This document explains the process to enable SAML SSO and SCIM on DeepSource using Okta as the Identity Provider (IdP).
Field | Value |
---|---|
App Name | DeepSource |
https://deepsource.foobar.com
, fill in the following details accordingly:Field | Values |
---|---|
Single sign on URL | https://deepsource.foobar.com/saml2/acs/ |
Audience URI (SP Entity ID) | https://deepsource.foobar.com/saml2/metadata/ |
Name ID format | EmailAddress (choose from drop down) |
Application username | Email (choose from drop down |
Field | Name format | Value |
---|---|---|
first_name | Basic | user.firstName |
last_name | Basic | user.lastName |
Actions -> View IdP metadata
for the “SHA-2 Type” certificate. It should be in the format: https://<customer>.okta.com/app/<app-slug>/sso/saml/metadata
.
General → App Settings → Edit
and turn on Enable SCIM provisioning
.Field | Values |
---|---|
SCIM connector base URL | https://deepsource.foobar.com/scim/v2/ |
Unique identifier field for users | |
Supported provisioning actions | Push New Users, Push Profile Updates, Push Groups |
Authentication Mode | HTTP Header |
Authorization bearer token | SCIM Authentication token which you have put in replicated console (kotsadm) |
Field | Values |
---|---|
SCIM connector base URL | https://app.deepsource.com/scim/v2/ |
Unique identifier field for users | |
Supported provisioning actions | Import New Users and Profile Updates, Push New Users, Push Profile Updates |
Authentication Mode | HTTP Header |
Authorization bearer token | SCIM Authentication token generated from DeepSource |
Inactive
on your DeepSource Enterprise installation if the sole group that the user was associated with is removed.Inactive
.