docs: replace Autogenerated with managed mappings
This commit is contained in:
parent
61604adf9a
commit
0ade57b5a6
|
@ -32,7 +32,7 @@ Create an application in authentik and note the slug, as this will be used later
|
||||||
- Service Provider Binding: `Post`
|
- Service Provider Binding: `Post`
|
||||||
- Audience: `https://nextcloud.company/apps/user_saml/saml/metadata`
|
- Audience: `https://nextcloud.company/apps/user_saml/saml/metadata`
|
||||||
- Signing Keypair: Select any certificate you have.
|
- Signing Keypair: Select any certificate you have.
|
||||||
- Property mappings: Select all Autogenerated mappings.
|
- Property mappings: Select all Managed mappings.
|
||||||
|
|
||||||
You can of course use a custom signing certificate, and adjust durations.
|
You can of course use a custom signing certificate, and adjust durations.
|
||||||
|
|
||||||
|
|
|
@ -27,7 +27,7 @@ Create an application in authentik. Create a SAML Provider with the following va
|
||||||
- Audience: `https://sentry.company/saml/metadata/<sentry organisation name>/`
|
- Audience: `https://sentry.company/saml/metadata/<sentry organisation name>/`
|
||||||
- Issuer: `authentik`
|
- Issuer: `authentik`
|
||||||
- Service Provider Binding: `Post`
|
- Service Provider Binding: `Post`
|
||||||
- Property Mapping: Select all Autogenerated Mappings
|
- Property Mapping: Select all Managed Mappings
|
||||||
|
|
||||||
## Sentry
|
## Sentry
|
||||||
|
|
||||||
|
|
|
@ -25,7 +25,7 @@ Landscape uses the OpenID-Connect Protocol for single-sign on.
|
||||||
|
|
||||||
## authentik Setup
|
## authentik Setup
|
||||||
|
|
||||||
Create an OAuth2/OpenID-Connect Provider with the default settings. Set the Redirect URIs to `https://landscape.company/login/handle-openid`. Select all Autogenerated Scopes.
|
Create an OAuth2/OpenID-Connect Provider with the default settings. Set the Redirect URIs to `https://landscape.company/login/handle-openid`. Select all Managed Scopes.
|
||||||
|
|
||||||
Keep Note of the Client ID and the Client Secret.
|
Keep Note of the Client ID and the Client Secret.
|
||||||
|
|
||||||
|
|
|
@ -47,7 +47,7 @@ return {
|
||||||
If your Active Directory Schema is the same as your Email address schema, skip to Step 3.
|
If your Active Directory Schema is the same as your Email address schema, skip to Step 3.
|
||||||
:::
|
:::
|
||||||
|
|
||||||
Under _Sources_, click _Edit_ and ensure that "Autogenerated Active Directory Mapping: userPrincipalName -> attributes.upn" has been added to your source.
|
Under _Sources_, click _Edit_ and ensure that "authentik default Active Directory Mapping: userPrincipalName" has been added to your source.
|
||||||
|
|
||||||
### Step 3
|
### Step 3
|
||||||
|
|
||||||
|
|
|
@ -12,11 +12,14 @@ SAML Property Mappings allow you embed information into the SAML AuthN request.
|
||||||
|
|
||||||
LDAP Property Mappings are used when you define a LDAP Source. These mappings define which LDAP property maps to which authentik property. By default, the following mappings are created:
|
LDAP Property Mappings are used when you define a LDAP Source. These mappings define which LDAP property maps to which authentik property. By default, the following mappings are created:
|
||||||
|
|
||||||
- Autogenerated LDAP Mapping: givenName -> first_name
|
- authentik default Active Directory Mapping: givenName
|
||||||
- Autogenerated LDAP Mapping: mail -> email
|
- authentik default Active Directory Mapping: sAMAccountName
|
||||||
- Autogenerated LDAP Mapping: name -> name
|
- authentik default Active Directory Mapping: sn
|
||||||
- Autogenerated LDAP Mapping: sAMAccountName -> username
|
- authentik default Active Directory Mapping: userPrincipalName
|
||||||
- Autogenerated LDAP Mapping: sn -> last_name
|
- authentik default LDAP Mapping: mail
|
||||||
|
- authentik default LDAP Mapping: Name
|
||||||
|
- authentik default OpenLDAP Mapping: cn
|
||||||
|
- authentik default OpenLDAP Mapping: uid
|
||||||
|
|
||||||
These are configured with most common LDAP setups.
|
These are configured with most common LDAP setups.
|
||||||
|
|
||||||
|
|
|
@ -3,7 +3,7 @@ title: SAML Provider
|
||||||
---
|
---
|
||||||
|
|
||||||
This provider allows you to integrate enterprise software using the SAML2 Protocol. It supports signed requests and uses [Property Mappings](../property-mappings/index.md#saml-property-mapping) to determine which fields are exposed and what values they return. This makes it possible to expose vendor-specific fields.
|
This provider allows you to integrate enterprise software using the SAML2 Protocol. It supports signed requests and uses [Property Mappings](../property-mappings/index.md#saml-property-mapping) to determine which fields are exposed and what values they return. This makes it possible to expose vendor-specific fields.
|
||||||
Default fields are exposed through auto-generated Property Mappings, which are prefixed with "Autogenerated".
|
Default fields are exposed through auto-generated Property Mappings, which are prefixed with "authentik default".
|
||||||
|
|
||||||
| Endpoint | URL |
|
| Endpoint | URL |
|
||||||
| ---------------------- | ------------------------------------------------------------ |
|
| ---------------------- | ------------------------------------------------------------ |
|
||||||
|
|
Reference in a new issue