-
Notifications
You must be signed in to change notification settings - Fork 497
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
fix: Add create enterprise connection documentation, fix links
- Loading branch information
1 parent
574d60f
commit 59f07e3
Showing
1 changed file
with
12 additions
and
2 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -9,8 +9,8 @@ Currently, Clerk offers direct SAML integrations with [Microsoft Azure AD](/docs | |
|
|
||
| For EASIE connections, Clerk offers integration with Google Workspace and Microsoft Entra ID. Setting up an EASIE connection for production requires custom OAuth credentials, following the same steps outlined in our Google and Microsoft social connection guides: | ||
|
|
||
| - [Google] docs/authentication/social-connections/google | ||
| - [Microsoft] docs/authentication/social-connections/azure | ||
| - [Google](docs/authentication/social-connections/google) | ||
| - [Microsoft](docs/authentication/social-connections/azure) | ||
|
|
||
| For development, the same shared OAuth credentials supported by Social Connections can be used for EASIE. | ||
|
|
||
|
|
@@ -20,6 +20,16 @@ For development, the same shared OAuth credentials supported by Social Connectio | |
|
|
||
| One of the primary tradeoffs is [security](https://easie.dev#security). Clerk does take steps to [migitate potential security conerns](https://easie.clerkstage.dev/#mitigating-tenant-crossover-vulnerabilities), but applications that must use single-tenant identity providers should use SAML SSO. | ||
|
|
||
| ## Creating Enterprise Connections in Clerk Dashboard | ||
|
|
||
| To create an Enterprise Connection, | ||
|
|
||
| 1. Navigate to the [Clerk Dashboard](https://dashboard.clerk.com/last-active?path=user-authentication/sso-connections). | ||
| 1. In the top navigation, select **Configure**. Then in the sidebar, select **SSO Connections**. | ||
| 1. Click on **Add connection** on the top right and select **For specific domains**. | ||
| 1. Select one of the IdP options for an EASIE or SAML connection. | ||
| 1. On the next page, enter any required information for the new Enterprise Connection, such as the **domain**. | ||
|
|
||
| ## Allow subdomains | ||
|
|
||
| Authenticating via SAML SSO requires the user's email address domain to match the exact domain the SAML connection has been configured with. By default, subdomains are not supported. For example, a user with the email address `[email protected]` would not be able to use a SAML connection with the `example.com` domain in order to authenticate. | ||
|
|
||