Missing information in Okta conditional access guide

[rachaelshaw]

Fleet version: 4.78.0

---

💥  Actual behavior

The following information is missing from the Okta conditional access guide:

• Infrastructure requirements (specifically for on-prem deployments)
  • Getting mTLS cert: /api/fleet/conditional_access/scep?operation=GetCACert
• Steps to disconnect conditional access on the Okta side
• Where to download the Okta cert
• What to put in these fields. Example

IdP Issuer URI 
https://one.fleetdm.site/api/fleet/conditional_access/idp/metadata
IdP Single Sign-On URL 
https://okta.one.fleetdm.site/api/fleet/conditional_access/idp/sso
Destination 
https://okta.one.fleetdm.site/api/fleet/conditional_access/idp/sso

• Add Fleet IdP authenticator in Okta (Security -> Authenticators)
• Add Fleet to an authentication policy
• How to make sure this only applies to macOS hosts

🛠️ To fix

Update guide to include the missing information

🧑‍💻  Steps to reproduce

These steps:

• Have been confirmed to consistently lead to reproduction in multiple Fleet instances.
• Describe the workflow that led to the error, but have not yet been reproduced in multiple Fleet instances.

1. TODO
2. TODO

🕯️ More info (optional)

N/A