Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Q2 sso content relocation#754

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to ourterms of service andprivacy statement. We’ll occasionally send you account related emails.

Already on GitHub?Sign in to your account

Merged
NimRegev merged 8 commits intomasterfromq2-sso-content-relocation
Jul 5, 2023
Merged
Show file tree
Hide file tree
Changes fromall commits
Commits
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
18 changes: 4 additions & 14 deletions_data/home-content.yml
View file
Open in desktop
Original file line numberDiff line numberDiff line change
Expand Up@@ -261,20 +261,10 @@
- title: Manage Git PATs
localurl: /docs/administration/user-self-management/manage-pats/
- title: Codefresh IP addresses
localurl: /docs/administration/platform-ip-addresses/

- title: Single Sign-On
icon: images/home-icons/administration.svg
url: ''
links:
- title: Federated Single Sign-On (SSO) overview
localurl: /docs/single-sign-on/single-sign-on/
- title: Setting up OIDC Federated SSO
localurl: /docs/single-sign-on/oidc/
- title: Setting up SAML2 Federated SSO
localurl: /docs/single-sign-on/saml/
- title: LDAP Single Sign-On (SSO)
localurl: /docs/single-sign-on/ldap/
localurl: /docs/administration/platform-ip-addresses/
- title: Single Sign-On
localurl: /docs/administration/single-sign-on/


- title: Reference
icon: images/home-icons/guides.png
Expand Down
74 changes: 35 additions & 39 deletions_data/nav.yml
View file
Open in desktop
Original file line numberDiff line numberDiff line change
Expand Up@@ -550,50 +550,46 @@
url: "/pipeline-execution-context"
- title: Auditing actions in Codefresh
url: "/audit"
- title: Single Sign-On
sub-pages:
- title: Common configuration
url: "/team-sync"
- title: OpenID Connect
url: "/oidc"
sub-pages:
- title: Auth0
url: "/oidc-auth0"
- title: Azure
url: "/oidc-azure"
- title: Google
url: "/oidc-google"
- title: Keycloak
url: "/oidc-keycloak"
- title: Okta
url: "/oidc-okta"
- title: OneLogin
url: "/oidc-onelogin"
- title: SAML
url: "/saml"
sub-pages:
- title: JumpCloud
url: "/saml-jumpcloud"
- title: Okta
url: "/saml-okta"
- title: OneLogin
url: "/saml-onelogin"
- title: PingID SSO
url: "/saml-pingid"
- title: LDAP
url: "/ldap"
- title: Codefresh IP addresses
url: "/platform-ip-addresses"
- title: User self-management
sub-pages:
- title: Managing personal settings
url: "/user-settings"
- title: Managing Git PATs
url: "/manage-pats"
- title: Codefresh IP addresses
url: "/platform-ip-addresses"

- title: Single Sign-On
url: /single-sign-on
pages:
- title: Single sign-on overview
url: /single-sign-on
- title: Common configuration
url: /team-sync
- title: OpenID Connect
url: /oidc
sub-pages:
- title: Auth0
url: /oidc-auth0
- title: Azure
url: /oidc-azure
- title: Google
url: /oidc-google
- title: Keycloak
url: /oidc-keycloak
- title: Okta
url: /oidc-okta
- title: OneLogin
url: /oidc-onelogin
- title: SAML
url: /saml
sub-pages:
- title: JumpCloud
url: /saml-jumpcloud
- title: Okta
url: /saml-okta
- title: OneLogin
url: /saml-onelogin
- title: PingID SSO
url: /saml-pingid
- title: LDAP
url: /ldap
url: "/manage-pats"

