-
Notifications
You must be signed in to change notification settings - Fork 345
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
SSO provider-specific setup docs (#144)
* SSO provider-specific setup docs * fix image sizes * try updating height instead * maybe it was width after all * more width adjustments * width
- Loading branch information
1 parent
230f377
commit 08b7d82
Showing
20 changed files
with
135 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,3 @@ | ||
|
|
||
| .DS_Store | ||
| **/.DS_Store |
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,62 @@ | ||
| # Configuring Okta for Expo SSO | ||
|
|
||
| In order for Expo to configure your organization to use Single Sign-On (SSO), you will need to configure a new application in Okta and then provide the Expo support team with the following information: | ||
|
|
||
| - Client ID from your Okta application | ||
| - Client secret from Okta application | ||
| - Okta subdomain | ||
| - Expo organization name | ||
|
|
||
| Read on for how to configure the Okta application and obtain this information. | ||
|
|
||
| ## Setting up the Okta application | ||
|
|
||
| 1. In the Okta admin interface, select **Applications** -> **Applications** in the menu on the left: | ||
|
|
||
| [<img src="./assets/sso-setup-okta/01-applications-menu.png" width="250" />](./assets/sso-setup-okta/01-applications-menu.png) | ||
|
|
||
| 2. Then click **Create App Integration**: | ||
|
|
||
| [<img src="./assets/sso-setup-okta/02-create-app-integration.png" width="150" />](./assets/sso-setup-okta/02-create-app-integration.png) | ||
|
|
||
| 3. Choose **OIDC** and **Web Application**: | ||
|
|
||
| [<img src="./assets/sso-setup-okta/03-oidc-web-app.png" width="600" />](./assets/sso-setup-okta/03-oidc-web-app.png) | ||
|
|
||
| 4. Name the app `Expo`` and select the **Authorization Code** and **Refresh Token** options: | ||
|
|
||
| [<img src="./assets/sso-setup-okta/04-auth-code-option.png" width="600" />](./assets/sso-setup-okta/04-auth-code-option.png) | ||
|
|
||
| 5. Set the **Sign-in Redirect URI** to `https://expo.dev/auth/callback/okta` to and the **Sign-out URI** to `https://expo.dev`: | ||
|
|
||
| [<img src="./assets/sso-setup-okta/05-redirect-uris.png" width="600" />](./assets/sso-setup-okta/05-redirect-uris.png) | ||
|
|
||
| 6. Set the **Assignments** settings in a manner consistent with how your Okta organization is configured: | ||
|
|
||
| [<img src="./assets/sso-setup-okta/06-assignments.png" width="600" />](./assets/sso-setup-okta/06-assignments.png) | ||
|
|
||
| ## Providing application info to Expo | ||
|
|
||
| After saving the application, Okta will take you to the application screen, where you can copy information that will be needed by the Expo team in order to configure SSO on your Expo organization. | ||
|
|
||
| Expo will need: | ||
| - Client ID | ||
| - Client secret | ||
| - Okta subdomain | ||
| - Expo organization name | ||
|
|
||
| ### Obtaining Client ID / Secret / Issuer URL | ||
|
|
||
| 1. Obtain client ID and secret from the **General** tab under the application:: | ||
|
|
||
| [<img src="./assets/sso-setup-okta/07-client-id.png" width="500" />](./assets/sso-setup-okta/07-client-id.png) | ||
|
|
||
| 2. Obtain the subdomain from the user settings in the upper right corner: | ||
|
|
||
| [<img src="./assets/sso-setup-okta/08-subdomain.png" width="300" />](./assets/sso-setup-okta/08-subdomain.png) | ||
|
|
||
| ### Obtaining Expo organization name | ||
|
|
||
| The Expo organization name is available from the Account overview when logging into your account at [expo.dev](https://expo.dev): | ||
|
|
||
| [<img src="./assets/sso-setup-general/01-expo-org.png" width="400" />](./assets/sso-setup-general/01-expo-org.png) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,70 @@ | ||
