docs: fix nextcloud docs using wrong fields

This commit is contained in:
Jens Langhammer 2021-01-26 22:10:00 +01:00
parent 9a7b343120
commit f663b66c19
1 changed files with 6 additions and 4 deletions

View File

@ -27,10 +27,11 @@ The following placeholders will be used:
Create an application in authentik and note the slug, as this will be used later. Create a SAML provider with the following parameters: Create an application in authentik and note the slug, as this will be used later. Create a SAML provider with the following parameters:
- ACS URL: `https://nextcloud.company/apps/user_saml/saml/metadata` - ACS URL: `https://nextcloud.company/apps/user_saml/saml/acs`
- Audience: `https://nextcloud.company/apps/user_saml/saml/acs`
- Issuer: `https://authentik.company` - Issuer: `https://authentik.company`
- Service Provider Binding: `Post` - Service Provider Binding: `Post`
- Audience: `https://nextcloud.company/apps/user_saml/saml/metadata`
- Signing Keypair: Select any certificate you have.
- Property mappings: Select all Autogenerated mappings. - Property mappings: Select all Autogenerated mappings.
You can of course use a custom signing certificate, and adjust durations. You can of course use a custom signing certificate, and adjust durations.
@ -41,14 +42,15 @@ In NextCloud, navigate to `Settings`, then `SSO & SAML Authentication`.
Set the following values: Set the following values:
- Attribute to map the UID to.: `urn:oid:0.9.2342.19200300.100.1.1` - Attribute to map the UID to.: `urn:oid:2.16.840.1.113730.3.1.241`
- Optional display name of the identity provider (default: "SSO & SAML log in"): `authentik` - Optional display name of the identity provider (default: "SSO & SAML log in"): `authentik`
- Identifier of the IdP entity (must be a URI): `https://authentik.company` - Identifier of the IdP entity (must be a URI): `https://authentik.company`
- URL Target of the IdP where the SP will send the Authentication Request Message: `https://authentik.company/application/saml/<application-slug>/sso/binding/redirect/` - URL Target of the IdP where the SP will send the Authentication Request Message: `https://authentik.company/application/saml/<application-slug>/sso/binding/redirect/`
- Public X.509 certificate of the IdP: Copy the PEM of the Selected Signing Certificate
Under Attribute mapping, set these values: Under Attribute mapping, set these values:
- Attribute to map the displayname to.: `urn:oid:2.16.840.1.113730.3.1.241` - Attribute to map the displayname to.: `urn:oid:2.5.4.3`
- Attribute to map the email address to.: `urn:oid:0.9.2342.19200300.100.1.3` - Attribute to map the email address to.: `urn:oid:0.9.2342.19200300.100.1.3`
- Attribute to map the users groups to.: `member-of` - Attribute to map the users groups to.: `member-of`