Move IDP guidelines for user and group synchronization to the 'How To…

…' documentation (#127)
netbirdio · Jan 12, 2024 · 8b56376 · 8b56376
1 parent 605130c
commit 8b56376
Show file tree

Hide file tree

Showing 17 changed files with 21 additions and 20 deletions.
diff --git a/misc/idp-sync/api.md b/misc/idp-sync/api.md
@@ -12,7 +12,7 @@ Authentication is required for all API requests. Please refer to the [authentica
 By default, for new integration synchronization is enabled.
 
 Request:
-- `service_account_key`: A Base64 encoded string derived from a service account key JSON. For the creation of the service account key JSON, refer to the provided [IdP guideline](idp.md).
+- `service_account_key`: A Base64 encoded string derived from a service account key JSON. For the creation of the service account key JSON, refer to the provided [IdP guideline](https://docs.netbird.io/how-to/idp-sync#google-work-space).
   Encode service account JSON to base64 by using the command:
 ```shell
   base64 -i <SERVICE_ACCOUNT_KEY_PATH>
@@ -102,7 +102,7 @@ Response
 Updates the selected parameters for a specific integration.
 
 Request
-- `service_account_key`: A Base64 encoded string derived from a service account key JSON.For the creation of the service account key JSON, refer to the provided [IdP guideline](idp.md).
+- `service_account_key`: A Base64 encoded string derived from a service account key JSON.For the creation of the service account key JSON, refer to the provided [IdP guideline](https://docs.netbird.io/how-to/idp-sync#google-work-space).
   Encode service account JSON to base64 by using the command:
 ```shell
   base64 -i <SERVICE_ACCOUNT_KEY_PATH>
@@ -168,7 +168,7 @@ Response
 
 
 ## Azure Endpoints
-Before proceeding with the setup, please ensure that you have configured Azure as per the guidelines outlined in the [IdP guideline](idp.md).
+Before proceeding with the setup, please ensure that you have configured Azure as per the guidelines outlined in the [IdP guideline](https://docs.netbird.io/how-to/idp-sync#azure-ad).
 
 ### Create Integration
 By default, for new integration synchronization is enabled.

diff --git a/...-sync/media/azure-add-application-uri.png → ...w-to-guides/azure-add-application-uri.png b/...-sync/media/azure-add-application-uri.png → ...w-to-guides/azure-add-application-uri.png
diff --git a/misc/idp-sync/media/azure-add-scope.png → ...tic/img/how-to-guides/azure-add-scope.png b/misc/idp-sync/media/azure-add-scope.png → ...tic/img/how-to-guides/azure-add-scope.png
diff --git a/...ync/media/azure-authorize-application.png → ...to-guides/azure-authorize-application.png b/...ync/media/azure-authorize-application.png → ...to-guides/azure-authorize-application.png
diff --git a/misc/idp-sync/media/azure-client-secret.png → ...img/how-to-guides/azure-client-secret.png b/misc/idp-sync/media/azure-client-secret.png → ...img/how-to-guides/azure-client-secret.png
diff --git a/...p-sync/media/azure-grant-admin-conset.png → ...ow-to-guides/azure-grant-admin-conset.png b/...p-sync/media/azure-grant-admin-conset.png → ...ow-to-guides/azure-grant-admin-conset.png
diff --git a/.../idp-sync/media/azure-new-application.png → ...g/how-to-guides/azure-new-application.png b/.../idp-sync/media/azure-new-application.png → ...g/how-to-guides/azure-new-application.png
diff --git a/...p-sync/media/azure-openid-permissions.png → ...ow-to-guides/azure-openid-permissions.png b/...p-sync/media/azure-openid-permissions.png → ...ow-to-guides/azure-openid-permissions.png
diff --git a/misc/idp-sync/media/azure-spa-uri-setup.png → ...img/how-to-guides/azure-spa-uri-setup.png b/misc/idp-sync/media/azure-spa-uri-setup.png → ...img/how-to-guides/azure-spa-uri-setup.png
diff --git a/...c/media/google-assign-service-account.png → ...-guides/google-assign-service-account.png b/...c/media/google-assign-service-account.png → ...-guides/google-assign-service-account.png
diff --git a/...ync/media/google-edit-service-account.png → ...to-guides/google-edit-service-account.png b/...ync/media/google-edit-service-account.png → ...to-guides/google-edit-service-account.png
diff --git a/.../idp-sync/media/google-new-admin-role.png → ...g/how-to-guides/google-new-admin-role.png b/.../idp-sync/media/google-new-admin-role.png → ...g/how-to-guides/google-new-admin-role.png
diff --git a/...p-sync/media/google-privileges-review.png → ...ow-to-guides/google-privileges-review.png b/...p-sync/media/google-privileges-review.png → ...ow-to-guides/google-privileges-review.png
diff --git a/...c/media/google-service-account-create.png → ...-guides/google-service-account-create.png b/...c/media/google-service-account-create.png → ...-guides/google-service-account-create.png
diff --git a/...dia/google-service-account-privileges.png → ...des/google-service-account-privileges.png b/...dia/google-service-account-privileges.png → ...des/google-service-account-privileges.png
diff --git a/src/components/NavigationDocs.jsx b/src/components/NavigationDocs.jsx
@@ -59,6 +59,7 @@ export const docsNavigation = [
             { title: 'Examples', href: '/how-to/examples' },
             { title: 'CLI', href: '/how-to/cli' },
             { title: 'Delete your NetBird account', href: '/how-to/delete-account' },
+            { title: 'IdP sync', href: '/how-to/idp-sync' },
 
