From 30d05132e65414f0f6582aca7abce67c94732330 Mon Sep 17 00:00:00 2001 From: kodjomiles Date: Mon, 30 Jun 2025 11:34:16 +0000 Subject: [PATCH 1/3] Enhance SCIM and AzureAD documentation with improved formatting and additional details. Updated SCIM functionality list with limitations and clarified AzureAD integration steps, including prerequisites and configuration instructions. --- .../_scim_functionality_list.mdx | 13 +- docs/sso-rbac/sso-providers/oidc/azure-ad.md | 266 ++++++++---------- 2 files changed, 131 insertions(+), 148 deletions(-) diff --git a/docs/sso-rbac/sso-providers/_scim_functionality_list.mdx b/docs/sso-rbac/sso-providers/_scim_functionality_list.mdx index d86973a8c9..ef38929d14 100644 --- a/docs/sso-rbac/sso-providers/_scim_functionality_list.mdx +++ b/docs/sso-rbac/sso-providers/_scim_functionality_list.mdx @@ -1,9 +1,16 @@ -### Functionality enabled by SCIM +

Functionality enabled by SCIM

By enabling SCIM the following functionality will be enabled: - Automatic deprovisioning of users (for example, when a user is unassigned from the SSO application, that user will automatically lose access to Port). -### Limitations +

Limitations

-- SCIM is currently only supported for customers with a single workspace. \ No newline at end of file +- **Does not support user provisioning** - Only deprovisioning is supported; users must be created manually or through SSO login +- **Does not sync user attribute updates** - Changes to user profiles in your identity provider will not automatically update in Port +- **Does not support group provisioning** - Group membership changes in your identity provider are not synchronized via SCIM +- **Does not provide real-time sync** - SCIM operations may have delays and are not instantaneous +- **Does not support custom user attributes** - Only standard user fields are processed during deprovisioning +- **Only supported for customers with a single workspace** - SCIM is not available for multi-workspace setups + +For full user and group synchronization, rely on the SSO login process rather than SCIM. diff --git a/docs/sso-rbac/sso-providers/oidc/azure-ad.md b/docs/sso-rbac/sso-providers/oidc/azure-ad.md index 0518b8601a..b5fe813964 100644 --- a/docs/sso-rbac/sso-providers/oidc/azure-ad.md +++ b/docs/sso-rbac/sso-providers/oidc/azure-ad.md @@ -1,7 +1,7 @@ --- title: "Microsoft Entra ID (AzureAD)" sidebar_position: 1 -description: Integrate AzureAD with Port +description: Integrate AzureAD with Port using OIDC --- import ScimFunctionality from "/docs/sso-rbac/sso-providers/\_scim_functionality_list.mdx" @@ -10,279 +10,255 @@ import SSOEndpoints from "/docs/generalTemplates/_sso_auth0_endpoints.md" # How to configure AzureAD -Follow this step-by-step guide to configure the integration between Port and Azure Active Directory. +This guide demonstrates how to configure Single Sign-On (SSO) integration between Port and Microsoft Entra ID (AzureAD) using OIDC. -:::info -In order to complete the process you will need to contact us to receive the information you require, as well as the [information Port requires from you](https://docs.port.io/sso-rbac/sso-providers/oidc/azure-ad#step-6-providing-the-application-information-to-port). Read below for more information. +Once implemented: +- Users can connect to Port via an AzureAD app +- AzureAD teams will be automatically synced with Port upon user sign-in +- You can set granular permissions in Port according to your AzureAD groups -::: +## Prerequisites -## Port-AzureAd integration benefits +Before starting the configuration, ensure you have: -- Connect to the Port application via an AzureAD app. -- Your AzureAD teams will be automatically synced with Port upon a user sign-in. -- Set granular permissions on Port according to your AzureAD groups. +- Access to the Microsoft Azure Portal with permissions to create and configure applications +- Users who need access to Port must have a valid value in their `Email` field in Azure AD +- Contact information ready to share with Port support team for the final configuration steps -## How to configure a Port application in Azure AD +To complete the process you will need to contact us to receive the information you require, as well as provide Port with specific application details outlined in this guide. -:::info +## Register a new application -**Prerequisites** - -To make the **Port** app connection work, users who have access need to have a legal value in their `Email` field in Azure AD. - -::: - -### Step #1: Register a new application +

