## What This PR contains two small doc updates/fixes: 1. Update the availability notice on SSO syncing to indicate that it has been released. 2. Add a note to the Import API description that importing environments will make Unleash delete API keys belonging to those environments. ## Why 1. To keep the docs up to date. 2. Because this behavior surprised (and rightly so, I'd say) a user, who then suddenly had all their SDKs unable to connect. Co-authored-by: Nuno Góis <github@nunogois.com>
2.3 KiB
title |
---|
How set up user group SSO syncing |
:::info availability
User group syncing was released in Unleash 4.18 and is available for enterprise customers.
:::
This guide takes you through how to configure your user groups to automatically populate users through Single Sign On (SSO). Refer to setting up Keycloak for user group sync for an end to end example. Note that the steps below require you to be logged in as an admin user.
Step 1: Navigate to SSO configuration
Navigate to the "Single sign-on" configuration page.
Step 2: Enable Group Syncing
Turn on "Enable Group Syncing" and enter a value a for "Group Field JSON Path". Refer to the User group SSO integration documentation for more information or to the how-to guide for integrating with Keycloak for a practical example.
The value is the JSON path in the token response where your group properties are located, this is up to your SSO provider, a full example for Keycloak can be found here. Once you're happy, save your configuration.
Step 3: Navigate to a group
Navigate to the group you want to sync users for.
Step 4: Edit the group configuration
Navigate to edit group.
Step 5: Link SSO groups to your group
Link as many SSO groups as you like to your group, these names should match the group name or ID sent by your SSO provider exactly. Save your group configuration, the next time a user belonging to one of these groups logs in, they'll be automatically added to this group.