roost.tools / coop
Mirror of https://github.com/roostorg/coop github.com/roostorg/coop
2
fork

Configure Feed

Select the types of activity you want to include in your feed.

Better Copy for SSO certificate and user guide (#37)

authored by

Juan Mrad and committed by
GitHub 5006c18a 22361a50

+30 -2
+1 -2
client/src/webpages/settings/SSOSettings.tsx
··· 159 159 <Text id="SsoCert" size="SM"> 160 160 This is the certificate used to verify the identity of your 161 161 organization when users attempt to log in via SSO. Please ensure this 162 - certificate matches the one provided by your identity provider. For 163 - more information on setting up SSO, please contact Coop directly. 162 + certificate matches the one provided by your identity provider. 164 163 </Text> 165 164 </div> 166 165 <Textarea
+29
docs/USER_GUIDE.md
··· 91 91 92 92 Once you invite a new user to Coop, you can either configure an email service to send the link to that person or copy the invite link and share it directly with them. 93 93 94 + ### SSO 94 95 96 + Learn how to configure SSO using Okta SAML. 97 + 98 + Coop only supports SSO through Okta SAML. 99 + 100 + **Prerequisites** 101 + 102 + To configure Okta SAML SSO, you must: 103 + 104 + * Be in Admin mode in Okta. 105 + * Have group names that match exactly between Okta and SAML. 106 + * Have admin permissions in Coop. 107 + * Have the ability to create a custom SAML application. 108 + 109 + **Configuration** 110 + 111 + 1. Create a [custom SAML application](https://help.okta.com/oag/en-us/content/topics/access-gateway/add-app-saml-pass-thru-add-okta.htm) in Okta. Use the following settings. 112 + 113 + | Setting | Value | 114 + | :------ | :---- | 115 + | Single sign-on URL | Your organization's callback URL (e.g. `https://your-coop-instance.com/login/saml/12345/callback`). You can find your callback link in Coop under **Settings → SSO**. | 116 + | Audience URI (SP Entity ID) | Your Coop instance base URL (e.g. `https://your-coop-instance.com`). | 117 + | `email` attribute (in **Attribute Statements**) | `email`. This field depends on your Identity Provider's attribute mappings (e.g. Google SSO may use "Primary Email"). | 118 + 119 + 2. In the **Feedback** tab, check **I'm a software vendor. I'd like to integrate my app with Okta**. 120 + 3. In your app's settings, go to the **Sign On** tab. Under **SAML Signing Certificates → SHA-2**, click **Actions → View IdP metadata**. 121 + 4. Copy the contents of the XML file. In Coop, go to **Settings → SSO** and paste the XML into the **Identity Provider Metadata** field. 122 + 5. On the same page, enter `email` in the **Attributes** section. 123 + 6. In your Okta app under **Assignments**, assign users or groups to your app. 95 124 96 125 ### Wellness and Safety 97 126