Create the application registration

1. In the Microsoft Azure Portal, go to `Azure Active Directory`. 2. Click on `App registrations`. - ![AzureAD new application wizard](/img/sso/azure-ad/AzureADNavBar.png) + 3. Click on `New registration` at the top of the page - ![AzureAD new application wizard](/img/sso/azure-ad/AzureNewRegistration.png) + 4. Define the Port application settings: - 4.1 `Name`: Insert a friendly name for the Port app, like `Port`. + 4.1 **Name**: Insert a friendly name for the Port app, like `Port`. - 4.2 `Supported account types`: Please select the option that is appropriate for your organization. + 4.2 **Supported account types**: Please select the option that is appropriate for your organization. - :::note For most use cases this would be **Accounts in this organizational directory only (Default Directory only - Single tenant)**. - ::: - - 4.3 `Redirect URI`: - - Set `Platform` to `Web`. - - Set `URL` to `https://auth.getport.io/login/callback`. + 4.3 **Redirect URI**: + - Set `Platform` to `Web` + - Set `URL` to `https://auth.getport.io/login/callback` - ![AzureAD new application wizard](/img/sso/azure-ad/ApplicationRegistrationForm.png) + + 4.4 Click `Register`. - 4.5 On the new Port App page, click `Authentication`. +

Configure authentication settings

+ +1. On the new Port App page, click `Authentication`. - ![Azure navigation bar authentication](/img/sso/azure-ad/AzureAppNavAuthentication.png) + - 4.6 `Front-channel logout URL`: paste the following URL: +2. Add the **Front-channel logout URL**: paste the following URL: ```text showLineNumbers https://auth.getport.io/logout ``` - :::tip single sign-out - Adding the front-channel logout URL will enable single sign-out, meaning when a user logs our from Port, it also logs him out from his identity provider. - ::: + Adding the front-channel logout URL will enable single sign-out, meaning when a user logs out from Port, it also logs them out from their identity provider. + + + +3. Click `Save`. - ![Azure app authentication form](/img/sso/azure-ad/AzureAppAuthenticationForm.png) +## Configure application branding - 4.7 Click `Save`. +1. On the new Port App page, click `Branding & Properties`. -### Step #2: Customize your Port app with Login URL and Logo + -1. On the new Port App page, click `Branding & Properties`. +2. Configure the following settings: - ![Azure navigation bar Branding and Properties](/img/sso/azure-ad/AzureAppNavBranding.png) + 2.1 **Home page URL**: paste the following URL: - 1.1 `Home page URL`: paste the following URL: + - + We will provide your `{CONNECTION_NAME}` (Contact us using chat/Slack/mail to [support@getport.io](mailto:support@getport.io)). - :::note - We will provide your `{CONNECTION_NAME}` (Contact us using chat/Slack/mail to [support@getport.io](mailto:support@getport.io)). - ::: + 2.2 **Add the Port logo** (optional): - 1.2 Add the Port logo (optional): + - ![Port's logo](/img/sso/general-assets/PortLogo.png) + 2.3 **Publisher domain**: Select the domain matching your user emails (for example `getport.io`). - 1.3 `Publisher domain`: Select the domain matching **your** user emails (for example `getport.io`). + - ![Azure app branding form](/img/sso/azure-ad/AzureAppBrandingForm.png) +3. Click `Save`. - 1.4 Click `Save`. +## Set up application permissions -### Step #3: Configuring the application permissions +

