docs: replace Autogenerated with managed mappings

This commit is contained in:
Jens Langhammer 2021-02-16 19:18:57 +01:00
parent 61604adf9a
commit 0ade57b5a6
6 changed files with 13 additions and 10 deletions

View file

@ -32,7 +32,7 @@ Create an application in authentik and note the slug, as this will be used later
- Service Provider Binding: `Post`
- Audience: `https://nextcloud.company/apps/user_saml/saml/metadata`
- Signing Keypair: Select any certificate you have.
- Property mappings: Select all Autogenerated mappings.
- Property mappings: Select all Managed mappings.
You can of course use a custom signing certificate, and adjust durations.

View file

@ -27,7 +27,7 @@ Create an application in authentik. Create a SAML Provider with the following va
- Audience: `https://sentry.company/saml/metadata/<sentry organisation name>/`
- Issuer: `authentik`
- Service Provider Binding: `Post`
- Property Mapping: Select all Autogenerated Mappings
- Property Mapping: Select all Managed Mappings
## Sentry

View file

@ -25,7 +25,7 @@ Landscape uses the OpenID-Connect Protocol for single-sign on.
## authentik Setup
Create an OAuth2/OpenID-Connect Provider with the default settings. Set the Redirect URIs to `https://landscape.company/login/handle-openid`. Select all Autogenerated Scopes.
Create an OAuth2/OpenID-Connect Provider with the default settings. Set the Redirect URIs to `https://landscape.company/login/handle-openid`. Select all Managed Scopes.
Keep Note of the Client ID and the Client Secret.

View file

@ -47,7 +47,7 @@ return {
If your Active Directory Schema is the same as your Email address schema, skip to Step 3.
:::
Under _Sources_, click _Edit_ and ensure that "Autogenerated Active Directory Mapping: userPrincipalName -> attributes.upn" has been added to your source.
Under _Sources_, click _Edit_ and ensure that "authentik default Active Directory Mapping: userPrincipalName" has been added to your source.
### Step 3

View file

@ -12,11 +12,14 @@ SAML Property Mappings allow you embed information into the SAML AuthN request.
LDAP Property Mappings are used when you define a LDAP Source. These mappings define which LDAP property maps to which authentik property. By default, the following mappings are created:
- Autogenerated LDAP Mapping: givenName -> first_name
- Autogenerated LDAP Mapping: mail -> email
- Autogenerated LDAP Mapping: name -> name
- Autogenerated LDAP Mapping: sAMAccountName -> username
- Autogenerated LDAP Mapping: sn -> last_name
- authentik default Active Directory Mapping: givenName
- authentik default Active Directory Mapping: sAMAccountName
- authentik default Active Directory Mapping: sn
- authentik default Active Directory Mapping: userPrincipalName
- authentik default LDAP Mapping: mail
- authentik default LDAP Mapping: Name
- authentik default OpenLDAP Mapping: cn
- authentik default OpenLDAP Mapping: uid
These are configured with most common LDAP setups.

View file

@ -3,7 +3,7 @@ title: SAML Provider
---
This provider allows you to integrate enterprise software using the SAML2 Protocol. It supports signed requests and uses [Property Mappings](../property-mappings/index.md#saml-property-mapping) to determine which fields are exposed and what values they return. This makes it possible to expose vendor-specific fields.
Default fields are exposed through auto-generated Property Mappings, which are prefixed with "Autogenerated".
Default fields are exposed through auto-generated Property Mappings, which are prefixed with "authentik default".
| Endpoint | URL |
| ---------------------- | ------------------------------------------------------------ |