add native okta docs #368
add native okta docs #368
Conversation
|
|
||
| <Lightbox src="/img/docs/dbt-cloud/dbt-cloud-enterprise/61d2b48-Screen_Shot_2019-04-25_at_6.05.23_PM.png" title="The 'SAML Settings' page"/> | ||
| <!-- TODO : Will users need to change the Name ID format and Application |
There was a problem hiding this comment.
@kwigley would love to hear your thoughts on this part in particular. I saw an example where you set these fields to Email Address explicitly. Is that a configuration that we should document here?
| @@ -0,0 +1,84 @@ | |||
| --- | |||
| title: "Setting up SSO with Okta (Deprecated)" | |||
There was a problem hiding this comment.
we followed this pattern for GSuite and Azure too. The "deprecated" docs instruct users to send us their SSO creds for setup on our end. Now that this is all self-service, we specifically do not want folks to send their creds our way!
There was a problem hiding this comment.
and, we intend to promote the native integrations as the recommended/primary way of integrating dbt Cloud with an SSO provider going forwards
| ### Create a new application | ||
|
|
||
| Log into your Okta account. You'll need administrator access to your Okta organization to follow this guide. | ||
|
|
There was a problem hiding this comment.
I poked around Okta a little - doesn't look like there's an easy link to provide here that would generalize to a list of admins on a given company's subdomain. Would have been a nice touch 😅
There was a problem hiding this comment.
I thought about adding some inputs to the top of the page for:
- your Okta domain
- your dbt Cloud domain
And we could use those inputs to render specific docs for different users :). Let's do that in the v2!
| * **Single sign on URL**: `https://auth.getdbt.com/login/callback?connection=<your-deployment-id>` | ||
| * **Audience URI (SP Entity ID)**: `urn:auth0:dbt-cloud:<your-deployment-id>` | ||
|
|
||
| Replace `<your-deployment-id>` with your dbt Cloud deployment ID. If you aren't sure what value you should use, please contact support ([email protected]). |
There was a problem hiding this comment.
Is there somewhere that this is surfaced within the cloud app, so folks could self serve this rather than contacting support?
There was a problem hiding this comment.
these are the old/deprecated docs - users won't need to do this part anymore! There is no more deployment id :)
| * **Name format**: Unspecified | ||
| * **Value**: `${user.email}` | ||
|
|
||
| Under **Group Attribute Statments**, enter the following: |
There was a problem hiding this comment.
Should be Statements I bet
There was a problem hiding this comment.
just to give you the lay of the land: I renamed the existing setting-up-sso-with-okta.md file to setting-up-sso-with-okta-deprecated.md. This file is unedited from it's previous version, and we'd probably anticipate deleting it in the future. All of the new docs are in the not-deprecated page!
|
I'm going to merge this as the native Okta integration is now live in dbt Cloud |
REPO SYNC - Public to Private
Description & motivation
Adds docs for configuring Okta SSO natively in the application
Pre-release docs
Is this change related to an unreleased version of dbt?
nextcurrentChecklist
If you added new pages (delete if not applicable):
website/sidebars.js