expo · keith-kurak · Feb 1, 2024 · Jan 31, 2024 · Jan 31, 2024 · Jan 31, 2024
diff --git a/.gitignore b/.gitignore
@@ -0,0 +1,3 @@
+
+.DS_Store
+**/.DS_Store
diff --git a/assets/sso-setup-general/01-expo-org.png b/assets/sso-setup-general/01-expo-org.png
diff --git a/assets/sso-setup-okta/01-applications-menu.png b/assets/sso-setup-okta/01-applications-menu.png
diff --git a/assets/sso-setup-okta/02-create-app-integration.png b/assets/sso-setup-okta/02-create-app-integration.png
diff --git a/assets/sso-setup-okta/03-oidc-web-app.png b/assets/sso-setup-okta/03-oidc-web-app.png
diff --git a/assets/sso-setup-okta/04-auth-code-option.png b/assets/sso-setup-okta/04-auth-code-option.png
diff --git a/assets/sso-setup-okta/05-redirect-uris.png b/assets/sso-setup-okta/05-redirect-uris.png
diff --git a/assets/sso-setup-okta/06-assignments.png b/assets/sso-setup-okta/06-assignments.png
diff --git a/assets/sso-setup-okta/07-client-id.png b/assets/sso-setup-okta/07-client-id.png
diff --git a/assets/sso-setup-okta/08-subdomain.png b/assets/sso-setup-okta/08-subdomain.png
diff --git a/assets/sso-setup-onelogin/01-applications-menu.png b/assets/sso-setup-onelogin/01-applications-menu.png
diff --git a/assets/sso-setup-onelogin/02-add-app.png b/assets/sso-setup-onelogin/02-add-app.png
diff --git a/assets/sso-setup-onelogin/03-find-oidc.png b/assets/sso-setup-onelogin/03-find-oidc.png
diff --git a/assets/sso-setup-onelogin/04-display-name.png b/assets/sso-setup-onelogin/04-display-name.png
diff --git a/assets/sso-setup-onelogin/05-redirect-uris.png b/assets/sso-setup-onelogin/05-redirect-uris.png
diff --git a/assets/sso-setup-onelogin/06-users.png b/assets/sso-setup-onelogin/06-users.png
diff --git a/assets/sso-setup-onelogin/07-application.png b/assets/sso-setup-onelogin/07-application.png
diff --git a/assets/sso-setup-onelogin/08-sso-tab.png b/assets/sso-setup-onelogin/08-sso-tab.png
diff --git a/sso-setup-okta.md b/sso-setup-okta.md
@@ -0,0 +1,62 @@
+# Configuring Okta for Expo SSO
+
+In order for Expo to configure your organization to use Single Sign-On (SSO), you will need to configure a new application in Okta and then provide the Expo support team with the following information:
+
+- Client ID from your Okta application
+- Client secret from Okta application
+- Okta subdomain
+- Expo organization name
+
+Read on for how to configure the Okta application and obtain this information.
+
+## Setting up the Okta application
+
+1. In the Okta admin interface, select **Applications** -> **Applications** in the menu on the left:
+
+[<img src="./assets/sso-setup-okta/01-applications-menu.png" width="250" />](./assets/sso-setup-okta/01-applications-menu.png)
+
+2. Then click **Create App Integration**:
+
+[<img src="./assets/sso-setup-okta/02-create-app-integration.png" width="150" />](./assets/sso-setup-okta/02-create-app-integration.png)
+
+3. Choose **OIDC** and **Web Application**:
+
+[<img src="./assets/sso-setup-okta/03-oidc-web-app.png" width="600" />](./assets/sso-setup-okta/03-oidc-web-app.png)
+
+4. Name the app `Expo`` and select the **Authorization Code** and **Refresh Token** options:
+
+[<img src="./assets/sso-setup-okta/04-auth-code-option.png" width="600" />](./assets/sso-setup-okta/04-auth-code-option.png)
+
+5. Set the **Sign-in Redirect URI** to `https://expo.dev/auth/callback/okta` to and the **Sign-out URI** to `https://expo.dev`:
+
+[<img src="./assets/sso-setup-okta/05-redirect-uris.png" width="600" />](./assets/sso-setup-okta/05-redirect-uris.png)
+
+6. Set the **Assignments** settings in a manner consistent with how your Okta organization is configured:
+
+[<img src="./assets/sso-setup-okta/06-assignments.png" width="600" />](./assets/sso-setup-okta/06-assignments.png)
+
+## Providing application info to Expo
+
+After saving the application, Okta will take you to the application screen, where you can copy information that will be needed by the Expo team in order to configure SSO on your Expo organization.
