You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
SAML Authentication to the Enterprise Portal is Alpha and subject to change. To access this feature, a feature flag must be enabled for your team. For more information, reach out to your Replicated account representative.
49
49
:::
50
50
51
-
You can allow customers to configure and use SAML SSO for Enterprise Portal access. When enabled, customers can configure their IdP details in the Enterprise Portal. When disabled, even if customers have configured SAML, customers won't be able to use SAML SSO for Enterprise Portal access.
51
+
You can enable and disable SAML authentication for the Enterprise Portal on a per customer basis. When SAML authentication is enabled, the customer can set up SAML SSO logins for the Enterprise Portal using their identity provider (IdP). When SAML authentication is disabled, Enterprise Portal users are not able to log in using SAML, even if the customer had already configured SAML for their Enterprise Portal previously. For more information, see [About SAML Logins (Alpha)](enterprise-portal-use#about-saml) in _Log In and Use the Enterprise Portal_.
52
+
53
+
To enable SAML authentication:
54
+
55
+
1. In the Vendor Portal, go to **Customers** and select the target customer.
56
+
57
+
1. On the customer's page, go to **Enterprise Portal access**. In the **Authentication** section, enable the **SAML Authentication** toggle.
[View a larger version of this image](/images/enterprise-portal-saml-authentication.png)
56
62
63
+
After you enable SAML authentication, the customer can configure SAML in the Enterprise Portal using their IdP. For more information, see [Configure SAML Authentication (Alpha)](/vendor/enterprise-portal-use#saml) in _Log In and Use the Enterprise Portal_.
64
+
57
65
## Invite Users
58
66
59
67
This section describes how to invite users to the Enterprise Portal from the Vendor Portal. Your customers can also invite users to the Enterprise Portal from the Enterprise Portal **Team settings** page. For more information about using the **Team settings** page, see [Manage Users](enterprise-portal-use#manage-users) in _Access and Use the Enterprise Portal_.
Copy file name to clipboardExpand all lines: docs/vendor/enterprise-portal-use.mdx
+27-13Lines changed: 27 additions & 13 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -6,7 +6,11 @@ For information about how to access the Enterprise Portal for a customer from th
6
6
7
7
## Log In To the Enterprise Portal
8
8
9
-
### Log in From the Invitation Email
9
+
:::note
10
+
If SAML authentication has been enabled and configured for the Enterprise Portal it will be the preferred login method and attempted automatically. See [Configure SAML Authentication (Alpha)](#saml) below.
11
+
:::
12
+
13
+
### Log In From the Invitation Email
10
14
11
15
Users can log in to the Enterprise Portal after they are invited to join a team. See [Invite or Delete Users](#invite-or-delete-users) below.
12
16
@@ -40,21 +44,21 @@ To sign up for a self-service account and log in to the Enteprise Portal:
40
44
41
45
[View a larger version of this image](/images/self-serve-signup-screen.png)
42
46
43
-
1. Go to your email account and open the automated account creation email. Follow the link provided in the email to log in.
47
+
1. Go to your email account and open the automated account creation email. Follow the link provided in the email to log in.
44
48
45
-
### SAML Authentication (Alpha)
49
+
### About SAML Logins (Alpha){#about-saml}
46
50
47
51
:::note
48
52
SAML Authentication to the Enterprise Portal is Alpha and subject to change. To access this feature, a feature flag must be enabled for your team. For more information, reach out to your Replicated account representative.
49
53
:::
50
54
51
-
If SAML authentication has been enabled and configured for the Enterprise Portal it will be the preferred login method and attempted automatically.
55
+
When SAML authentication is enabled and configured for your Enterprise Portal team, you can log in with your single sign-on (SSO) credentials either through your SAML Identity Provider (IdP) or the Enterprise Portal. For more information about how to configure SAML, see [Configure SAML Authentication (Alpha)](#saml) below.
52
56
53
-
SAML authentication also supports just-in-time (JIT) provisioning of user accounts as follows:
57
+
#### Just-In-Time User Provisioning
54
58
55
-
1. Identity Provider (IdP) initiated SAML login attempts always allow for JIT user provisioning
56
-
57
-
1. Service Provider (SP) initiated SAML login attempts allow for JIT user provisioning if the user has an active pending invite. See [Invite or Delete Users](#invite-or-delete-users) below.
59
+
The first time that you attempt to log in with SAML using your SSO credentials, if you do not already have an Enterprise Portal account, then your account is automatically created using just-in-time (JIT) user provisioning. JIT is handled differently depending on if you attempt to log in through your IdP or the Enterprise Portal:
60
+
* IdP-initiated SAML login attempts always allow for JIT user provisioning
61
+
* Enterprise Portal-initiated SAML login attempts allow for JIT user provisioning if your email address has already been invited to the team. See [Invite or Delete Users](#invite-or-delete-users) below.
58
62
59
63
## View Install and Update Instructions
60
64
@@ -248,38 +252,48 @@ To manage service accounts in the Enterprise Portal:
248
252
* To view a service account token, find the target service account in the table and click **View** under **Token**.
249
253
* The revoke a service account's token, find the target service account in the table and open the menu under **Actions**. Select **Revoke**.
250
254
251
-
### Configure SAML Authentication (Alpha)
255
+
### Configure SAML Authentication (Alpha){#saml}
252
256
253
257
:::note
254
258
SAML Authentication to the Enterprise Portal is Alpha and subject to change. To access this feature, a feature flag must be enabled for your team. For more information, reach out to your Replicated account representative.
255
259
:::
256
260
261
+
:::note
262
+
SAML authentication must be enabled for the customer in the Vendor Portal before they can configure SAML for their Enterprise Portal team. For more information, see [Enable SAML Authentication (Alpha)](enterprise-portal-invite#enable-saml).
263
+
:::
264
+
265
+
To configure SAML authentication for your account:
266
+
257
267
1. In the Enterprise Portal, open the user account dropdown in the top right of the page and select **Team settings**.
258
268
259
269
260
270
261
271
[View a larger version of this image](/images/enterprise-portal-user-account.png)
262
272
263
-
1. Click **SAML Authentication**
273
+
1. Click **SAML Authentication**.
264
274
265
-
1.The Service provider information section will display information you can copy and paste to use in your identity provider (IdP).
275
+
1.For **Service provider information**, copy the values provided and use them to configure your identity provider (IdP).
266
276
267
277
268
278
269
279
[View a larger version of this image](/images/enterprise-portal-saml-sp-info.png)
270
280
271
-
1.Next, upload the required metadata XML and public certificate from your identity provider.
281
+
1.Upload the required metadata XML and public certificate from your IdP.
[View a larger version of this image](/images/enterprise-portal-saml-config.png)
276
286
277
-
1.Finally, select to enable or disable SAML authentication for the Enterprise Portal. Disabling SAML authentication will leave the stored configuration in place.
287
+
1.Enable the **SAML authentication is enabled** toggle.
0 commit comments