You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Add new $FLEET_VAR_HOST_END_USER_IDP_FULL_NAME variable as specified in this YAML reference PR.
When a host doesn't have a full name (or empty), the profile should show up as "Failed" for that host with an easy to understand error message that mirrors the error messages we show for the currently supported variables.
UI changes: No changes
CLI (fleetctl) usage changes: No changes
YAML changes: No changes
REST API changes: No changes
Fleet's agent (fleetd) changes: No changes
GitOps Mode UI changes: No changes
GitOps generation changes: No changes
Activity changes: No changes
Permissions changes: No changes
Changes to paid features or tiers: Fleet Premium only
My device and fleetdm.com/better changes: No changes
ℹ️ Please read this issue carefully and understand it. Pay special attention to UI wireframes, especially "dev notes".
QA
Risk assessment
Requires load testing: No
Risk level: Low
Test plan
Make sure to go through the list and consider all events that might be related to this story, so we catch edge cases earlier.
Using an IdP (one of Okta, Entra ID, Google Workspace, and Authentik), create a user and add the givenName (SCIM way of saying "first name") and familyName ("last name") to construct the end user's full name. Also take note of the (userName) (email most of the time)
Automatically enroll a macOS host and when you hit the local account creation screen, create a user with the same email as the user you created in your IdP. See comment
Verify that the "Full name" shows up on the host's Host details page.
Create a configuration profiles with the variable $FLEET_VAR_HOST_END_USER_IDP_FULL_NAME and add it to Fleet.
When a host has a full name, verify that the full name is populated when you inspect that profile locally on a host (System Settings > Device Management)
When a host has a full name in Fleet that's constructed with only the first name from the IdP, verify that the first name is what appears in the profile. Repeat this for the last name. see comment
When a host doesn't have a full name (or empty), the profile should show up as "Failed" for that host. Verify that you see an easy to understand error message on the Host details and My device pages.
In the IdP, update an end user's full name. Verify that the full name changes in Fleet (Host details page and API that powers it). Verify that Fleet resends the configuration profile that includes the $FLEET_VAR_HOST_END_USER_IDP_FULL_NAME variable.
In the IdP, when configuring the SCIM app, don't map first name and last name. Save the app in the IdP and verify that you see an error message in Fleet under Settings > Integrations > IdP. Verify that an error shows up in Okta and share a screenshot of the error in the the comment section of this story.
Testing notes
Confirmation
Engineer: Added comment to user story confirming successful completion of test plan.
QA: Added comment to user story confirming successful completion of test plan.
Goal
Roadmap item
💻 Inject foreign host vitals from your identity provider (IdP) and variables in scripts and configuration profiles
Original requests
customer-reedtimmer's needs.Context
Changes
Product
$FLEET_VAR_HOST_END_USER_IDP_FULL_NAMEvariable as specified in this YAML reference PR.Engineering
QA
Risk assessment
Test plan
Using an IdP (one of Okta, Entra ID, Google Workspace, and Authentik), create a user and add the
givenName(SCIM way of saying "first name") andfamilyName("last name") to construct the end user's full name. Also take note of the (userName) (email most of the time)Automatically enroll a macOS host and when you hit the local account creation screen, create a user with the same email as the user you created in your IdP.See commentVerify that the "Full name" shows up on the host's Host details page.
Create a configuration profiles with the variable
$FLEET_VAR_HOST_END_USER_IDP_FULL_NAMEand add it to Fleet.When a host has a full name in Fleet that's constructed with only the first name from the IdP, verify that the first name is what appears in the profile. Repeat this for the last name.see commentIn the IdP, update an end user's full name. Verify that the full name changes in Fleet (Host details page and API that powers it). Verify that Fleet resends the configuration profile that includes the
$FLEET_VAR_HOST_END_USER_IDP_FULL_NAMEvariable.In the IdP, when configuring the SCIM app, don't map first name and last name. Save the app in the IdP and verify that you see an error message in Fleet under Settings > Integrations > IdP. Verify that an error shows up in Okta and share a screenshot of the error in the the comment section of this story.
Testing notes
Confirmation