Add required permissions

1. On the Port App page, click `API Permissions`. - ![Azure navigation bar API permissions](/img/sso/azure-ad/AzureAppNavAPI.png) + -2. Click `Add a permission`: +2. Click `Add a permission`. - ![Azure navigation bar API permissions](/img/sso/azure-ad/AzureAppAPIPermissions.png) + 3. On the `Microsoft APIs` tab: - 3.1 Click on `Microsoft Graph` + 3.1 Click on `Microsoft Graph`. - ![Azure API permissions Microsoft APIs](/img/sso/azure-ad/AzureAppMicrosoftGraph.png) + - 3.2 Click on `Delegate Permissions` + 3.2 Click on `Delegate Permissions`. - ![Azure Microsoft APIs delegate permissions](/img/sso/azure-ad/AzureAppAPIdelegatePermissions.png) + 3.3 Search and mark the following permissions: + - `email`, `openid`, `profile`, `User.read` - - `email`, `openid`, `profile`, `User.read`. - - - :::info AzureAD groups - If you wish to pull in AzureAD groups into Port, you will also need to add the `Directory.Read.All` permission. See [Permissions required to pull AzureAD groups to Port](#permissions-required-to-pull-azuread-groups-to-port). - ::: + If you wish to pull in AzureAD groups into Port, you will also need to add the `Directory.Read.All` permission. See [Permissions required to pull AzureAD groups to Port](#enable-azuread-groups-integration). - ![Azure API set permissions](/img/sso/azure-ad/AzureAppAPIPermissionsSettings.png) + 3.4 Click `Add permissions`. - :::note + :::info Grant admin consent (OPTIONAL) `Grant admin consent`: when users from your organization will first log in, they will be prompted to confirm the permissions specified here. You can click the `Grant admin consent for Default Directory` to automatically approve their permissions. ::: -### Step #4: Configuring the application claims -1. On the Port App page, click `Token configuration`: - ![Azure application token configuration](/img/sso/azure-ad/AzureAppTokenConfigurationTab.png) +## Configure application claims -2. Click `Add optional claim`: +

Add optional claims

- ![Azure app token adding a claim button](/img/sso/azure-ad/AzureAppAddToken.png) +1. On the Port App page, click `Token configuration`. -3. Select `ID` as the token type and then select the `email` claim, then click `Add`: + - ![Azure app token adding a claim](/img/sso/azure-ad/AzureAppAddingClaims.png) +2. Click `Add optional claim`. - :::note - Repeat the same process for `Access` and `SAML` (3 times total). - ::: - -4. Your optional claims will look like this: + - ![Azure app permissions summary](/img/sso/azure-ad/AzureAppPermissionsFinal.png) +3. Select `ID` as the token type and then select the `email` claim, then click `Add`. -### Step #5: Configuring application secret + -1. On the Port App page, click `Certificates & Secrets`: + Repeat the same process for `Access` and `SAML` (3 times total). - ![Azure application certification and secrets button](/img/sso/azure-ad/AzureAppCertificationsSecretsNav.png) +4. Your optional claims will look like this: -2. On the `Client secrets` tab, click the `New client secret` button: + - ![Azure application client secrets button](/img/sso/azure-ad/AzureAppClientSecrets.png) +## Generate application secret - 2.1 `Description`: Enter a secret description, for example `Port Login Client Secret`. +

