IntenseWebs/grafana
3
0
Fork 0
mirror of https://github.com/grafana/grafana.git synced 2025-02-25 18:55:37 -06:00
Code Issues Packages Projects Releases Wiki Activity

Docs: Update SAML docs after making the certificate/private key optional (#91202)

Browse Source 
* update SAML docs after changing the certificate/private key to be optional

* fix link with example of how to generate saml credentials

* revert link
This commit is contained in:
Mihai Doarna 2024-08-14 18:02:57 +03:00 committed by GitHub
parent b0dd3fb1a1
commit 340af8cf6b
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 9 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
docs/sources/setup-grafana/configure-security/configure-authentication/saml-ui/index.md
View File

@ -75,19 +75,21 @@ Sign in to Grafana and navigate to **Administration > Authentication > Configure
| **Single logout** | The SAML single logout feature enables users to log out from all applications associated with the current IdP session established using SAML SSO. For more information, refer to [SAML single logout documentation]]({{< relref "../saml#single-logout" >}}). | | **Single logout** | The SAML single logout feature enables users to log out from all applications associated with the current IdP session established using SAML SSO. For more information, refer to [SAML single logout documentation]]({{< relref "../saml#single-logout" >}}). |
| **Identity provider initiated login** | Enables users to log in to Grafana directly from the SAML IdP. For more information, refer to [IdP initiated login documentation]({{< relref "../saml#idp-initiated-single-sign-on-sso" >}}). | | **Identity provider initiated login** | Enables users to log in to Grafana directly from the SAML IdP. For more information, refer to [IdP initiated login documentation]({{< relref "../saml#idp-initiated-single-sign-on-sso" >}}). |
1. Click **Next: Key and certificate**. 1. Click **Next: Sign requests**.
### 2. Key and Certificate Section ### 2. Sign Requests Section
1. Provide a certificate and a private key that will be used by the service provider (Grafana) and the SAML IdP. 1. In the **Sign requests** field, specify whether you want the outgoing requests to be signed, and, if so, then:
Use the [PKCS #8](https://en.wikipedia.org/wiki/PKCS_8) format to issue the private key. 1. Provide a certificate and a private key that will be used by the service provider (Grafana) and the SAML IdP.
For more information, refer to an [example on how to generate SAML credentials]({{< relref "../saml#generate-private-key-for-saml-authentication" >}}). Use the [PKCS #8](https://en.wikipedia.org/wiki/PKCS_8) format to issue the private key.
1. In the **Sign requests** field, specify whether you want the outgoing requests to be signed, and, if so, which signature algorithm should be used. For more information, refer to an [example on how to generate SAML credentials]({{< relref "../saml#generate-private-key-for-saml-authentication" >}}).
The SAML standard recommends using a digital signature for some types of messages, like authentication or logout requests to avoid [man-in-the-middle attacks](https://en.wikipedia.org/wiki/Man-in-the-middle_attack). 1. Choose which signature algorithm should be used.
The SAML standard recommends using a digital signature for some types of messages, like authentication or logout requests to avoid [man-in-the-middle attacks](https://en.wikipedia.org/wiki/Man-in-the-middle_attack).
1. Click **Next: Connect Grafana with Identity Provider**. 1. Click **Next: Connect Grafana with Identity Provider**.