From d0ad4a3f9cd16e28b41b1ac7660213ff7a1c8774 Mon Sep 17 00:00:00 2001 From: Ofek Weiss Date: Wed, 4 Feb 2026 10:22:42 +0200 Subject: [PATCH] Docs --- .../security-and-connectivity/ms-entra.mdx | 21 +++++-- .../security-and-connectivity/okta.mdx | 62 +++++++++++-------- 2 files changed, 50 insertions(+), 33 deletions(-) diff --git a/docs/cloud/integrations/security-and-connectivity/ms-entra.mdx b/docs/cloud/integrations/security-and-connectivity/ms-entra.mdx index 9dd06d963..121631cf4 100644 --- a/docs/cloud/integrations/security-and-connectivity/ms-entra.mdx +++ b/docs/cloud/integrations/security-and-connectivity/ms-entra.mdx @@ -63,11 +63,20 @@ In order to enable SAML using Microsoft Entra ID (Previously Azure AD SSO), we n ## Provisioning Elementary supports user provisioning via SCIM to automate user management. If you want to enable automatic provisioning, follow these steps: -- In the **Microsoft Entra portal**, go to **Enterprise Applications** and select the newly created SAML application. -- Navigate to **Provisioning** and click **Get Started**. -- Set the **Provisioning Mode** to **Automatic**. -- Configure the **Tenant URL** and **Secret Token** (email the Elementary team for a 1password vault with the configuration). -- Click **Test Connection** to validate the setup. -- Enable provisioning and save changes. + + - Go to your account settings page in Elementary (Your avatar in the top right corner -> Account -> Settings) + - In the Provisioning section, click on "Configure" + - Choose "Azure AD", and click "Create" to create a new URL and token for provisioning + - DO NOT close this dialog until you have configured SCIM in Azure AD + + + + - In the **Microsoft Entra portal**, go to **Enterprise Applications** and select the newly created SAML application. + - Navigate to **Provisioning** and click **Get Started**. + - Set the **Provisioning Mode** to **Automatic**. + - Configure the **Tenant URL** and **Secret Token** - _value from Elementary Provisioning section_ + - Click **Test Connection** to validate the setup. + - Enable provisioning and save changes. + This setup ensures that users are automatically created, updated, and deactivated in Elementary based on their status in Microsoft Entra ID. You can always reach out if you need any help. diff --git a/docs/cloud/integrations/security-and-connectivity/okta.mdx b/docs/cloud/integrations/security-and-connectivity/okta.mdx index 86b6e0ecd..6f6a79bcf 100644 --- a/docs/cloud/integrations/security-and-connectivity/okta.mdx +++ b/docs/cloud/integrations/security-and-connectivity/okta.mdx @@ -89,33 +89,41 @@ Please follow the steps below to configure an SSO connection in Elementary. Please follow the steps below to configure SCIM provisioning within Elementary: -- First, you should receive a 1Password link from the Elementary team - this contain the SCIM endpoint and access token that should be configured in Okta. -- Under the **Elementary Data** app, go to the **General** tab, and click **Edit**. Then modify the **Provisioning** setting to **SCIM** and click **Save**. - -A new Provisioning tab should appear, click it and then click Edit. - -- Please fill the following details: - - **SCIM connector base URL** - _value from 1password link above_ - - **Unique identifier field for users** - email - - **Supported provisioning actions** - mark all the “Push” settings (New users, Profile updates and Groups). - - **Authentication Mode -** HTTP Header - - **Authorization** - _access token from 1password link above_ - - When you are done, click on **Test Connector Configuration** - -Ensure that all the marked provisioning actions were successful: - -- Click **Save** to update the provisioning configuration. -- Click the **To App** section on the left and click **Edit**: - -- Please enable the settings: - - Create Users - - Update User Attributes - - Deactivate Users - - And click **Save.** - -If you already created an “Elementary Users” group under the Assignments tab in the previous section, you may want to remove and re-add it to ensure all the users there are created successfully in Elementary. + + - Go to your account settings page in Elementary (Your avatar in the top right corner -> Account -> Settings) + - In the Provisioning section, click on "Configure" + - Choose "Okta", and click "Create" to create a new URL and token for provisioning + - DO NOT close this dialog until you have configured SCIM in Okta + + + + - Under the **Elementary Data** app, go to the **General** tab, and click **Edit**. Then modify the **Provisioning** setting to **SCIM** and click **Save**. + + A new Provisioning tab should appear, click it and then click Edit. + + - Please fill the following details: + - **SCIM connector base URL** - _value from Elementary Provisioning section_ + - **Unique identifier field for users** - email + - **Supported provisioning actions** - mark all the “Push” settings (New users, Profile updates and Groups). + - **Authentication Mode -** HTTP Header + - **Authorization** - _access token from Elementary Provisioning section_ + + When you are done, click on **Test Connector Configuration** + + Ensure that all the marked provisioning actions were successful: + + - Click **Save** to update the provisioning configuration. + - Click the **To App** section on the left and click **Edit**: + + - Please enable the settings: + - Create Users + - Update User Attributes + - Deactivate Users + + And click **Save.** + + If you already created an “Elementary Users” group under the Assignments tab in the previous section, you may want to remove and re-add it to ensure all the users there are created successfully in Elementary. + ## **Pushing groups to Elementary**