- title: Reference
url: "/reference"
Expand Down
View file
Open in desktop
Original file line numberDiff line numberDiff line change
Expand Up@@ -60,7 +60,7 @@ The table below lists the functionality available for the `Admin` and `User` rol
|[Cloud storage settings]({{site.baseurl}}/docs/testing/test-reports/#connecting-your-storage-account) | `Admin`|
|[Shared configuration]({{site.baseurl}}/docs/pipelines/configuration/shared-configuration/) | `Admin`|
|[API token generation]({{site.baseurl}}/docs/integrations/codefresh-api/#authentication-instructions) | `Admin`|
|[SSO Settings]({{site.baseurl}}/docs/single-sign-on/single-sign-on/) | `Admin`|
|[SSO Settings]({{site.baseurl}}/docs/administration/single-sign-on/) | `Admin`|
|[Runtime environment selection]({{site.baseurl}}/docs/pipelines/pipelines/#pipeline-settings) | `Admin`|
|[Slack settings]({{site.baseurl}}/docs/integrations/notifications/slack-integration/) | `Admin`|
|[Audit logs]({{site.baseurl}}/docs/administration/audit-logs/) | `Admin`|
Expand Down
4 changes: 2 additions & 2 deletions_docs/administration/account-user-management/add-users.md
View file
Open in desktop
Original file line numberDiff line numberDiff line change
Expand Up@@ -25,7 +25,7 @@ Adding a user to an account requires assigning a role to define access to accoun
on clusters, docker registries, git integrations, shared configurations etc.
* **Administrator**: With this role, users have full access to accounts, and can change all settings, so make sure that they are trusted colleagues.
For guidelines on access control, see [Access control]({{site.baseurl}}/docs/administration/account-user-management/access-control/).
* **SSO**: By default, SSO is not enabled for users. If required, explicitly select the SSO provider. For an overview of SSO, see [Single Sign on]({{site.baseurl}}/docs/single-sign-on/single-sign-on/).
* **SSO**: By default, SSO is not enabled for users. If required, explicitly select the SSO provider. For an overview of SSO, see [Single Sign on]({{site.baseurl}}/docs/administration/single-sign-on/).


### Add a user to a Codefresh account
Expand DownExpand Up@@ -118,5 +118,5 @@ As an administrator, you can optionally define session timeouts to automatically

## Related articles
[Access control]({{site.baseurl}}/docs/administration/account-user-management/access-control/)
[Single Sign on]({{site.baseurl}}/docs/single-sign-on/single-sign-on/)
[Single Sign on]({{site.baseurl}}/docs/administration/single-sign-on/)
[Setting up OAuth authentication for Git providers]({{site.baseurl}}/docs/administration/account-user-management/oauth-setup)
View file
Open in desktop
Original file line numberDiff line numberDiff line change
Expand Up@@ -45,5 +45,5 @@ Using federated SSO significantly simplifies cross-domain user management as fol


## Related articles
[Setting Up SAML2 Federated Single Sign-On (SSO)]({{site.baseurl}}/docs/single-sign-on/saml)
[Setting Up OpenID Connect Federated Single Sign-On]({{site.baseurl}}/docs/single-sign-on/oidc)
[Setting Up SAML2 Federated Single Sign-On (SSO)]({{site.baseurl}}/docs/administration/single-sign-on/saml)
[Setting Up OpenID Connect Federated Single Sign-On]({{site.baseurl}}/docs/administration/single-sign-on/oidc)
View file
Open in desktop
Original file line numberDiff line numberDiff line change
Expand Up@@ -4,6 +4,7 @@ description: " "
group: single-sign-on
redirect_from:
- /docs/enterprise/single-sign-on/sso-ldap/
- /docs/single-sign-on/ldap/
toc: true
---

Expand DownExpand Up@@ -66,6 +67,6 @@ Synchronize teams in Codefresh with LDAP using the Codefresh CLI.


