External ids in okta not working

(Brent) #1

I am still trying to test the external ids for the okta authentication provider. Currently I do not think it works with the default guide / settings. Has anyone gotten it to work so that groups can be setup within okta and then used in octopus deploy to configure the users settings

Thanks!

(Brent) #2

So actually was able to solve this ourselves. We ended up having to do the following:

Set the groups name to be roles and then set it to filter by regex with a .* pattern because of a bug in okta where it will not send roles if its none

(Brent) #3

I am not sure if there is a way to set this to pick up the groups by default. I believe this setting was intended for that but it does not work as intended?

https://github.com/OctopusDeploy/OpenIDConnectAuthenticationProviders/blob/master/source/Octopus.Server.Extensibility.Authentication.Okta/Configuration/OktaConfiguration.cs#L7

(Daniel Fischer) #4

Hi Brent,

Thanks for the the information here! Your resolution is the same that we came to. We have just created a GitHub issue to look into this further and see if we can find any other issues here. Once we have some more information we are going to update our documentation.

If you would like to keep an eye on the GitHub issue: https://github.com/OctopusDeploy/Issues/issues/3797

Please feel free to let me know if you find any further information or have any questions. :slight_smile:

Best regards,
Daniel

(system) closed #6