You signed in with another tab or window.Reload to refresh your session.You signed out in another tab or window.Reload to refresh your session.You switched accounts on another tab or window.Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: _docs/single-sign-on/saml/saml-okta.md
+12-1Lines changed: 12 additions & 1 deletion
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -19,6 +19,11 @@ Setting up SAML SSO for Okta includes:
19
19
##Step 1: Configure SSO settings for Okta via SAML in Codefresh
20
20
Create a SAML account for Okta in Codefresh to create an integration for Codefresh in Okta.
21
21
22
+
SAML SSO settings for Okta include auto-syncing teams and groups in OKta with Codefresh, and automatically activating new users synced to Codefresh.
23
+
24
+
><b>TIP</b>:
25
+
>Use the auto-sync and activate user options for Just in Time (JIT) Provisioning.
26
+
22
27
1. In the Codefresh UI, from the toolbar click the**Settings** icon.
23
28
1. In the sidebar, from Access & Collaboration, select[Single Sign-On](https://g.codefresh.io/2.0/account-settings/single-sign-on){:target="\_blank"}.
24
29
1. Click**Add single-sign-on**, select**SAML**, and then click**Next**.
@@ -27,7 +32,13 @@ Create a SAML account for Okta in Codefresh to create an integration for Codefr
27
32
***IDP Entry**: Type in any character. You will enter the correct value from Okta in the final step.
28
33
***Application Certificate**: You will enter the correct value from Okta in the final step.
29
34
***Provider**: Leave empty.
30
-
35
+
***Auto-sync users and teams to Codefresh**: Optional. When selected, automatically syncs teams or groups in Okta to Codefresh, every 12 hours by default. You can define a different sync interval in**Sync interval**.
36
+
>**NOTE**:
37
+
>Though you can assign an Okta application to both groups and individual users, Codefresh_only syncs users who are part of teams_.
38
+
New users in Okta, _not_ assigned to a team, are **NOT** synced with Codefresh. You should first assign the user to a team for the sync to work.
39
+
***Activate user after sync**: Optional. When selected, Codefresh automatically invites and activates new users added during the automated sync, without waiting for the users to accept the invitations.
40
+
***Access Token**: Optional. The OKTA API token that you generated in Okta, used to sync groups and their users from OKTA to Codefresh.
41
+
***Client Host**: The OKTA organization URL, for example,`https://<company>.okta.com`.
31
42
1. Click**Add**.
32
43
The SAML integration for Okta is added and appears in the list of SSOs.
33
44
1. In the Single Sign-On page, click the**Edit** icon for the Okta SAML integration you created.