pangolin_mirror/docs-v2
1
0
Fork 0
mirror of https://github.com/fosrl/docs-v2.git synced 2026-02-07 21:46:42 +00:00
Code Issues Packages Projects Releases Wiki Activity

update idp docs

Browse Source
This commit is contained in:
miloschwartz
2025-10-22 14:40:40 -07:00
parent d90ed9da59
commit 2af93bc2b6
2 changed files with 20 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
manage/identity-providers/add-an-idp.mdx
View File

@@ -55,6 +55,10 @@ Integrate with Microsoft's enterprise identity platform to allow users to authen
## How to Add an Identity Provider
<Note>
In the CE and EE, identity providers are created and managed via the Server Admin UI rather than the organization settings.
</Note>
<Steps>
<Step title="Navigate to Identity Providers">
In the Pangolin organization, select the "Identity Providers" section in the sidebar.
@@ -79,8 +83,6 @@ Integrate with Microsoft's enterprise identity platform to allow users to authen
</Step>
</Steps>
In the CE and EE, identity providers are created and managed via the Server Admin UI rather than the organization settings.
## Custom Login Page
You can [configure a custom login page](/manage/access-control/login-page) for your organization to be served at a domain of your choice. The log in page for every resource will be served at this URL. Additionally, you can visit this url to log in to the organization itself to access the Pangolin dashboard. This is particularly useful for identity providers because it creates a place for your users to go to select the identity provider of choice to access the Pangolin dashboard.

17
manage/identity-providers/auto-provisioning.mdx
View File

@@ -41,6 +41,11 @@ The expression will be matched against each organization. Meaning:
### Example: Role Selection
**Expression:**
<Note>
When entering in a string, JMESPatch requires it be surrounded by `'` (single quotes). See below:
</Note>
```
contains(groups, 'admin') && 'Admin' || 'Member'
```
@@ -68,7 +73,9 @@ This example will return the string "Admin". If the user is not a member of the
## Community Edition
In the Community Edition, identity providers are managed at the server level and not the individual organization. This means you must define policies per organization to map users to specific organizations and roles within those organizations. After you create an IdP, on the edit page, you can manage organization policies via the "Organization Policies" tab. You can set default (fallback) policies, or define them on a per org basis.
In the Community Edition, identity providers are managed at the server level and not the individual organization. This means you must define policies per organization to map users to specific organizations and roles within those organizations.
After you create an IdP, on the edit page, you can manage organization policies via the "Organization Policies" tab. You can set default (fallback) policies, or define them on a per org basis.
### How Organization Policies Are Evalutated
@@ -91,6 +98,10 @@ It is helpful to think of the auto provisioning process as follows:
For each organization, Pangolin will evaluate the JMESPath expression for the role. If no role is found with the exact name in that organization, the user will not be added to the organization.
</Step>
</Steps>
### Selecting Roles
See above examples.
### Selecting Organizations
@@ -133,6 +144,10 @@ This example will return true since the user is a member of the "home-lab" group
### Example 2: Fixed Organization
<Note>
When entering in a string, JMESPatch requires it be surrounded by `'` (single quotes). See below:
</Note>
**Expression:**
```
'home-lab'