Commit 2fea0a25 authored by Mike Jang's avatar Mike Jang

Merge branch 'docs-okta-saml' into 'master'

Docs: Update Okta Group SAML info

See merge request gitlab-org/gitlab!28385
parents b32946d5 766d2ffc
...@@ -38,6 +38,24 @@ SCIM mapping: ...@@ -38,6 +38,24 @@ SCIM mapping:
![Azure AD SCIM](img/AzureAD-scim_attribute_mapping.png) ![Azure AD SCIM](img/AzureAD-scim_attribute_mapping.png)
## Okta
Basic SAML app configuration:
![Okta basic SAML](img/Okta-SAMLsetup.png)
User claims and attributes:
![Okta Attributes](img/Okta-attributes.png)
Advanced SAML app settings (defaults):
![Okta Advanced Settings](img/Okta-advancedsettings.png)
IdP Links and Certificate:
![Okta Links and Certificate](img/Okta-linkscert.png)
## OneLogin ## OneLogin
Application details: Application details:
......
...@@ -234,6 +234,13 @@ Set other user attributes and claims according to the [assertions table](#assert ...@@ -234,6 +234,13 @@ Set other user attributes and claims according to the [assertions table](#assert
Under Okta's **Single sign on URL** field, check the option **Use this for Recipient URL and Destination URL**. Under Okta's **Single sign on URL** field, check the option **Use this for Recipient URL and Destination URL**.
Please note that Okta's generic SAML app does not have a **Login URL** field, where the **Identity provider single sign on URL** would normally go. The **Identity provider single sign on URL** may be required the first time a user is logging in if they are having any difficulties.
We recommend:
- **Application username** (NameID) set to **Custom** `user.getInternalProperty("id")`.
- **Name ID Format** set to **Persistent**.
Set attribute statements according to the [assertions table](#assertions). Set attribute statements according to the [assertions table](#assertions).
### OneLogin setup notes ### OneLogin setup notes
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment