You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: docs/teams/oidc_groups.md
+2-14Lines changed: 2 additions & 14 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -12,7 +12,6 @@ Livebook Teams allows you to control access to your app servers and Livebook app
12
12
OIDC groups authorization enables you to:
13
13
14
14
- Restrict access to your Livebook apps and app servers based on group membership
15
-
- Control which users can access specific apps using slug prefix filtering
16
15
- Integrate seamlessly with your existing OIDC SSO provider (Okta, Microsoft Entra, etc.)
17
16
18
17
## Prerequisites
@@ -33,7 +32,7 @@ To enable authorization via OIDC SSO groups for a deployment group:
33
32
1. Log in to Livebook Teams
34
33
2. Navigate to the **Deployments** panel
35
34
3. Click **Edit** on the deployment group where you want to enable authorization
36
-
4. Go to the **IAM** section (requires "admin" role in the organization)
35
+
4. Go to the **App server access** section (requires "admin" role in the organization)
37
36
5. Ensure that **Authenticate via Livebook Teams** is enabled
38
37
6. Enable **Authorize via OIDC SSO groups**
39
38
@@ -44,10 +43,7 @@ Once authorization is enabled, you can add group access rules:
44
43
1. Click the **Add group** button
45
44
2. Select one of your configured OIDC identity providers
46
45
3. Enter the name of a group from your identity provider
47
-
4. Choose the **Access type**:
48
-
- Full access
49
-
- Slug prefix access
50
-
5. Click the **Add group** button to save the rule
46
+
4. Click the **Add group** button to save the rule
51
47
52
48
You can add multiple groups with different access types to configure your authorization strategy.
53
49
@@ -61,14 +57,6 @@ Users who belong to groups with full access can access:
61
57
62
58
**Notice that [Admin authentication](authentication.md#admin-authentication) configs will also apply if configured.*
63
59
64
-
### Slug prefix access
65
-
66
-
Users who belong to groups with slug prefix access can only access Livebook apps whose URL slugs start with the specified prefix.
67
-
68
-
For example, with the slug prefix "**finance-**", users can access an app whose slug is "**finance-**budget", but not one with the slug "**hr-**budget".
69
-
70
-
This allows you to create role-based access control based on your organization's existing group structure.
0 commit comments