Skip to content

Latest commit

 

History

History
73 lines (58 loc) · 3.34 KB

OKTA_SAML.md

File metadata and controls

73 lines (58 loc) · 3.34 KB
Raw

Okta Authentication via SAML

  • AppFlowy supports Identity Provider(Idp) that uses SAML Assertion
  • One example of such Idp is Okta
  • After the setup, you will be able to launch AppFlowy from Okta
  • Feel free to reach us on Discord or create a GitHub issue if you have any problems related to the integration

Getting started

  • This guide assumes the following
    • You are an Admin of Okta Identity Provider
    • You have AppFlowy-Cloud deployed Deployment

Steps (Okta)

Click On Admin

  • Click "Admin" on the top right corner of Okta dashboard/home page

Click On Applications

  • Click the top left menu bar, then under "Applications", click "Applications"

Create App Integration

  • Click "Create App Integration"

Choose SAML then next

  • Select SAML 2.0 then click "Next"

Okta create App

  • In general settings, use "AppFlowy" as "App name"
  • Optional: Select a logo
  • Click "Next"

Configure SAML Integration In General

  • Use https://<your_host>/gotrue/sso/saml/acs for "Single sign-on URL"
  • Use https://<your_host>/gotrue/sso/saml/metadata for "Audience URI (SP Entity ID)" In Attribute Statements (optional)
  • Use email for "Name"
  • Select "user.email" in the drop down for "Value"
  • Click "Next"

SAML Integration Feedback

  • Use https://<your_host>/gotrue/sso/saml/acs for "Single sign-on URL"
  • Use https://<your_host>/gotrue/sso/saml/metadata for "Audience URI (SP Entity ID)" In Attribute Statements (optional)
  • Select "I'm an Okta customer adding an internal app"
  • Tick "This is an internal app that we have created"
  • Click "Finish"

Steps (AppFlowy)

AppFlowy Click Admin

  • Login as Admin in https://<your_host>/web/login
  • Click "Admin" on the top right corner

AppFlowy Click Admin

  • Login as Admin in https://<your_host>/web/login
  • Click "Admin" on the top right corner

Copy Metadata URL

  • Go back to okta, navigate to "Applications" -> "AppFlowy" -> "Sign On", then copy the Metadata URL

AppFlowy Create SSO

  • In AppFlowy Admin page, Click on "Create SSO" on the left, paste the Metadata URL, then click "Create"

Check SSO

  • In AppFlowy Admin page, Click on "List SSO", you should see the SSO being created

App Visibility

In order for AppFlowy to be available for users, you may need to do the following Assign AppFlowy

  • In okta Admin -> "Applications" -> "AppFlowy", click on the settings icon
  • Assign to various user or groups as needed by your organisation

Open AppFlowy

  • In okta user page, you should see "AppFlowy" added
  • Clicking on it should launch the App