| # Configuring OneLogin for Expo SSO | ||
|
|
||
| In order for Expo to configure your organization to use Single Sign-On (SSO), you will need to configure a new application in OneLogin and then provide the Expo support team with the following information: | ||
|
|
||
| - Client ID from your OneLogin application | ||
| - Client secret from OneLogin application | ||
| - OneLogin issuer URL | ||
| - Expo organization name | ||
|
|
||
| Read on for how to configure the OneLogin application and obtain this information. | ||
|
|
||
| ## Setting up the OneLogin application | ||
|
|
||
| 1. In the OneLogin administration dashboard, select **Applications** -> **Applications** in the top menu: | ||
|
|
||
| [<img src="./assets/sso-setup-onelogin/01-applications-menu.png" width="250" />](./assets/sso-setup-onelogin/01-applications-menu.png) | ||
|
|
||
| 2. Click **Add App**: | ||
|
|
||
| [<img src="./assets/sso-setup-onelogin/02-add-app.png" width="250" />](./assets/sso-setup-onelogin/02-add-app.png) | ||
|
|
||
| 3. Find and choose “**OpenId Connect (OIDC)**”: | ||
|
|
||
| [<img src="./assets/sso-setup-onelogin/03-find-oidc.png" width="600" />](./assets/sso-setup-onelogin/03-find-oidc.png) | ||
|
|
||
| 4. Give your app a display name and click **Save**: | ||
|
|
||
| [<img src="./assets/sso-setup-onelogin/04-display-name.png" width="600" />](./assets/sso-setup-onelogin/04-display-name.png) | ||
|
|
||
| 5. Go to the Configuration tab, set **Redirect URI’s** to `https://expo.dev/auth/callback/onelogin` and the **Post Logout Redirect URI’s** to `https://expo.dev`: | ||
|
|
||
| [<img src="./assets/sso-setup-onelogin/05-redirect-uris.png" width="600" />](./assets/sso-setup-onelogin/05-redirect-uris.png) | ||
|
|
||
| ## Ensuring users can login from the new application | ||
|
|
||
| Depending on how your OneLogin org is configured, you may need to add the application you just created to users’ accounts. | ||
|
|
||
| To check this, you can go to the **Users** menu, choose **Users**, and click on a specific user. Click on **Applications**, and check if the user has the application you just created added: | ||
|
|
||
| [<img src="./assets/sso-setup-onelogin/06-users.png" width="600" />](./assets/sso-setup-onelogin/06-users.png) | ||
|
|
||
| ## Providing application info to Expo | ||
|
|
||
| Inside your Application on the OneLogin administration dashboard, you can find and copy the information that will be needed by the Expo team in order to configure SSO on your Expo organization. | ||
|
|
||
| Expo will need: | ||
| - Client ID | ||
| - Client secret | ||
| - Issuer URL | ||
| - Expo organization name | ||
|
|
||
| ### Obtaining Client ID / Secret / Issuer URL | ||
|
|
||
| 1. Go to the **Applications menu**, and click on **Applications**: | ||
|
|
||
| [<img src="./assets/sso-setup-onelogin/01-applications-menu.png" width="250" />](./assets/sso-setup-onelogin/01-applications-menu.png) | ||
|
|
||
| 2. Click on your OIDC application: | ||
|
|
||
| [<img src="./assets/sso-setup-onelogin/07-application.png" width="600" />](./assets/sso-setup-onelogin/07-application.png) | ||
|
|
||
| 3. Click on the **SSO** tab, and all of these fields will be to the right: | ||
|
|
||
| [<img src="./assets/sso-setup-onelogin/08-sso-tab.png" width="600" />](./assets/sso-setup-onelogin/08-sso-tab.png) | ||
|
|
||
| ### Obtaining Expo organization name | ||
|
|
||
| The Expo organization name is available from the Account overview when logging into your account at [expo.dev](https://expo.dev): | ||
|
|
||
| [<img src="./assets/sso-setup-general/01-expo-org.png" width="400" />](./assets/sso-setup-general/01-expo-org.png) |