diff --git a/docs/integrations/as-sp/gitlab/index.md b/docs/integrations/as-sp/gitlab/index.md index 78b4e78ef..33de33dcb 100644 --- a/docs/integrations/as-sp/gitlab/index.md +++ b/docs/integrations/as-sp/gitlab/index.md @@ -1,6 +1,12 @@ # GitLab Integration -GitLab can authenticate against passbook using SAML. +## What is GitLab + +From https://about.gitlab.com/what-is-gitlab/ + +``` +GitLab is a complete DevOps platform, delivered as a single application. This makes GitLab unique and makes Concurrent DevOps possible, unlocking your organization from the constraints of a pieced together toolchain. Join us for a live Q&A to learn how GitLab can give you unmatched visibility and higher levels of efficiency in a single application across the DevOps lifecycle. +``` ## Preparation @@ -11,9 +17,9 @@ The following placeholders will be used: Create an application in passbook and note the slug, as this will be used later. Create a SAML Provider with the following Parameters: -- `ACS URL`: https://gitlab.company/users/auth/saml/callback -- `Audience`: https://gitlab.company -- `Issuer`: https://gitlab.company +- ACS URL: `https://gitlab.company/users/auth/saml/callback` +- Audience: `https://gitlab.company` +- Issuer: `https://gitlab.company` You can of course use a custom Signing Certificate, and adjust the Assertion Length. To get the value for `idp_cert_fingerprint`, you can use a tool like [this](https://www.samltool.com/fingerprint.php). diff --git a/docs/integrations/as-sp/harbor/harbor.png b/docs/integrations/as-sp/harbor/harbor.png new file mode 100644 index 000000000..c25e0032e Binary files /dev/null and b/docs/integrations/as-sp/harbor/harbor.png differ diff --git a/docs/integrations/as-sp/harbor/index.md b/docs/integrations/as-sp/harbor/index.md new file mode 100644 index 000000000..13c190181 --- /dev/null +++ b/docs/integrations/as-sp/harbor/index.md @@ -0,0 +1,28 @@ +# Harbor Integration + +## What is Harbor + +From https://goharbor.io + +``` +Harbor is an open source container image registry that secures images with role-based access control, scans images for vulnerabilities, and signs images as trusted. A CNCF Incubating project, Harbor delivers compliance, performance, and interoperability to help you consistently and securely manage images across cloud native compute platforms like Kubernetes and Docker. +``` + +## Preparation + +The following placeholders will be used: + +- `harbor.company` is the FQDN of the Harbor Install +- `passbook.company` is the FQDN of the passbook Install + +Create an application in passbook. Create an OpenID Provider with the following Parameters: + +- Client Type: `Confidential` +- Response types: `code (Authorization Code Flow)` +- JWT Algorithm: `RS256` +- Redirect URIs: `https://harbor.company/c/oidc/callback` +- Scopes: `openid` + +## Harbor + +![](./harbor.png) diff --git a/docs/integrations/as-sp/rancher/index.md b/docs/integrations/as-sp/rancher/index.md index aa794fdbb..498280527 100644 --- a/docs/integrations/as-sp/rancher/index.md +++ b/docs/integrations/as-sp/rancher/index.md @@ -1,6 +1,13 @@ # Rancher Integration -Rancher can authenticate against passbook using SAML. +## What is Rancher + +From https://rancher.com/products/rancher + +``` +An Enterprise Platform for Managing Kubernetes Everywhere +Rancher is a platform built to address the needs of the DevOps teams deploying applications with Kubernetes, and the IT staff responsible for delivering an enterprise-critical service. +``` ## Preparation @@ -11,12 +18,12 @@ The following placeholders will be used: Create an application in passbook and note the slug, as this will be used later. Create a SAML Provider with the following Parameters: -- `ACS URL`: https://rancher.company/v1-saml/adfs/saml/acs -- `Audience`: https://rancher.company/v1-saml/adfs/saml/metadata -- `Issuer`: passbook +- ACS URL: `https://rancher.company/v1-saml/adfs/saml/acs` +- Audience: `https://rancher.company/v1-saml/adfs/saml/metadata` +- Issuer: `passbook` You can of course use a custom Signing Certificate, and adjust the Assertion Length. ## Rancher -![aaa](./rancher.png) +![](./rancher.png)