diff options
author | Blair Lunceford <blunceford@gitlab.com> | 2019-04-09 02:59:32 +0000 |
---|---|---|
committer | Evan Read <eread@gitlab.com> | 2019-04-09 02:59:32 +0000 |
commit | f7ee6d831876937a3541cd6342fae688355ffaaf (patch) | |
tree | 0b887ee317b461da0e2c9f9d9a152cc3cc94c34d | |
parent | 61ed92396814dcd97e787e1f7c44c05078df7118 (diff) | |
download | gitlab-ce-f7ee6d831876937a3541cd6342fae688355ffaaf.tar.gz |
Update Okta configuration notes
-rw-r--r-- | doc/administration/auth/okta.md | 7 |
1 files changed, 6 insertions, 1 deletions
diff --git a/doc/administration/auth/okta.md b/doc/administration/auth/okta.md index 638405126a5..aa4e1b0d2e0 100644 --- a/doc/administration/auth/okta.md +++ b/doc/administration/auth/okta.md @@ -92,18 +92,23 @@ Now that the Okta app is configured, it's time to enable it in GitLab. 1. Add the provider configuration. >**Notes:** + > >- Change the value for `assertion_consumer_service_url` to match the HTTPS endpoint of GitLab (append `users/auth/saml/callback` to the HTTPS URL of your GitLab installation to generate the correct value). + > >- To get the `idp_cert_fingerprint` fingerprint, first download the certificate from the Okta app you registered and then run: `openssl x509 -in okta.cert -noout -fingerprint`. Substitute `okta.cert` with the location of your certificate. + > >- Change the value of `idp_sso_target_url`, with the value of the **Identity Provider Single Sign-On URL** from the step when you configured the Okta app. - >- Change the value of `issuer` to a unique name, which will identify the application + > + >- Change the value of `issuer` to the value of the **Audience Restriction** from your Okta app configuration. This will identify GitLab to the IdP. + > >- Leave `name_identifier_format` as-is. **For Omnibus GitLab installations** |