archive/netdata_netdata
0
0
Fork 0
mirror of https://github.com/netdata/netdata.git synced 2025-04-13 17:19:11 +00:00
Code Issues Projects Releases Wiki Activity

Regenerate integrations.js ()

Browse source 
Co-authored-by: ilyam8 <22274335+ilyam8@users.noreply.github.com>
This commit is contained in:
Netdata bot 2024-10-03 08:46:17 -04:00 committed by GitHub
parent 0213967d71
commit ff46cda38f
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
3 changed files with 16 additions and 2 deletions
integrations
cloud-authentication/integrations
scim.md
integrations.jsintegrations.json

14
integrations/cloud-authentication/integrations/scim.md
View file

@ -70,6 +70,20 @@ This mapping ensures that the identity of users remains consistent and secure ac
The externalID in SCIM must correspond to the subfield in OIDC. Any deviation from this mapping may result
in incorrect user identification and authentication failures.
## FAQ
### Why arent users automatically added to Netdata spaces when theyre created through SCIM?
Currently, our SCIM server supports only the User resource. We plan to add support for the Group resource in the future.
In a Netdata space, users can belong to multiple rooms and have different roles (e.g., admin, manager). Additionally, the same organization may have multiple spaces.
As we don't yet support groups, when a user is created through SCIM, we dont have a way to determine which spaces, rooms, and roles the user should be assigned to.
Once we implement support for the Group resource, admins will be able to map SCIM groups to Netdata memberships, so this assignment will be done automatically.
Until then, SCIM can only be used to grant or block access to Netdata for users in your organization. After a user is created, it is up to the Netdata administrator to manually invite them to spaces, rooms and assign roles.
### Reference
[SCIM Specification](https://scim.org)