Create client secret

- 2.2 `Expires`: Select when will the secret expires. +1. On the Port App page, click `Certificates & Secrets`. - :::danger - Be sure to mark on your calendar the expiration date of the secret. The secret needs to be replaced before its expiration, otherwise login to Port will be disabled. - ::: + - 2.3 Click `Add`. +2. On the `Client secrets` tab, click the `New client secret` button. - A secret will be created and its Value will appear as shown in the image below. Immediately document the secret’s value because we will need it for our next step. + - :::danger COPY YOUR SECRET NOW - Be advised that your secret will never appear again after you leave this page. - ::: +3. Configure the secret: - ![Azure application display secrets](/img/sso/azure-ad/AzureAppSecret.png) + 3.1 **Description**: Enter a secret description, for example `Port Login Client Secret`. -### Step #6: Providing the application information to Port + 3.2 **Expires**: Select when the secret expires. -Port needs the following information for this process: + **Important**: Be sure to mark on your calendar the expiration date of the secret. The secret needs to be replaced before its expiration, otherwise login to Port will be disabled. -- The `Client Secret` value that you created on [Step 5: Configuring application secret](#step-5-configuring-application-secret). -- The `Application (Client) ID`, which appears on the Port application overview page: + 3.3 Click `Add`. -![Azure application display secrets](/img/sso/azure-ad/AzureAppDetailsSection.png) +4. **Copy the secret immediately**: A secret will be created and its Value will appear as shown in the image below. Document the secret's value immediately because it will never appear again after you leave this page. -:::note -**Port** will provide you the `CONNECTION_NAME` needed for the homepage URL of the App, as described on [Step 2](#step-2-customize-your-port-app-with-login-url-and-logo). -::: + -### Step #7: Exposing the application to your organization +## Provide application information to Port -1. Assigning the App to organization users and groups +Port needs the following information to complete the integration: - After the app setup is complete, you can proceed to assign it to your organization’s users and groups, by distributing it in your organization: +- The `Client Secret` value that you created in the previous step +- The `Application (Client) ID`, which appears on the Port application overview page: - 1.1 Go to `Azure Active Directory`. + - 1.2 Go to `Enterprise Applications`: +Port will provide you the `CONNECTION_NAME` needed for the homepage URL of the App. - ![Azure AD enterprise applications](/img/sso/azure-ad/AzureAppEnterpriseNav.png) +## Distribute the application to users -2. Click on the Port app: +

Assign users and groups

- ![Azure all application port app](/img/sso/azure-ad/AzurePortApp.png) +After the app setup is complete, you can assign it to your organization's users and groups: -3. Click on `Users and Groups`: +1. Go to `Azure Active Directory`. - ![Azure AD users and groups](/img/sso/azure-ad/AzureAppUserGroupsNav.png) +2. Go to `Enterprise Applications`. -4. Click `Add user/group`: + - ![Azure AD users and groups](/img/sso/azure-ad/AzureAddUserGroupButton.png) +3. Click on the Port app. - 4.1 Select users and groups you want to grant access to Port. + - 4.2 Click `Assign`. +4. Click on `Users and Groups`. -5. Make the Port application visible on the `myapplications` page: + - 5.1 Go to `Azure Active Directory`. +5. Click `Add user/group`. - 5.2 Go to `Enterprise Applications`. + - 5.3 Click on the Port app. +6. Select users and groups you want to grant access to Port, then click `Assign`. - 5.4 Click on `Properties`: +

