisioning** tab.\n3. Click on **Configure API Integration** and check the box for **Enable API Integration**.\n4. Enter the Token (obtained in the *Netdata Configuration Steps* section) into the **API Token** field, then click **Test API Credentials** to ensure the connection is successful.\n5. If the test is successful, click **Save** to apply the configuration.\n\n## Troubleshoot\n\n### Rotating the SCIM Token\nYou can rotate the token provided during SCIM integration setup if needed.\n\nSteps to rotate the token:\n1. Click on the Space settings cog (located above your profile icon).\n2. Click on the **User Management** section and access **Authentication and Authorization** tab.\n3. In the already configured SCIM card, click **Configure**.\n4. Click **Regenerate Token**.\n5. If successful, you will receive a new token for Bearer Authentication with your SCIM client.\n\n### User Keying Between SCIM and OIDC\nOur SCIM (System for Cross-domain Identity Management) integration utilizes OIDC (OpenID Connect) to authenticate users.\nTo ensure users are correctly identified and authenticated between SCIM and OIDC, we use the following mapping:\n\n- SCIM externalID \u2194 OIDC sub\n\nThis mapping ensures that the identity of users remains consistent and secure across both systems.\n\n**Important**: Ensure that your OIDC and SCIM systems follow this mapping strictly.\nThe externalID in SCIM must correspond to the subfield in OIDC. Any deviation from this mapping may result\nin incorrect user identification and authentication failures.\n\n## FAQ\n\n### Why aren\u2019t users automatically added to Netdata spaces when they\u2019re created through SCIM?\n\nCurrently, our SCIM server supports only the User resource. We plan to add support for the Group resource in the future.\n\nIn a Netdata space, users can belong to multiple rooms and have different roles (e.g., admin, manager). Additionally, the same organization may have multiple spaces.\n\nAs we don't yet support groups, when a user is created through SCIM, we don\u2019t have a way to determine which spaces, rooms, and roles the user should be assigned to.\n\nOnce we implement support for the Group resource, admins will be able to map SCIM groups to Netdata memberships, so this assignment will be done automatically.\n\nUntil then, SCIM can only be used to grant or block access to Netdata for users in your organization. After a user is created, it is up to the Netdata administrator to manually invite them to spaces, rooms and assign roles.\n\n### Reference\n[SCIM Specification](https://scim.org)\n\n",
            "integration_type": "authentication",
            "edit_link": "https://github.com/netdata/netdata/blob/master/integrations/cloud-authentication/metadata.yaml",
            "troubleshooting": ""