2
integrations/integrations.js
View file

@ -22286,7 +22286,7 @@ export const integrations = [
"identity-management"
],
"overview": "# SCIM\n\nThe System for Cross-domain Identity Management (SCIM) specification is designed to simplify the management of user identities in cloud-based applications and services.\n",
"setup": "## Setup\n\n### Prerequisites\n- A Netdata Cloud account\n- Admin access to the Space\n- The Space must be on a paid plan\n- OIDC/SSO integration must already be enabled in one of your Spaces\n\n### Netdata Configuration Steps\n1. Click on the Space settings cog (located above your profile icon).\n2. Click on the **User Management** section and access **Authentication and Authorization** tab.\n3. In the SCIM card, click on **Activate**.\n4. Depending on your situation:\n - If OIDC/SSO integration is already enabled in your Space, click **Activate**.\n - If you already have a SCIM integration in another Space and want to create a linked integration here, enter the SCIM token from the original integration and click **Activate**.\n5. If the setup is successful, you will receive two parameters:\n - **Base URL**: Use this URL as the base URL for your SCIM client.\n - **Token**: Use this token for Bearer Authentication with your SCIM client.\n\n### Rotating the SCIM Token\nYou can rotate the token provided during SCIM integration setup if needed.\n\nSteps to rotate the token:\n1. Click on the Space settings cog (located above your profile icon).\n2. Click on the **User Management** section and access **Authentication and Authorization** tab.\n3. In the already configured SCIM card, click **Configure**.\n4. Click **Regenerate Token**.\n5. If successful, you will receive a new token for Bearer Authentication with your SCIM client.\n\n### Supported Features\nThis integration adheres to SCIM v2 specifications. Supported features include:\n\n- User Resource Management (urn:ietf:params:scim:schemas:core:2.0:User)\n- Patch operations: Supported\n- Bulk operations: Not supported\n- Filtering: Supported (max results: 200)\n- Password synchronization: Not supported, as we rely on SSO/OIDC authentication\n- eTag: Not supported\n- Authentication schemes: OAuth Bearer Token\n\n### User Keying Between SCIM and OIDC\nOur SCIM (System for Cross-domain Identity Management) integration utilizes OIDC (OpenID Connect) to authenticate users.\nTo ensure users are correctly identified and authenticated between SCIM and OIDC, we use the following mapping:\n\n- SCIM externalID \u2194 OIDC sub\n\nThis mapping ensures that the identity of users remains consistent and secure across both systems.\n\n**Important**: Ensure that your OIDC and SCIM systems follow this mapping strictly.\nThe externalID in SCIM must correspond to the subfield in OIDC. Any deviation from this mapping may result\nin incorrect user identification and authentication failures.\n\n### Reference\n[SCIM Specification](https://scim.org)\n\n",
"setup": "## Setup\n\n### Prerequisites\n- A Netdata Cloud account\n- Admin access to the Space\n- The Space must be on a paid plan\n- OIDC/SSO integration must already be enabled in one of your Spaces\n\n### Netdata Configuration Steps\n1. Click on the Space settings cog (located above your profile icon).\n2. Click on the **User Management** section and access **Authentication and Authorization** tab.\n3. In the SCIM card, click on **Activate**.\n4. Depending on your situation:\n - If OIDC/SSO integration is already enabled in your Space, click **Activate**.\n - If you already have a SCIM integration in another Space and want to create a linked integration here, enter the SCIM token from the original integration and click **Activate**.\n5. If the setup is successful, you will receive two parameters:\n - **Base URL**: Use this URL as the base URL for your SCIM client.\n - **Token**: Use this token for Bearer Authentication with your SCIM client.\n\n### Rotating the SCIM Token\nYou can rotate the token provided during SCIM integration setup if needed.\n\nSteps to rotate the token:\n1. Click on the Space settings cog (located above your profile icon).\n2. Click on the **User Management** section and access **Authentication and Authorization** tab.\n3. In the already configured SCIM card, click **Configure**.\n4. Click **Regenerate Token**.\n5. If successful, you will receive a new token for Bearer Authentication with your SCIM client.\n\n### Supported Features\nThis integration adheres to SCIM v2 specifications. Supported features include:\n\n- User Resource Management (urn:ietf:params:scim:schemas:core:2.0:User)\n- Patch operations: Supported\n- Bulk operations: Not supported\n- Filtering: Supported (max results: 200)\n- Password synchronization: Not supported, as we rely on SSO/OIDC authentication\n- eTag: Not supported\n- Authentication schemes: OAuth Bearer Token\n\n### User Keying Between SCIM and OIDC\nOur SCIM (System for Cross-domain Identity Management) integration utilizes OIDC (OpenID Connect) to authenticate users.\nTo ensure users are correctly identified and authenticated between SCIM and OIDC, we use the following mapping:\n\n- SCIM externalID \u2194 OIDC sub\n\nThis mapping ensures that the identity of users remains consistent and secure across both systems.\n\n**Important**: Ensure that your OIDC and SCIM systems follow this mapping strictly.\nThe externalID in SCIM must correspond to the subfield in OIDC. Any deviation from this mapping may result\nin incorrect user identification and authentication failures.\n\n## FAQ\n\n### Why aren\u2019t users automatically added to Netdata spaces when they\u2019re created through SCIM?\n\nCurrently, our SCIM server supports only the User resource. We plan to add support for the Group resource in the future.\n\nIn a Netdata space, users can belong to multiple rooms and have different roles (e.g., admin, manager). Additionally, the same organization may have multiple spaces.\n\nAs we don't yet support groups, when a user is created through SCIM, we don\u2019t have a way to determine which spaces, rooms, and roles the user should be assigned to.\n\nOnce we implement support for the Group resource, admins will be able to map SCIM groups to Netdata memberships, so this assignment will be done automatically.\n\nUntil then, SCIM can only be used to grant or block access to Netdata for users in your organization. After a user is created, it is up to the Netdata administrator to manually invite them to spaces, rooms and assign roles.\n\n### Reference\n[SCIM Specification](https://scim.org)\n\n",
"integration_type": "authentication",
"edit_link": "https://github.com/netdata/netdata/blob/master/integrations/cloud-authentication/metadata.yaml",
"troubleshooting": ""