Make the application visible

- ![Azure application properties](/img/sso/azure-ad/AzureAppProperties.png) +1. Go to `Azure Active Directory` > `Enterprise Applications` > Port app. - 5.5 Set the application properties: +2. Click on `Properties`. - - Mark `Enabled for users to sign-in?` as `Yes`. + - - Mark `Visible to users?` as `Yes`. +3. Set the application properties: + - Mark `Enabled for users to sign-in?` as `Yes` + - Mark `Visible to users?` as `Yes` - :::note - By default the `Assignment required?` flag is set to `No`, meaning any user with the Homepage URL to the Port app can access it, even if the app isn’t directly assigned to them. - Changing the flag to `Yes` means only users and groups the app is directly assigned to can use and access it. + By default the `Assignment required?` flag is set to `No`, meaning any user with the Homepage URL to the Port app can access it, even if the app isn't directly assigned to them. Changing the flag to `Yes` means only users and groups the app is directly assigned to can use and access it. - ::: + - ![Azure application properties form](/img/sso/azure-ad/AzureAppPropertiesValues.png) +4. You should see the Port app on the [https://myapplications.microsoft.com](https://myapplications.microsoft.com) dashboard: - You should see the Port app on the [https://myapplications.microsoft.com](https://myapplications.microsoft.com) dashboard: + - ![Azure application dashboard](/img/sso/azure-ad/AzureDashboardWithPort.png) +Users can also manually access Port by going to the App Homepage URL. - :::note manual URL based login - Users can also manually access Port by going to the App Homepage URL (The URL configured in [step 1.1](#step-2-customize-your-port-app-with-login-url-and-logo) here). - ::: +## Multiple Azure AD SSO connections -:::warning Multiple Azure AD SSO connections -In case you have multiple Port environments, it is possible to setup an OIDC Azure AD SSO connection for each of those environments. +If you have multiple Port environments, it is possible to setup an OIDC Azure AD SSO connection for each environment. -However, note that in this instance you **will not** be able to use Port's main login page to reliably sign in to a specific environment, when you enter your email address to login, it will take you to one of your Port environments but it is not guaranteed to take you to the same Port environment every time. +However, note that in this instance you **will not** be able to use Port's main login page to reliably sign in to a specific environment. When you enter your email address to login, it will take you to one of your Port environments but it is not guaranteed to take you to the same Port environment every time. In that case you have the following options: -- Use the [https://myapplications.microsoft.com](https://myapplications.microsoft.com) dashboard provided by Azure AD and select the desired Port environment to connect to. +- Use the [https://myapplications.microsoft.com](https://myapplications.microsoft.com) dashboard provided by Azure AD and select the desired Port environment to connect to - Use the manual login URL for each environment directly, by specifying the desired environment based on its respective `CONNECTION_NAME` value - ::: -## Permissions required to pull AzureAD groups to Port +## Enable AzureAD groups integration -Port can query the group membership of users who log in through the AzureAD SSO, and add their teams as team entities inside Port. This allows the platform engineers to take advantage of both existing groups from AzureAD and teams created manually inside Port to manage permissions and access to resources inside Port's catalog. +Port can query the group membership of users who log in through the AzureAD SSO, and add their teams as team entities inside Port. This allows platform engineers to take advantage of both existing groups from AzureAD and teams created manually inside Port to manage permissions and access to resources inside Port's catalog. -**Important:** In order to import Azure AD groups into Port, Port will require the connection app to approve the `Directory.Read.All` permission +**Important**: In order to import Azure AD groups into Port, Port will require the connection app to approve the `Directory.Read.All` permission. ## SCIM Configuration (beta) @@ -292,7 +268,7 @@ Entra ID (AzureAD) OIDC applications support [SCIM](https://auth0.com/docs/authe -### Setup SCIM +

Set up SCIM

To set up SCIM for Entra ID OIDC based applications, contact Port's support team. From 67e5eda91386a5ed92bb81a4340dfdbc795a5bdc Mon Sep 17 00:00:00 2001 From: kodjomiles Date: Mon, 30 Jun 2025 15:31:35 +0000 Subject: [PATCH 2/3] Refine SCIM and AzureAD documentation with improved punctuation and clarity. Enhanced SCIM limitations section and streamlined AzureAD integration steps for better readability. --- .../_scim_functionality_list.mdx | 12 ++--- docs/sso-rbac/sso-providers/oidc/azure-ad.md | 48 ++++++++++++------- 2 files changed, 37 insertions(+), 23 deletions(-) diff --git a/docs/sso-rbac/sso-providers/_scim_functionality_list.mdx b/docs/sso-rbac/sso-providers/_scim_functionality_list.mdx index ef38929d14..3173b90111 100644 --- a/docs/sso-rbac/sso-providers/_scim_functionality_list.mdx +++ b/docs/sso-rbac/sso-providers/_scim_functionality_list.mdx @@ -6,11 +6,11 @@ By enabling SCIM the following functionality will be enabled:

