Self service SSO configuration
in progress
M
Maria Lepp
Allow customers to configure and manage SSO directly in Port UI without requiring support or customer success assistance.
Proposed Solution:
Introduce a self-service SSO feature that enables Port administrators to configure and manage SSO directly in Port UI without requiring support or customer success assistance.
This feature should include native support for major providers like AzureAD and Okta, ability to test it before enforcing, and ability to apply additional provisioning like SCIM.
Naama Ben Oliel Ronen
marked this post as
in progress
M
Mike Lekar
Naama Ben Oliel Ronen
Can you share the link of the whole feature?
I hope group Mapping is included
Naama Ben Oliel Ronen
Hi Mike Lekar , this feature will let you set up an SSO connection with any IdP and protocol. It will also make it easy to configure allowlist and blocklist groups, including a regex playground, block specific domains from social login, and even update your existing SSO connection, for example updating certificates, domains, and more. SCIM is managed in a separate product that will be launching soon. Hope this answers your question.
M
Mike Lekar
Naama Ben Oliel Ronen
Current SSO is missing group mapping, when we log in to the system using SSO, an attribute with name for example "groups" is used during SAML assertion payload that list all the security groups the user is attached to, and what group mapping can do (similar to Datadog), is I can map a security grouop from that attribute to a role in Port without managing the roles per user in Port UI. or attach a security group to a team so that team can have roles. SCIM is another process that is nice to have though.
Naama Ben Oliel Ronen
marked this post as
planned