## Related articles
[Federated Single Sign-On (SSO) overview]({{site.baseurl}}/docs/single-sign-on/single-sign-on/)
[Setting up OIDC Federated SSO]({{site.baseurl}}/docs/single-sign-on/oidc)
[Setting up SAML2 Federated SSO]({{site.baseurl}}/docs/single-sign-on/saml)
[Federated Single Sign-On (SSO) overview]({{site.baseurl}}/docs/administration/single-sign-on/)
[Setting up OIDC Federated SSO]({{site.baseurl}}/docs/administration/single-sign-on/oidc)
[Setting up SAML2 Federated SSO]({{site.baseurl}}/docs/administration/single-sign-on/saml)
View file
Open in desktop
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,8 @@
---
title: "Setting up OIDC Federated SSO"
description: "OpenID Connect (OIDC) Single Sign-On (SSO) setup"
group: single-sign-on
redirect_from:
- /docs/single-sign-on/oidc/
toc: true
---

Expand All@@ -26,12 +27,12 @@ Here's what you need to do to configure SSO via OIDC in Codefresh:
1. Configure SSO settings for the IdP:
This generally includes defining settings both in Codefresh and in the IdP.
Codefresh supports OIDC SSO for the following:
* [Auth0]({{site.baseurl}}/docs/single-sign-on/oidc/oidc-auth0/)
* [Azure]({{site.baseurl}}/docs/single-sign-on/oidc/oidc-azure/)
* [Google]({{site.baseurl}}/docs/single-sign-on/oidc/oidc-google/)
* [Keycloak]({{site.baseurl}}/docs/single-sign-on/oidc/oidc-keycloak/)
* [Okta]({{site.baseurl}}/docs/single-sign-on/oidc/oidc-okta/)
* [OneLogin]({{site.baseurl}}/docs/single-sign-on/oidc/oidc-onelogin/)
* [Auth0]({{site.baseurl}}/docs/administration/single-sign-on/oidc/oidc-auth0/)
* [Azure]({{site.baseurl}}/docs/administration/single-sign-on/oidc/oidc-azure/)
* [Google]({{site.baseurl}}/docs/administration/single-sign-on/oidc/oidc-google/)
* [Keycloak]({{site.baseurl}}/docs/administration/single-sign-on/oidc/oidc-keycloak/)
* [Okta]({{site.baseurl}}/docs/administration/single-sign-on/oidc/oidc-okta/)
* [OneLogin]({{site.baseurl}}/docs/administration/single-sign-on/oidc/oidc-onelogin/)

1. Test integration with the IdP:

Expand All@@ -54,14 +55,14 @@ Here's what you need to do to configure SSO via OIDC in Codefresh:
%}

{:start="3"}
1. (Optional) [Set a default SSO provider for account]({{site.baseurl}}/docs/single-sign-on/team-sync/#set-a-default-sso-provider-for-account)
1. (Optional) [Set a default SSO provider for account]({{site.baseurl}}/docs/administration/single-sign-on/team-sync/#set-a-default-sso-provider-for-account)
You can select an IdP as the default SSO provider for a Codefresh account. This means that all the new users added to that account will automatically use the selected IdP for signin.
1. (Optional) [Select SSO method for individual users]({{site.baseurl}}/docs/single-sign-on/team-sync/#select-sso-method-for-individual-users)
1. (Optional) [Select SSO method for individual users]({{site.baseurl}}/docs/administration/single-sign-on/team-sync/#select-sso-method-for-individual-users)
You can also select if needed, a different SSO provider for specific users.

> Codefresh has an internal cache for SSO configuration, and it can take up to five minutes for your changes to take effect.

## Related articles
[Federated Single Sign-On (SSO) overview]({{site.baseurl}}/docs/single-sign-on/single-sign-on/)
[Setting up SAML2 Federated SSO]({{site.baseurl}}/docs/single-sign-on/saml)
[Federated Single Sign-On (SSO) overview]({{site.baseurl}}/docs/administration/single-sign-on/)
[Setting up SAML2 Federated SSO]({{site.baseurl}}/docs/administration/single-sign-on/saml)