+
+Expo will need:
+- Client ID
+- Client secret
+- Okta subdomain
+- Expo organization name
+
+### Obtaining Client ID / Secret / Issuer URL
+
+1. Obtain client ID and secret from the **General** tab under the application::
+
+[<img src="./assets/sso-setup-okta/07-client-id.png" width="500" />](./assets/sso-setup-okta/07-client-id.png)
+
+2. Obtain the subdomain from the user settings in the upper right corner:
+
+[<img src="./assets/sso-setup-okta/08-subdomain.png" width="300" />](./assets/sso-setup-okta/08-subdomain.png)
+
+### Obtaining Expo organization name
+
+The Expo organization name is available from the Account overview when logging into your account at [expo.dev](https://expo.dev):
+
+[<img src="./assets/sso-setup-general/01-expo-org.png" width="400" />](./assets/sso-setup-general/01-expo-org.png)
diff --git a/sso-setup-onelogin.md b/sso-setup-onelogin.md
@@ -0,0 +1,70 @@
+# Configuring OneLogin for Expo SSO
+
+In order for Expo to configure your organization to use Single Sign-On (SSO), you will need to configure a new application in OneLogin and then provide the Expo support team with the following information:
+
+- Client ID from your OneLogin application
+- Client secret from OneLogin application
+- OneLogin issuer URL
+- Expo organization name
+
+Read on for how to configure the OneLogin application and obtain this information.
+
+## Setting up the OneLogin application
+
+1. In the OneLogin administration dashboard, select **Applications** -> **Applications** in the top menu:
+
+[<img src="./assets/sso-setup-onelogin/01-applications-menu.png" width="250" />](./assets/sso-setup-onelogin/01-applications-menu.png)
+
+2. Click **Add App**:
+
+[<img src="./assets/sso-setup-onelogin/02-add-app.png" width="250" />](./assets/sso-setup-onelogin/02-add-app.png)
+
+3. Find and choose “**OpenId Connect (OIDC)**”:
+
+[<img src="./assets/sso-setup-onelogin/03-find-oidc.png" width="600" />](./assets/sso-setup-onelogin/03-find-oidc.png)
+
+4. Give your app a display name and click **Save**:
+
+[<img src="./assets/sso-setup-onelogin/04-display-name.png" width="600" />](./assets/sso-setup-onelogin/04-display-name.png)
+
+5. Go to the Configuration tab, set **Redirect URI’s** to `https://expo.dev/auth/callback/onelogin` and the **Post Logout Redirect URI’s** to `https://expo.dev`:
+
+[<img src="./assets/sso-setup-onelogin/05-redirect-uris.png" width="600" />](./assets/sso-setup-onelogin/05-redirect-uris.png)
+
+## Ensuring users can login from the new application
+
+Depending on how your OneLogin org is configured, you may need to add the application you just created to users’ accounts.
+
+To check this, you can go to the **Users** menu, choose **Users**, and click on a specific user. Click on **Applications**, and check if the user has the application you just created added:
+
+[<img src="./assets/sso-setup-onelogin/06-users.png" width="600" />](./assets/sso-setup-onelogin/06-users.png)
+
+## Providing application info to Expo
+
+Inside your Application on the OneLogin administration dashboard, you can find and copy the information that will be needed by the Expo team in order to configure SSO on your Expo organization.
+
+Expo will need:
+- Client ID
+- Client secret
+- Issuer URL
+- Expo organization name
+
+### Obtaining Client ID / Secret / Issuer URL
+
+1. Go to the **Applications menu**, and click on **Applications**:
+
+[<img src="./assets/sso-setup-onelogin/01-applications-menu.png" width="250" />](./assets/sso-setup-onelogin/01-applications-menu.png)
+
+2. Click on your OIDC application:
+
+[<img src="./assets/sso-setup-onelogin/07-application.png" width="600" />](./assets/sso-setup-onelogin/07-application.png)
+
+3. Click on the **SSO** tab, and all of these fields will be to the right:
+
+[<img src="./assets/sso-setup-onelogin/08-sso-tab.png" width="600" />](./assets/sso-setup-onelogin/08-sso-tab.png)
+
+### Obtaining Expo organization name
+
+The Expo organization name is available from the Account overview when logging into your account at [expo.dev](https://expo.dev):
+
+[<img src="./assets/sso-setup-general/01-expo-org.png" width="400" />](./assets/sso-setup-general/01-expo-org.png)