diff --git a/docs/teams/email_domain.md b/docs/teams/email_domain.md index 6bb6b47b5..f9367a19a 100644 --- a/docs/teams/email_domain.md +++ b/docs/teams/email_domain.md @@ -21,14 +21,14 @@ Here's a quick demo of the feature: To set up email domain authentication for your organization: -1. Log in to Livebook Teams. -2. Navigate to the **Authentication** panel. -3. Find the **Email domain** section. -4. Click **Configure**. +1. Log in to Livebook Teams +2. Navigate to the **Authentication** panel (requires "admin" role in the organization) +3. Find the **Email domain** section +4. Click **Configure** 5. Enter your company's email domain(s): - Add one domain per line (e.g., `acme.com`) - You can add multiple domains if needed -6. Save your changes. +6. Save your changes ### 2. Configure your deployment group to authenticate via Livebook Teams To enable email domain authentication, your deployment group must be configured to use authentication via Livebook Teams. @@ -37,17 +37,17 @@ To enable email domain authentication, your deployment group must be configured In order to do so, follow these steps: -1. Log in to Livebook Teams. -2. Navigate to the **Deployments** panel. -3. Click **Edit** on the deployment group where you want to enable authentication. +1. Log in to Livebook Teams +2. Navigate to the **Deployments** panel +3. Click **Edit** on the deployment group where you want to enable authentication 4. Ensure that **Authenticate via Livebook Teams** is enabled. -5. Save your changes. +5. Save your changes ### Test the integration To verify the integration is working, follow these steps: -1. Navigate to an application deployed in a deployment group configured with email domain authentication. -2. The app server will redirect you to Livebook Teams for authentication. -3. On the authentication page, you will see an option to sign in using your email provider. -4. Click the name of your email provider and follow the authentication steps. -5. Once authentication is complete, your email provider will redirect you back to your app server, and you will be successfully signed in. +1. Navigate to an application deployed in a deployment group configured with email domain authentication +2. The app server will redirect you to Livebook Teams for authentication +3. On the authentication page, you will see an option to sign in using your email provider +4. Click the name of your email provider and follow the authentication steps +5. Once authentication is complete, your email provider will redirect you back to your app server, and you will be successfully signed in diff --git a/docs/teams/oidc_sso.md b/docs/teams/oidc_sso.md index 59212c2c7..292f1a99e 100644 --- a/docs/teams/oidc_sso.md +++ b/docs/teams/oidc_sso.md @@ -26,8 +26,8 @@ Go to your IdP admin, and register Livebook Teams as a Relying Party (client/app Once that’s done, you should retrieve the following information from the registration process: -- **Client ID**: A unique identifier assigned to Livebook Teams by your IdP. -- **Client Secret**: A confidential key assigned to Livebook Teams by your IdP. +- **Client ID**: A unique identifier assigned to Livebook Teams by your IdP +- **Client Secret**: A confidential key assigned to Livebook Teams by your IdP - **Discovery URL**: This is the OIDC metadata URL provided by your IdP. Usual format: `https://YOUR_IDP/.well-known/openid-configuration` ### 2. Configure OIDC in Livebook Teams @@ -35,13 +35,13 @@ Once that’s done, you should retrieve the following information from the regis 1. Log in to Livebook Teams -2. Go to the **Authentication** panel +2. Go to the **Authentication** panel (requires "admin" role in the organization) 3. Click **Add OIDC SSO** and provide the following details: - - **Name**: A display name for your OIDC provider (e.g., Okta, Microsoft Entra, Keycloak). - - **Discovery URL**: Use the discovery URL retrieved from your IdP. - - **Client ID**: Use the Client ID retrieved from your IdP. - - **Client Secret**: Use the Client Secret retrieved from your IdP. - - **Enable this SSO provider**: Make sure this option is enabled. + - **Name**: A display name for your OIDC provider (e.g., Okta, Microsoft Entra, Keycloak) + - **Discovery URL**: Use the discovery URL retrieved from your IdP + - **Client ID**: Use the Client ID retrieved from your IdP + - **Client Secret**: Use the Client Secret retrieved from your IdP + - **Enable this SSO provider**: Make sure this option is enabled 4. Save ### 3. Configure your deployment group to authenticate via Livebook Teams @@ -52,18 +52,18 @@ To enable OIDC authentication, your deployment group must be configured to use a In order to do so, follow these steps: -1. Log in to Livebook Teams. -2. Navigate to the **Deployments** panel. -3. Click **Edit** on the deployment group where you want to enable authentication. -4. Ensure that **Authenticate via Livebook Teams** is enabled. -5. Save your changes. +1. Log in to Livebook Teams +2. Navigate to the **Deployments** panel +3. Click **Edit** on the deployment group where you want to enable authentication +4. Ensure that **Authenticate via Livebook Teams** is enabled +5. Save your changes ### Test the integration with your OIDC IdP To verify the integration is working, follow these steps: 1. Navigate to an application deployed in a deployment group configured for OIDC authentication. -2. The app server will redirect you to Livebook Teams for authentication. -3. On the authentication page, you will see an option to sign in using your configured OIDC provider. -4. Click the name of your OIDC SSO configuration and follow the authentication steps provided by your IdP. -5. Once authentication is complete, the IdP will redirect you back to your app server, and you will be successfully signed in. +2. The app server will redirect you to Livebook Teams for authentication +3. On the authentication page, you will see an option to sign in using your configured OIDC provider +4. Click the name of your OIDC SSO configuration and follow the authentication steps provided by your IdP +5. Once authentication is complete, the IdP will redirect you back to your app server, and you will be successfully signed in