diff options
author | Hugo Valente <82235632+hugovalente-pm@users.noreply.github.com> | 2024-04-23 13:26:21 +0100 |
---|---|---|
committer | GitHub <noreply@github.com> | 2024-04-23 12:26:21 +0000 |
commit | fbd3e485ee7079ba756e688453bf375230783540 (patch) | |
tree | fdacc215f16281f2ede7c799ef882360f42a37b3 | |
parent | 9184c37c92f8915c04caaecd8827946910cc1ea4 (diff) |
add generic sso authenciation page and SP-initiated SSO on Okta (#17494)
* add generic sso authenciation page and SP-initiated SSO on Okta
* Rename docs/cloud/manage/sso-authentication.md to docs/netdata-cloud/sso-authentication.md
* Update metadata.yaml
* add category overview page and rename sso file to its title
* alter script to send auth integrations to desired folder
* alter script to send auth integrations to desired folder
* add content on the authentication & authorization main page
---------
Co-authored-by: Fotis Voutsas <fotis@netdata.cloud>
5 files changed, 57 insertions, 2 deletions
diff --git a/docs/category-overview-pages/authentication-and-authorization.md b/docs/category-overview-pages/authentication-and-authorization.md new file mode 100644 index 0000000000..7c372f9648 --- /dev/null +++ b/docs/category-overview-pages/authentication-and-authorization.md @@ -0,0 +1,11 @@ +# Authentication & Authorization + +This section contains documentation about the way Netdata allows users to Authenticate with Netdata Cloud and how +they can manage the Authorization flows controlling what their teammates can access and do on Netdaata Cloud. + +For more details on these topics please check: +* [Sign in to Netdata](https://github.com/netdata/netdata/blob/master/docs/cloud/manage/sign-in.md) +* [Enterprise SSO Authentication](https://github.com/netdata/netdata/blob/master/docs/netdata-cloud/enterprise-sso-authentication.md) +* [Organize Your Infrastructure and Invite your Team](https://github.com/netdata/netdata/blob/master/docs/cloud/manage/organize-your-infrastrucutre-invite-your-team.md) +* [Netdata's Role-Based Access model](https://github.com/netdata/netdata/blob/master/docs/cloud/manage/role-based-access.md) + diff --git a/docs/netdata-cloud/enterprise-sso-authentication.md b/docs/netdata-cloud/enterprise-sso-authentication.md new file mode 100644 index 0000000000..61b1a4e37e --- /dev/null +++ b/docs/netdata-cloud/enterprise-sso-authentication.md @@ -0,0 +1,36 @@ +# Enterprise SSO Authentication + +Netdata provides you with means to streamline and control how your team connects and authenticates to Netdata Cloud. We provide + diferent Single Sign-On (SSO) integrations that allow you to connect with the tool that your organization is using to manage your + user accounts. + + > ❗ This feature focus is on the Authentication flow, it doesn't support the Authorization with managing Users and Roles. + + +## How to set it up? + +If you want to setup your Netdata Space to allow user Authentication through an Enterprise SSO tool you need to: +* Confirm the integration to the tool you want is available ([Authentication integations](tbd)) +* Have a Netdata Cloud account +* Have Access to the Space as an administrator +* Your Space needs to be on the Business plan or higher + +Once you ensure the above prerequisites you need to: +1. Click on the Space settings cog (located above your profile icon) +2. Click on the Authentication tab +3. Select the card for the integration you are looking for, click on Configure +4. Fill the required attributes need to establish the integration with the tool + + +## How to authenticate to Netdata? + +### From Netdata Sign-up page + +If you're starting your flow from Netdata sign-in page you need to: +1. Click on the link `Sign-in with an Enterprise Signle Sign-On (SSO)` +2. Enter your email address +3. Go to your mailbox and check the `Sign In to Nedata` email that you have received +4. Click on the **Sign In** button + +Note: If you're not authenticated on the Enterprise SSO tool you'll be prompted to authenticate there +first before being allowed to proceed to Netdata Cloud. diff --git a/integrations/cloud-authentication/integrations/okta_sso.md b/integrations/cloud-authentication/integrations/okta_sso.md index a7f416dea0..aeb1c0e7f7 100644 --- a/integrations/cloud-authentication/integrations/okta_sso.md +++ b/integrations/cloud-authentication/integrations/okta_sso.md @@ -3,7 +3,7 @@ custom_edit_url: "https://github.com/netdata/netdata/edit/master/integrations/cl meta_yaml: "https://github.com/netdata/netdata/edit/master/integrations/cloud-authentication/metadata.yaml" sidebar_label: "Okta SSO" learn_status: "Published" -learn_rel_path: "Authentication" +learn_rel_path: "Netdata Cloud/Authentication & Authorization/Cloud Authentication & Authorization Integrations" message: "DO NOT EDIT THIS FILE DIRECTLY, IT IS GENERATED BY THE AUTHENTICATION'S metadata.yaml FILE" endmeta--> @@ -44,4 +44,8 @@ Steps needed to be done on Okta Admin Portal: - **Client ID** you can get it from **General** tab on application you configured on Okta - **Client Secret** you can get it from **General** tab on application you configured on Okta +### SP-initiated SSO + +If you start your authentication flow from Netdata sign-in page please check [these steps](https://github.com/netdata/netdata/blob/master/docs/netdata-cloud/enterprise-sso-authentication.md). + diff --git a/integrations/cloud-authentication/metadata.yaml b/integrations/cloud-authentication/metadata.yaml index 18925d5d53..d747961286 100644 --- a/integrations/cloud-authentication/metadata.yaml +++ b/integrations/cloud-authentication/metadata.yaml @@ -39,3 +39,7 @@ - **Issuer URL** you can get it from your profile icon on top, e.g. `https://company-name.okta.com` - **Client ID** you can get it from **General** tab on application you configured on Okta - **Client Secret** you can get it from **General** tab on application you configured on Okta + + ### SP-initiated SSO + + If you start your authentication flow from Netdata sign-in page please check [these steps](https://github.com/netdata/netdata/blob/master/docs/netdata-cloud/enterprise-sso-authentication.md). diff --git a/integrations/gen_docs_integrations.py b/integrations/gen_docs_integrations.py index 27d2ce72e3..2a35efb2b3 100644 --- a/integrations/gen_docs_integrations.py +++ b/integrations/gen_docs_integrations.py @@ -265,7 +265,7 @@ endmeta--> meta_yaml: "{meta_yaml}" sidebar_label: "{sidebar_label}" learn_status: "Published" -learn_rel_path: "{learn_rel_path.replace("authentication", "Authentication")}" +learn_rel_path: "{learn_rel_path.replace("authentication", "Netdata Cloud/Authentication & Authorization/Cloud Authentication & Authorization Integrations")}" message: "DO NOT EDIT THIS FILE DIRECTLY, IT IS GENERATED BY THE AUTHENTICATION'S metadata.yaml FILE" endmeta--> |