Limitations

-- **Does not support user provisioning** - Only deprovisioning is supported; users must be created manually or through SSO login -- **Does not sync user attribute updates** - Changes to user profiles in your identity provider will not automatically update in Port -- **Does not support group provisioning** - Group membership changes in your identity provider are not synchronized via SCIM -- **Does not provide real-time sync** - SCIM operations may have delays and are not instantaneous -- **Does not support custom user attributes** - Only standard user fields are processed during deprovisioning -- **Only supported for customers with a single workspace** - SCIM is not available for multi-workspace setups +- **Does not support user provisioning** - Only deprovisioning is supported; users must be created manually or through SSO login. +- **Does not sync user attribute updates** - Changes to user profiles in your identity provider will not automatically update in Port. +- **Does not support group provisioning** - Group membership changes in your identity provider are not synchronized via SCIM. +- **Does not provide real-time sync** - SCIM operations may have delays and are not instantaneous. +- **Does not support custom user attributes** - Only standard user fields are processed during deprovisioning. +- **Only supported for customers with a single workspace** - SCIM is not available for multi-workspace setups. For full user and group synchronization, rely on the SSO login process rather than SCIM. diff --git a/docs/sso-rbac/sso-providers/oidc/azure-ad.md b/docs/sso-rbac/sso-providers/oidc/azure-ad.md index b5fe813964..bdf73227bf 100644 --- a/docs/sso-rbac/sso-providers/oidc/azure-ad.md +++ b/docs/sso-rbac/sso-providers/oidc/azure-ad.md @@ -13,19 +13,21 @@ import SSOEndpoints from "/docs/generalTemplates/_sso_auth0_endpoints.md" This guide demonstrates how to configure Single Sign-On (SSO) integration between Port and Microsoft Entra ID (AzureAD) using OIDC. Once implemented: -- Users can connect to Port via an AzureAD app -- AzureAD teams will be automatically synced with Port upon user sign-in -- You can set granular permissions in Port according to your AzureAD groups +- Users can connect to Port via an AzureAD app. +- AzureAD teams will be automatically synced with Port upon user sign-in. +- You can set granular permissions in Port according to your AzureAD groups. ## Prerequisites Before starting the configuration, ensure you have: -- Access to the Microsoft Azure Portal with permissions to create and configure applications -- Users who need access to Port must have a valid value in their `Email` field in Azure AD -- Contact information ready to share with Port support team for the final configuration steps +- Access to the Microsoft Azure Portal with permissions to create and configure applications. +- Users who need access to Port must have a valid value in their `Email` field in Azure AD. +- Contact information ready to share with Port support team for the final configuration steps. +:::info Contact us To complete the process you will need to contact us to receive the information you require, as well as provide Port with specific application details outlined in this guide. +::: ## Register a new application @@ -36,7 +38,7 @@ To complete the process you will need to contact us to receive the information y -3. Click on `New registration` at the top of the page +3. Click on `New registration` at the top of the page. @@ -124,7 +126,14 @@ To complete the process you will need to contact us to receive the information y 3.3 Search and mark the following permissions: - `email`, `openid`, `profile`, `User.read` - If you wish to pull in AzureAD groups into Port, you will also need to add the `Directory.Read.All` permission. See [Permissions required to pull AzureAD groups to Port](#enable-azuread-groups-integration). +
+ + :::info AzureAD groups integration + If you wish to pull in AzureAD groups into Port, you will also need to add the `Directory.Read.All` permission. + See [Permissions required to pull AzureAD groups to Port](#enable-azuread-groups-integration) for more details. + ::: + +
