Overview
In this multi-part exercise, you will setup IDP integration with OKTA in order to test RBAC through IDP group association, local groups and the union between them.
What Will You Do¶
| Part | What will you do? |
|---|---|
| 1 | In this part, you will Setup the IDP integration, user and group |
| 2 | In this part, you will Test the IDP with RBAC |
The sequence diagram below describes the two scenarios you will experience in the exercise.
sequenceDiagram
participant rafay as Rafay
participant idp as Okta
rect rgb(191, 223, 255)
note over rafay,idp: Configure IdP
rafay->>idp: Configure Okta as IdP for Rafay Org
end
rect rgb(191, 223, 255)
note over rafay, idp: Scenario 1: AuthN and AuthZ from IdP
idp->>rafay: SAML Assertion with Group (Rafay will map to Role)
rafay->>rafay: Maps IdP Group to Rafay Role
end
rect rgb(191, 223, 255)
note over rafay, idp: Scenario 2: AuthN from IdP + Local AuthZ Override
idp->>rafay: SAML Assertion with Group
rafay->>rafay: Maps IdP Group with Local Group Override to Rafay Role
endNote
You can also optionally watch a video walking you through all the steps descibed in this exercise.
References¶
- Learn about how you can integrate your Identity Provider (IdP) with your Org
- Learn how you can integrate Okta with your Org
- Learn about the various Roles
Assumptions¶
This exercise assumes that you have access to the following:
- An Org with Org Admin privileges
- An OKTA account or free developer account