add generic sso authenciation page and SP-initiated SSO on Okta (#17494)

* add generic sso authenciation page and SP-initiated SSO on Okta * Rename docs/cloud/manage/sso-authentication.md to docs/netdata-cloud/sso-authentication.md * Update metadata.yaml * add category overview page and rename sso file to its title * alter script to send auth integrations to desired folder * alter script to send auth integrations to desired folder * add content on the authentication & authorization main page --------- Co-authored-by: Fotis Voutsas <fotis@netdata.cloud>
author: Hugo Valente <82235632+hugovalente-pm@users.noreply.github.com> 2024-04-23 13:26:21 +0100
committer: GitHub <noreply@github.com> 2024-04-23 12:26:21 +0000
commit: fbd3e485ee7079ba756e688453bf375230783540 (patch)
tree: fdacc215f16281f2ede7c799ef882360f42a37b3
parent: 9184c37c92f8915c04caaecd8827946910cc1ea4 (diff)
5 files changed, 57 insertions, 2 deletions
diff --git a/docs/category-overview-pages/authentication-and-authorization.md b/docs/category-overview-pages/authentication-and-authorization.md
new file mode 100644
index 0000000000..7c372f9648
--- /dev/null
+++ b/docs/category-overview-pages/authentication-and-authorization.md
@@ -0,0 +1,11 @@
+# Authentication & Authorization
+
+This section contains documentation about the way Netdata allows users to Authenticate with Netdata Cloud and how
+they can manage the Authorization flows controlling what their teammates can access and do on Netdaata Cloud.
+
+For more details on these topics please check:
+* [Sign in to Netdata](https://github.com/netdata/netdata/blob/master/docs/cloud/manage/sign-in.md)
+* [Enterprise SSO Authentication](https://github.com/netdata/netdata/blob/master/docs/netdata-cloud/enterprise-sso-authentication.md)
+* [Organize Your Infrastructure and Invite your Team](https://github.com/netdata/netdata/blob/master/docs/cloud/manage/organize-your-infrastrucutre-invite-your-team.md)
+* [Netdata's Role-Based Access model](https://github.com/netdata/netdata/blob/master/docs/cloud/manage/role-based-access.md)
+
diff --git a/docs/netdata-cloud/enterprise-sso-authentication.md b/docs/netdata-cloud/enterprise-sso-authentication.md
new file mode 100644
index 0000000000..61b1a4e37e
--- /dev/null
+++ b/docs/netdata-cloud/enterprise-sso-authentication.md
@@ -0,0 +1,36 @@
+# Enterprise SSO Authentication
+
+Netdata provides you with means to streamline and control how your team connects and authenticates to Netdata Cloud. We provide
+ diferent Single Sign-On (SSO) integrations that allow you to connect with the tool that your organization is using to manage your 
+ user accounts.
+
+ > ❗ This feature focus is on the Authentication flow, it doesn't support the Authorization with managing Users and Roles.
+
+
+## How to set it up?
+
+If you want to setup your Netdata Space to allow user Authentication through an Enterprise SSO tool you need to:
+* Confirm the integration to the tool you want is available ([Authentication integations](tbd))
+* Have a Netdata Cloud account
+* Have Access to the Space as an administrator
+* Your Space needs to be on the Business plan or higher
+
+Once you ensure the above prerequisites you need to:
+1. Click on the Space settings cog (located above your profile icon)
+2. Click on the Authentication tab
+3. Select the card for the integration you are looking for, click on Configure
+4. Fill the required attributes need to establish the integration with the tool
+
+
+## How to authenticate to Netdata?
+
+### From Netdata Sign-up page
+
+If you're starting your flow from Netdata sign-in page you need to:
+1. Click on the link `Sign-in with an Enterprise Signle Sign-On (SSO)`
+2. Enter your email address 
+3. Go to your mailbox and check the `Sign In to Nedata` email that you have received
+4. Click on the **Sign In** button
+
+Note: If you're not authenticated on the Enterprise SSO tool you'll be prompted to authenticate there
+first before being allowed to proceed to Netdata Cloud.
diff --git a/integrations/cloud-authentication/integrations/okta_sso.md b/integrations/cloud-authentication/integrations/okta_sso.md
index a7f416dea0..aeb1c0e7f7 100644
--- a/integrations/cloud-authentication/integrations/okta_sso.md
+++ b/integrations/cloud-authentication/integrations/okta_sso.md
@@ -3,7 +3,7 @@ custom_edit_url: "https://github.com/netdata/netdata/edit/master/integrations/cl
 meta_yaml: "https://github.com/netdata/netdata/edit/master/integrations/cloud-authentication/metadata.yaml"
 sidebar_label: "Okta SSO"
 learn_status: "Published"
-learn_rel_path: "Authentication"
+learn_rel_path: "Netdata Cloud/Authentication & Authorization/Cloud Authentication & Authorization Integrations"
 message: "DO NOT EDIT THIS FILE DIRECTLY, IT IS GENERATED BY THE AUTHENTICATION'S metadata.yaml FILE"
 endmeta-->
 
@@ -44,4 +44,8 @@ Steps needed to be done on Okta Admin Portal:
     - **Client ID** you can get it from **General** tab on application you configured on Okta
     - **Client Secret** you can get it from **General** tab on application you configured on Okta
 
+### SP-initiated SSO
+
+If you start your authentication flow from Netdata sign-in page please check [these steps](https://github.com/netdata/netdata/blob/master/docs/netdata-cloud/enterprise-sso-authentication.md).
+
 
diff --git a/integrations/cloud-authentication/metadata.yaml b/integrations/cloud-authentication/metadata.yaml
index 18925d5d53..d747961286 100644
--- a/integrations/cloud-authentication/metadata.yaml
+++ b/integrations/cloud-authentication/metadata.yaml
@@ -39,3 +39,7 @@
           - **Issuer URL** you can get it from your profile icon on top, e.g. `https://company-name.okta.com`
           - **Client ID** you can get it from **General** tab on application you configured on Okta
           - **Client Secret** you can get it from **General** tab on application you configured on Okta
+
+      ### SP-initiated SSO
+
+      If you start your authentication flow from Netdata sign-in page please check [these steps](https://github.com/netdata/netdata/blob/master/docs/netdata-cloud/enterprise-sso-authentication.md).
diff --git a/integrations/gen_docs_integrations.py b/integrations/gen_docs_integrations.py
index 27d2ce72e3..2a35efb2b3 100644
--- a/integrations/gen_docs_integrations.py
+++ b/integrations/gen_docs_integrations.py
@@ -265,7 +265,7 @@ endmeta-->
 meta_yaml: "{meta_yaml}"
 sidebar_label: "{sidebar_label}"
 learn_status: "Published"
-learn_rel_path: "{learn_rel_path.replace("authentication", "Authentication")}"
+learn_rel_path: "{learn_rel_path.replace("authentication", "Netdata Cloud/Authentication & Authorization/Cloud Authentication & Authorization Integrations")}"
 message: "DO NOT EDIT THIS FILE DIRECTLY, IT IS GENERATED BY THE AUTHENTICATION'S metadata.yaml FILE"
 endmeta-->
author	Hugo Valente <82235632+hugovalente-pm@users.noreply.github.com>	2024-04-23 13:26:21 +0100
committer	GitHub <noreply@github.com>	2024-04-23 12:26:21 +0000
commit	fbd3e485ee7079ba756e688453bf375230783540 (patch)
tree	fdacc215f16281f2ede7c799ef882360f42a37b3
parent	9184c37c92f8915c04caaecd8827946910cc1ea4 (diff)