diff --git a/docs/integrations/services/sentry/auth.png b/docs/integrations/services/sentry/auth.png new file mode 100644 index 000000000..deca468b0 Binary files /dev/null and b/docs/integrations/services/sentry/auth.png differ diff --git a/docs/integrations/services/sentry/index.md b/docs/integrations/services/sentry/index.md index d88de4fa7..a11c4c4bc 100644 --- a/docs/integrations/services/sentry/index.md +++ b/docs/integrations/services/sentry/index.md @@ -15,27 +15,31 @@ From https://sentry.io The following placeholders will be used: -- `sentry.company` is the FQDN of the Sentry install. -- `passbook.company` is the FQDN of the passbook install. +- `sentry.company` is the FQDN of the Sentry install. +- `passbook.company` is the FQDN of the passbook install. -Create an application in passbook. Create an OpenID provider with the following parameters: +Create an application in passbook. Create a SAML Provider with the following values -- Client Type: `Confidential` -- Response types: `code (Authorization Code Flow)` -- JWT Algorithm: `RS256` -- Redirect URIs: `https://sentry.company/auth/sso/` -- Scopes: `openid email` +- ACS URL: `https://sentry.company/saml/acs//` +- Audience: `https://sentry.company/saml/metadata//` +- Issuer: `passbook` +- Service Provider Binding: `Post` +- Property Mapping: Select all Autogenerated Mappings ## Sentry **This guide assumes you've installed Sentry using [getsentry/onpremise](https://github.com/getsentry/onpremise)** -- Add `sentry-auth-oidc` to `onpremise/sentry/requirements.txt` (Create the file if it doesn't exist yet) -- Add the following block to your `onpremise/sentry/sentry.conf.py`: -``` -OIDC_ISSUER = "passbook" -OIDC_CLIENT_ID = "" -OIDC_CLIENT_SECRET = "" -OIDC_SCOPE = "openid email" -OIDC_DOMAIN = "https://passbook.company/application/oidc/" -``` +Navigate to Settings -> Auth, and click on Configure next to SAML2 + +![](./auth.png) + +In passbook, get the Metadata URL by right-clicking `Download Metadata` and selecting Copy Link Address, and paste that URL into Sentry. + +On the next screen, input these Values + +IdP User ID: `urn:oid:0.9.2342.19200300.100.1.1` +User Email: `urn:oid:0.9.2342.19200300.100.1.3` +First Name: `urn:oid:2.5.4.3` + +After confirming, Sentry will authenticate with passbook, and you should be redirected back to a page confirming your settings. diff --git a/docs/integrations/services/tower-awx/index.md b/docs/integrations/services/tower-awx/index.md index 5855b8ab8..7729fe2e9 100644 --- a/docs/integrations/services/tower-awx/index.md +++ b/docs/integrations/services/tower-awx/index.md @@ -16,14 +16,15 @@ From https://docs.ansible.com/ansible/2.5/reference_appendices/tower.html The following placeholders will be used: -- `awx.company` is the FQDN of the AWX/Tower install. -- `passbook.company` is the FQDN of the passbook install. +- `awx.company` is the FQDN of the AWX/Tower install. +- `passbook.company` is the FQDN of the passbook install. Create an application in passbook and note the slug, as this will be used later. Create a SAML provider with the following parameters: -- ACS URL: `https://awx.company/sso/complete/saml/` -- Audience: `awx` -- Issuer: `https://awx.company/sso/metadata/saml/` +- ACS URL: `https://awx.company/sso/complete/saml/` +- Audience: `awx` +- Service Provider Binding: Post +- Issuer: `https://awx.company/sso/metadata/saml/` You can of course use a custom signing certificate, and adjust durations.