DigitalOcean
Configuring Key9 Identity OpenID with GitBook
DigitalOcean documentation can be found here.
Setting up DigitalOcean, requires one extra claim, Team Role.
Configure the Team Role claim:
First we need to create a custom field. From the Users dropdown menu, click Custom User Fields.
Click the Create New Field button in the top right corner.
Enter a Field Name example.
DO Team RoleFor the Field Type, select Select [Object]
Enter your team roles in the Select Values box, one item per for.
Set the remaining fields as you see fit, then click the Create Custom User Field button.
You must be the owner to enable SSO for your DigitalOcean team.
Sign into your DigitalOcean Console.
Navigate to the Settings under the Manage section.
In the Teams tab, scroll down to the Single sign-on (OIDC) section click Enable to go to the Enable single sign-on page.
Provide the values from your Key9 application SSO page:
OpenID provider URL: Your provider domain from Key9.
OpenID client ID: Client ID from Key9.
OpenID client secret: Client secret from Key9.
Click Test SSO config to continue. (This tests that the Key9 URL is a valid OIDC provider before the next configuration page.)
On the Secure Settings page, leave the Require sign-in via SSO only setting unchecked for now. This is critical for testing. Then, click Continue.
On the Summary page, copy the SSO sign-in URL, which looks similar to
https://cloud.digitalocean.com/sessions/sso/<id>. Paste this into the Login Url field in Key9.Click Enable SSO to complete the SSO configuration.
In Key9 enter
https://cloud.digitalocean.com/sessions/sso/callbackinto the Redirect URI field.If you have already configured the Team Role custom field you can assign that to the Team Role Claim now, or you can assign it later.
-------------------
By default, applications are not active upon creation. Active applications are immediately available to assign groups. Applications should only be activated when you have configured the Service Provider (SP).
Last updated