docs: replace Autogenerated with managed mappings

This commit is contained in:
Jens Langhammer 2021-02-16 19:18:57 +01:00
parent 61604adf9a
commit 0ade57b5a6
6 changed files with 13 additions and 10 deletions

View file

@ -32,7 +32,7 @@ Create an application in authentik and note the slug, as this will be used later
- Service Provider Binding: `Post` - Service Provider Binding: `Post`
- Audience: `https://nextcloud.company/apps/user_saml/saml/metadata` - Audience: `https://nextcloud.company/apps/user_saml/saml/metadata`
- Signing Keypair: Select any certificate you have. - Signing Keypair: Select any certificate you have.
- Property mappings: Select all Autogenerated mappings. - Property mappings: Select all Managed mappings.
You can of course use a custom signing certificate, and adjust durations. You can of course use a custom signing certificate, and adjust durations.

View file

@ -27,7 +27,7 @@ Create an application in authentik. Create a SAML Provider with the following va
- Audience: `https://sentry.company/saml/metadata/<sentry organisation name>/` - Audience: `https://sentry.company/saml/metadata/<sentry organisation name>/`
- Issuer: `authentik` - Issuer: `authentik`
- Service Provider Binding: `Post` - Service Provider Binding: `Post`
- Property Mapping: Select all Autogenerated Mappings - Property Mapping: Select all Managed Mappings
## Sentry ## Sentry

View file

@ -25,7 +25,7 @@ Landscape uses the OpenID-Connect Protocol for single-sign on.
## authentik Setup ## authentik Setup
Create an OAuth2/OpenID-Connect Provider with the default settings. Set the Redirect URIs to `https://landscape.company/login/handle-openid`. Select all Autogenerated Scopes. Create an OAuth2/OpenID-Connect Provider with the default settings. Set the Redirect URIs to `https://landscape.company/login/handle-openid`. Select all Managed Scopes.
Keep Note of the Client ID and the Client Secret. Keep Note of the Client ID and the Client Secret.

View file

@ -47,7 +47,7 @@ return {
If your Active Directory Schema is the same as your Email address schema, skip to Step 3. If your Active Directory Schema is the same as your Email address schema, skip to Step 3.
::: :::
Under _Sources_, click _Edit_ and ensure that "Autogenerated Active Directory Mapping: userPrincipalName -> attributes.upn" has been added to your source. Under _Sources_, click _Edit_ and ensure that "authentik default Active Directory Mapping: userPrincipalName" has been added to your source.
### Step 3 ### Step 3

View file

@ -12,11 +12,14 @@ SAML Property Mappings allow you embed information into the SAML AuthN request.
LDAP Property Mappings are used when you define a LDAP Source. These mappings define which LDAP property maps to which authentik property. By default, the following mappings are created: LDAP Property Mappings are used when you define a LDAP Source. These mappings define which LDAP property maps to which authentik property. By default, the following mappings are created:
- Autogenerated LDAP Mapping: givenName -> first_name - authentik default Active Directory Mapping: givenName
- Autogenerated LDAP Mapping: mail -> email - authentik default Active Directory Mapping: sAMAccountName
- Autogenerated LDAP Mapping: name -> name - authentik default Active Directory Mapping: sn
- Autogenerated LDAP Mapping: sAMAccountName -> username - authentik default Active Directory Mapping: userPrincipalName
- Autogenerated LDAP Mapping: sn -> last_name - authentik default LDAP Mapping: mail
- authentik default LDAP Mapping: Name
- authentik default OpenLDAP Mapping: cn
- authentik default OpenLDAP Mapping: uid
These are configured with most common LDAP setups. These are configured with most common LDAP setups.

View file

@ -3,7 +3,7 @@ title: SAML Provider
--- ---
This provider allows you to integrate enterprise software using the SAML2 Protocol. It supports signed requests and uses [Property Mappings](../property-mappings/index.md#saml-property-mapping) to determine which fields are exposed and what values they return. This makes it possible to expose vendor-specific fields. This provider allows you to integrate enterprise software using the SAML2 Protocol. It supports signed requests and uses [Property Mappings](../property-mappings/index.md#saml-property-mapping) to determine which fields are exposed and what values they return. This makes it possible to expose vendor-specific fields.
Default fields are exposed through auto-generated Property Mappings, which are prefixed with "Autogenerated". Default fields are exposed through auto-generated Property Mappings, which are prefixed with "authentik default".
| Endpoint | URL | | Endpoint | URL |
| ---------------------- | ------------------------------------------------------------ | | ---------------------- | ------------------------------------------------------------ |