@@ -176,7 +185,7 @@ To complete the process you will need to contact us to receive the information y 3.2 **Expires**: Select when the secret expires. - **Important**: Be sure to mark on your calendar the expiration date of the secret. The secret needs to be replaced before its expiration, otherwise login to Port will be disabled. + Be sure to mark on your calendar the expiration date of the secret. The secret needs to be replaced before its expiration, otherwise login to Port will be disabled. 3.3 Click `Add`. @@ -188,7 +197,7 @@ To complete the process you will need to contact us to receive the information y Port needs the following information to complete the integration: -- The `Client Secret` value that you created in the previous step +- The `Client Secret` value that you created in the previous step. - The `Application (Client) ID`, which appears on the Port application overview page: @@ -230,10 +239,15 @@ After the app setup is complete, you can assign it to your organization's users 3. Set the application properties: - - Mark `Enabled for users to sign-in?` as `Yes` - - Mark `Visible to users?` as `Yes` + - Mark `Enabled for users to sign-in?` as `Yes`. + - Mark `Visible to users?` as `Yes`. +
+ :::info Assignment required? By default the `Assignment required?` flag is set to `No`, meaning any user with the Homepage URL to the Port app can access it, even if the app isn't directly assigned to them. Changing the flag to `Yes` means only users and groups the app is directly assigned to can use and access it. + ::: + +
@@ -251,14 +265,14 @@ However, note that in this instance you **will not** be able to use Port's main In that case you have the following options: -- Use the [https://myapplications.microsoft.com](https://myapplications.microsoft.com) dashboard provided by Azure AD and select the desired Port environment to connect to -- Use the manual login URL for each environment directly, by specifying the desired environment based on its respective `CONNECTION_NAME` value +- Use the [https://myapplications.microsoft.com](https://myapplications.microsoft.com) dashboard provided by Azure AD and select the desired Port environment to connect to. +- Use the manual login URL for each environment directly, by specifying the desired environment based on its respective `CONNECTION_NAME` value. ## Enable AzureAD groups integration Port can query the group membership of users who log in through the AzureAD SSO, and add their teams as team entities inside Port. This allows platform engineers to take advantage of both existing groups from AzureAD and teams created manually inside Port to manage permissions and access to resources inside Port's catalog. -**Important**: In order to import Azure AD groups into Port, Port will require the connection app to approve the `Directory.Read.All` permission. +In order to import Azure AD groups into Port, Port will require the connection app to approve the `Directory.Read.All` permission. ## SCIM Configuration (beta) @@ -274,8 +288,8 @@ To set up SCIM for Entra ID OIDC based applications, contact Port's support team You will be provided with: -- An SCIM `endpoint` -- An SCIM `token` +- An SCIM `endpoint`. +- An SCIM `token`. The `endpoint` and `token` will be used to set up the SCIM integration in your identity provider. From 143c3ecf609a5340a8bbb90a01a0cb4807b7ad39 Mon Sep 17 00:00:00 2001 From: kodjomiles Date: Tue, 1 Jul 2025 13:16:45 +0000 Subject: [PATCH 3/3] Refactor AzureAD documentation by removing optional logo section since the logo is outdated and that section --- docs/sso-rbac/sso-providers/oidc/azure-ad.md | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) diff --git a/docs/sso-rbac/sso-providers/oidc/azure-ad.md b/docs/sso-rbac/sso-providers/oidc/azure-ad.md index bdf73227bf..c42ef8e28a 100644 --- a/docs/sso-rbac/sso-providers/oidc/azure-ad.md +++ b/docs/sso-rbac/sso-providers/oidc/azure-ad.md @@ -91,11 +91,7 @@ To complete the process you will need to contact us to receive the information y We will provide your `{CONNECTION_NAME}` (Contact us using chat/Slack/mail to [support@getport.io](mailto:support@getport.io)). - 2.2 **Add the Port logo** (optional): - - - - 2.3 **Publisher domain**: Select the domain matching your user emails (for example `getport.io`). + 2.2 **Publisher domain**: Select the domain matching your user emails (for example `getport.io`).