pangolin_mirror/docs-v2
1
0
Fork 0
mirror of https://github.com/fosrl/docs-v2.git synced 2026-03-02 08:46:45 +00:00
Code Issues Packages Projects Releases Wiki Activity

update idp docs

Browse Source
This commit is contained in:
miloschwartz
2025-10-22 14:40:40 -07:00
parent d90ed9da59
commit 2af93bc2b6
2 changed files with 20 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
manage/identity-providers/auto-provisioning.mdx
View File

@@ -41,6 +41,11 @@ The expression will be matched against each organization. Meaning:
### Example: Role Selection
**Expression:**
<Note>
When entering in a string, JMESPatch requires it be surrounded by `'` (single quotes). See below:
</Note>
```
contains(groups, 'admin') && 'Admin' || 'Member'
```
@@ -68,7 +73,9 @@ This example will return the string "Admin". If the user is not a member of the
## Community Edition
In the Community Edition, identity providers are managed at the server level and not the individual organization. This means you must define policies per organization to map users to specific organizations and roles within those organizations. After you create an IdP, on the edit page, you can manage organization policies via the "Organization Policies" tab. You can set default (fallback) policies, or define them on a per org basis.
In the Community Edition, identity providers are managed at the server level and not the individual organization. This means you must define policies per organization to map users to specific organizations and roles within those organizations.
After you create an IdP, on the edit page, you can manage organization policies via the "Organization Policies" tab. You can set default (fallback) policies, or define them on a per org basis.
### How Organization Policies Are Evalutated
@@ -91,6 +98,10 @@ It is helpful to think of the auto provisioning process as follows:
For each organization, Pangolin will evaluate the JMESPath expression for the role. If no role is found with the exact name in that organization, the user will not be added to the organization.
</Step>
</Steps>
### Selecting Roles
See above examples.
### Selecting Organizations
@@ -133,6 +144,10 @@ This example will return true since the user is a member of the "home-lab" group
### Example 2: Fixed Organization
<Note>
When entering in a string, JMESPatch requires it be surrounded by `'` (single quotes). See below:
</Note>
**Expression:**
```
'home-lab'