2
integrations/integrations.json
View file

@ -22284,7 +22284,7 @@
"identity-management"
],
"overview": "# SCIM\n\nThe System for Cross-domain Identity Management (SCIM) specification is designed to simplify the management of user identities in cloud-based applications and services.\n",
"setup": "## Setup\n\n### Prerequisites\n- A Netdata Cloud account\n- Admin access to the Space\n- The Space must be on a paid plan\n- OIDC/SSO integration must already be enabled in one of your Spaces\n\n### Netdata Configuration Steps\n1. Click on the Space settings cog (located above your profile icon).\n2. Click on the **User Management** section and access **Authentication and Authorization** tab.\n3. In the SCIM card, click on **Activate**.\n4. Depending on your situation:\n - If OIDC/SSO integration is already enabled in your Space, click **Activate**.\n - If you already have a SCIM integration in another Space and want to create a linked integration here, enter the SCIM token from the original integration and click **Activate**.\n5. If the setup is successful, you will receive two parameters:\n - **Base URL**: Use this URL as the base URL for your SCIM client.\n - **Token**: Use this token for Bearer Authentication with your SCIM client.\n\n### Rotating the SCIM Token\nYou can rotate the token provided during SCIM integration setup if needed.\n\nSteps to rotate the token:\n1. Click on the Space settings cog (located above your profile icon).\n2. Click on the **User Management** section and access **Authentication and Authorization** tab.\n3. In the already configured SCIM card, click **Configure**.\n4. Click **Regenerate Token**.\n5. If successful, you will receive a new token for Bearer Authentication with your SCIM client.\n\n### Supported Features\nThis integration adheres to SCIM v2 specifications. Supported features include:\n\n- User Resource Management (urn:ietf:params:scim:schemas:core:2.0:User)\n- Patch operations: Supported\n- Bulk operations: Not supported\n- Filtering: Supported (max results: 200)\n- Password synchronization: Not supported, as we rely on SSO/OIDC authentication\n- eTag: Not supported\n- Authentication schemes: OAuth Bearer Token\n\n### User Keying Between SCIM and OIDC\nOur SCIM (System for Cross-domain Identity Management) integration utilizes OIDC (OpenID Connect) to authenticate users.\nTo ensure users are correctly identified and authenticated between SCIM and OIDC, we use the following mapping:\n\n- SCIM externalID \u2194 OIDC sub\n\nThis mapping ensures that the identity of users remains consistent and secure across both systems.\n\n**Important**: Ensure that your OIDC and SCIM systems follow this mapping strictly.\nThe externalID in SCIM must correspond to the subfield in OIDC. Any deviation from this mapping may result\nin incorrect user identification and authentication failures.\n\n### Reference\n[SCIM Specification](https://scim.org)\n\n",
"setup": "## Setup\n\n### Prerequisites\n- A Netdata Cloud account\n- Admin access to the Space\n- The Space must be on a paid plan\n- OIDC/SSO integration must already be enabled in one of your Spaces\n\n### Netdata Configuration Steps\n1. Click on the Space settings cog (located above your profile icon).\n2. Click on the **User Management** section and access **Authentication and Authorization** tab.\n3. In the SCIM card, click on **Activate**.\n4. Depending on your situation:\n - If OIDC/SSO integration is already enabled in your Space, click **Activate**.\n - If you already have a SCIM integration in another Space and want to create a linked integration here, enter the SCIM token from the original integration and click **Activate**.\n5. If the setup is successful, you will receive two parameters:\n - **Base URL**: Use this URL as the base URL for your SCIM client.\n - **Token**: Use this token for Bearer Authentication with your SCIM client.\n\n### Rotating the SCIM Token\nYou can rotate the token provided during SCIM integration setup if needed.\n\nSteps to rotate the token:\n1. Click on the Space settings cog (located above your profile icon).\n2. Click on the **User Management** section and access **Authentication and Authorization** tab.\n3. In the already configured SCIM card, click **Configure**.\n4. Click **Regenerate Token**.\n5. If successful, you will receive a new token for Bearer Authentication with your SCIM client.\n\n### Supported Features\nThis integration adheres to SCIM v2 specifications. Supported features include:\n\n- User Resource Management (urn:ietf:params:scim:schemas:core:2.0:User)\n- Patch operations: Supported\n- Bulk operations: Not supported\n- Filtering: Supported (max results: 200)\n- Password synchronization: Not supported, as we rely on SSO/OIDC authentication\n- eTag: Not supported\n- Authentication schemes: OAuth Bearer Token\n\n### User Keying Between SCIM and OIDC\nOur SCIM (System for Cross-domain Identity Management) integration utilizes OIDC (OpenID Connect) to authenticate users.\nTo ensure users are correctly identified and authenticated between SCIM and OIDC, we use the following mapping:\n\n- SCIM externalID \u2194 OIDC sub\n\nThis mapping ensures that the identity of users remains consistent and secure across both systems.\n\n**Important**: Ensure that your OIDC and SCIM systems follow this mapping strictly.\nThe externalID in SCIM must correspond to the subfield in OIDC. Any deviation from this mapping may result\nin incorrect user identification and authentication failures.\n\n## FAQ\n\n### Why aren\u2019t users automatically added to Netdata spaces when they\u2019re created through SCIM?\n\nCurrently, our SCIM server supports only the User resource. We plan to add support for the Group resource in the future.\n\nIn a Netdata space, users can belong to multiple rooms and have different roles (e.g., admin, manager). Additionally, the same organization may have multiple spaces.\n\nAs we don't yet support groups, when a user is created through SCIM, we don\u2019t have a way to determine which spaces, rooms, and roles the user should be assigned to.\n\nOnce we implement support for the Group resource, admins will be able to map SCIM groups to Netdata memberships, so this assignment will be done automatically.\n\nUntil then, SCIM can only be used to grant or block access to Netdata for users in your organization. After a user is created, it is up to the Netdata administrator to manually invite them to spaces, rooms and assign roles.\n\n### Reference\n[SCIM Specification](https://scim.org)\n\n",
"integration_type": "authentication",
"edit_link": "https://github.com/netdata/netdata/blob/master/integrations/cloud-authentication/metadata.yaml",
"troubleshooting": ""