Original file line numberDiff line numberDiff line change
@@ -1,17 +1,16 @@
---
title: "Auth0 SSO via OIDC"
description: "Set up Auth0 SSO for OIDC"
group: single-sign-on
sub_group: oidc
redirect_from:
- /docs/enterprise/sso-auth0/
- /docs/enterprise/single-sign-on/sso-auth0/
- /docs/administration/single-sign-on/sso-auth0/
- /docs/single-sign-on/oidc/oidc-auth0/
toc: true
---

Set up SSO for Auth0 using OIDC.
For a general overview on OIDC, see [Setting up OIDC Federated SSO]({{site.baseurl}}/docs/single-sign-on/oidc).
For a general overview on OIDC, see [Setting up OIDC Federated SSO]({{site.baseurl}}/docs/administration/single-sign-on/oidc).

Set up OIDC SSO for Auth0 in Codefresh by:
1. Creating an Auth0 application in Auth0
Expand DownExpand Up@@ -109,8 +108,8 @@ max-width="50%"
You have completed SSO setup for Auth0 in Codefresh.

## Related articles
[Federated Single Sign-On (SSO) overview]({{site.baseurl}}/docs/single-sign-on/single-sign-on/)
[Common configuration for SSO providers]({{site.baseurl}}/docs/single-sign-on/team-sync)
[Federated Single Sign-On (SSO) overview]({{site.baseurl}}/docs/administration/single-sign-on/)
[Common configuration for SSO providers]({{site.baseurl}}/docs/administration/single-sign-on/team-sync)



Expand Down
Original file line numberDiff line numberDiff line change
@@ -1,15 +1,14 @@
---
title: "Azure SSO via OIDC"
description: "Set up Azure SSO for OIDC"
group: single-sign-on
sub_group: oidc
redirect_from:
- /docs/enterprise/single-sign-on/sso-azure/
- /docs/single-sign-on/oidc/oidc-azure/
toc: true
---

Set up SSO for Azure using OIDC.
For a general overview on OIDC, see [Setting up OIDC Federated SSO]({{site.baseurl}}/docs/single-sign-on/oidc).
For a general overview on OIDC, see [Setting up OIDC Federated SSO]({{site.baseurl}}/docs/administration/single-sign-on/oidc).

Set up OIDC SSO for Azure in Codefresh by:
1. Registering the Codefresh application in Azure
Expand DownExpand Up@@ -244,5 +243,5 @@ You have now completed the SSO setup for Azure using OIDC.


## Related articles
[Federated Single Sign-On (SSO) overview]({{site.baseurl}}/docs/single-sign-on/single-sign-on/)
[Common configuration for SSO providers]({{site.baseurl}}/docs/single-sign-on/team-sync)
[Federated Single Sign-On (SSO) overview]({{site.baseurl}}/docs/administration/single-sign-on/)
[Common configuration for SSO providers]({{site.baseurl}}/docs/administration/single-sign-on/team-sync)
View file
Open in desktop
Original file line numberDiff line numberDiff line change
@@ -1,18 +1,16 @@
---
title: "Google SSO via OIDC"
description: "Set up Google SSO for OIDC"
group: single-sign-on
sub_group: oidc
redirect_from:
- /docs/enterprise/sso-google/
- /docs/enterprise/single-sign-on/sso-google/
- /docs/administration/single-sign-on/sso-google/

- /docs/single-sign-on/oidc/oidc-google/
toc: true
---

Set up SSO for Google using OIDC.
For a general overview on OIDC, see [Setting up OIDC Federated SSO]({{site.baseurl}}/docs/single-sign-on/oidc).
For a general overview on OIDC, see [Setting up OIDC Federated SSO]({{site.baseurl}}/docs/administration/single-sign-on/oidc).

Set up OIDC SSO for Google in Codefresh by:
1. Creating the client secret in Google
Expand All@@ -30,6 +28,10 @@ Set up OIDC SSO for Google in Codefresh by:
* From the **Application type** drop-down, select **Web application**.
* Enter a **Name** for your integration (user-defined).
* For **Authorized JavaScript origins**, **URIs**, enter, `https://g.codefresh.io`.
* Select **Create**.
* From the OAUth client created dialog, note down **Your Client ID** and **Your Client Secret**.
You will need the Client ID and secret to configure SSO for Google in Codefresh.


