Is this still accurate for supported idp providers? https://docs.chef.io/automate/saml/
Yes? How do you mean?
I didn’t know if there were any new providers incoming or that haven’t been added that are supported. Looking for Shibboleth support.
Ah, OK. I’ll leave that for someone else who knows.
For what it’s worth, our org did the legwork to get Azure AD support running and contributed that back. You might be able to do the same for Shibboleth.
Shib is just saml2 compliant, so there’s good chances it would work as-is
Azure AD is saml2 also, but it took our AD and SAML experts a bit to work out the extra few bits of config to make it work.
Well Saml2 as made by ADFS is a bit complex, specially on the ADFS side to configure what is to be given in the ‘token’ (sorry I forgot the proper term)
The complex part is the usually the group membership, the Auth itself is ‘standard’