{% include image.html
lightbox="true"
Expand All@@ -40,8 +42,7 @@ Set up OIDC SSO for Google in Codefresh by:
max-width="70%"
%}

* Select **Create**.
* From the OAUth client created dialog, note down **Your Client ID** and **Your Client Secret**.


{% include image.html
lightbox="true"
Expand All@@ -52,16 +53,15 @@ Set up OIDC SSO for Google in Codefresh by:
max-width="70%"
%}

You will need the Client ID and secret to configure SSO for Google in Codefresh.

{:start="5"}
1. Continue with [Step 2: Configure team synchronization settings in Google](#step-2-configure-team-synchronization-settings-in-google).

## Step 2: Configure team synchronization settings in Google
When you configure SSO settings for Google OIDC in Codefresh, you can sync teams through a:
* Service account
* Service account
OR
* Custom schema
* Custom schema

For both sync methods, you must configure settings in Google.

### Create service account in Google Console to synchronize teams
Expand All@@ -78,7 +78,7 @@ To synchronize users and teams through a service account, create a service accou
url="/images/sso/google/serviceAccount2.png"
alt="Creating a service account in Google"
caption="Creating a service account in Google"
max-width="30%"
max-width="60%"
%}

{:start=2"}
Expand All@@ -95,7 +95,7 @@ To synchronize users and teams through a service account, create a service accou
url="/images/sso/google/serviceAccount3.png"
alt="Creating a JSON key"
caption="Creating a JSON key"
max-width="30%"
max-width="60%"
%}

{:start="4"}
Expand DownExpand Up@@ -146,7 +146,7 @@ file="/images/sso/google/map-attributes.png"
url="/images/sso/google/map-attributes.png"
alt="Attribute Mappings screen in GSuite"
caption="Attribute Mappings screen in GSuite"
max-width="40%"
max-width="60%"
%}

{:start="5"}
Expand All@@ -158,7 +158,7 @@ file="/images/sso/google/google-gusite-user-info.png"
url="/images/sso/google/google-gusite-user-info.png"
alt="User Information screen in GSuite"
caption="User Information screen in GSuite"
max-width="40%"
max-width="60%"
%}

{:start="6"}
Expand DownExpand Up@@ -187,7 +187,7 @@ max-width="40%"
url="/images/sso/google/sso-codefresh-settings.png"
alt="SSO settings for Google in Codefresh"
caption="SSO settings for Google in Codefresh"
max-width="30%"
max-width="60%"
%}

{:start="4"}
Expand DownExpand Up@@ -228,7 +228,7 @@ max-width="40%"
url="/images/sso/google/googleSSO3.png"
alt="Redirect URI"
caption="Redirect URI"
max-width="30%"
max-width="60%"
%}

You have now completed SSO setup for Google via OIDC.
Expand All@@ -245,6 +245,6 @@ Now test the SSO with a test user in a different browser or private/incognito br
1. In a different browser or private/incognito browser window use the Corporate option to log in.

## Related articles
[Federated Single Sign-On (SSO) overview]({{site.baseurl}}/docs/single-sign-on/single-sign-on/)
[Setting up OIDC Federated SSO]({{site.baseurl}}/docs/single-sign-on/oidc)
[Common configuration for SSO providers]({{site.baseurl}}/docs/single-sign-on/team-sync)
[Federated Single Sign-On (SSO) overview]({{site.baseurl}}/docs/administration/single-sign-on/)
[Setting up OIDC Federated SSO]({{site.baseurl}}/docs/administration/single-sign-on/oidc)
[Common configuration for SSO providers]({{site.baseurl}}/docs/administration/single-sign-on/team-sync)
Loading
[8]ページ先頭
©2009-2025 Movatter.jp