         ],
     },

diff --git a/misc/idp-sync/idp.md → src/pages/how-to/idp-sync.mdx b/misc/idp-sync/idp.md → src/pages/how-to/idp-sync.mdx
@@ -1,9 +1,9 @@
-# Introduction
+## IdP sync
 
 Welcome to our comprehensive guide on configuring Identity Provider (IdP) for users and groups synchronization. This document provides step-by-step instructions and best practices for setting up and managing your synchronization processes effectively.
 
 
-## Google WorkSpace
+### Google WorkSpace
 
 Before you start creating and configuring an Google Workspace application, ensure that you have the following:
 - User account with admin permissions: You must have an Google Workspace user account with the admin permissions to create and manage Google Workspace applications. If you don't have the required permissions, ask your workspace administrator to grant them to you.
@@ -18,14 +18,14 @@ Before you start creating and configuring an Google Workspace application, ensur
   - Service account ID: `netbird`
 - Click `DONE`
 <p>
-    <img src="media/google-service-account-create.png" alt="service-account-create"/>
+    <img src="/docs-static/img/how-to-guides/google-service-account-create.png" alt="service-account-create"/>
 </p>
 
 #### Step 2: Create service account keys
 - Navigate to [API Credentials](https://console.cloud.google.com/apis/credentials) page
 - Under  `Service Accounts` click the `NetBird` to edit the service account
 <p>
-    <img src="media/google-edit-service-account.png" alt="edit-service-account"/>
+    <img src="/docs-static/img/how-to-guides/google-edit-service-account.png" alt="edit-service-account"/>
 </p>
 
 - Take note of service account email address, we will use it in next steps
@@ -45,32 +45,32 @@ Read how to manage and secure your service keys [here](https://cloud.google.com/
   - description: `User and Group Management ReadOnly`
 - Click `CONTINUE`
 <p>
-    <img src="media/google-new-admin-role.png" alt="new-admin-role"/>
+    <img src="/docs-static/img/how-to-guides/google-new-admin-role.png" alt="new-admin-role"/>
 </p>
 
 - Scroll down to `Admin API privileges` and add the following privileges
   - Users: `Read`
   - Groups: `Read`
 <p>
-    <img src="media/google-privileges-review.png" alt="privileges-review"/>
+    <img src="/docs-static/img/how-to-guides/google-privileges-review.png" alt="privileges-review"/>
 </p>
 
 - Verify preview of assigned Admin API privileges to ensure that everything is properly configured, and then click `CREATE ROLE`
 
 - Click `Assign service accounts`, add service account email address and then click `ADD`
 <p>
-    <img src="media/google-assign-service-account.png" alt="assign-service-account" />
+    <img src="/docs-static/img/how-to-guides/google-assign-service-account.png" alt="assign-service-account" />
 </p>
 
 - Click `ASSIGN ROLE` to assign service account to `User and Group Management ReadOnly` admin role
 <p>
-    <img src="media/google-service-account-privileges.png" alt="service-account-privileges" />
+    <img src="/docs-static/img/how-to-guides/google-service-account-privileges.png" alt="service-account-privileges" />
 </p>
 
 - Navigate to [Account Settings](https://admin.google.com/ac/accountsettings/profile?hl=en_US) page and take note of `Customer ID`
 
 
-## Azure AD
+### Azure AD
 
 Before you start creating and configuring an Azure AD application, ensure that you have the following:
 - User account with admin permissions: You must have an Azure AD user account with the appropriate permissions to create
@@ -85,7 +85,7 @@ Before you start creating and configuring an Azure AD application, ensure that y
   - Redirect URI: select `Single-page application (SPA)` and URI as `https://app.netbird.io/silent-auth`
 
 <p>
-    <img src="media/azure-new-application.png" alt="azure-new-application"/>
+    <img src="/docs-static/img/how-to-guides/azure-new-application.png" alt="azure-new-application"/>
 </p>
 
 
@@ -94,15 +94,15 @@ Before you start creating and configuring an Azure AD application, ensure that y
 - Under the `Single-page application` Section, add another URI `https://app.netbird.io/auth` and click `Save`
 
 <p>
-    <img src="media/azure-spa-uri-setup.png" alt="azure-spa-uri-setup" />
+    <img src="/docs-static/img/how-to-guides/azure-spa-uri-setup.png" alt="azure-spa-uri-setup" />
 </p>
 
 
 #### Step 3. Create a NetBird application scope
 - Click `Expose an API` on the left menu
 - In `Application ID URI` click `Add` and then `Save`
 <p>
-    <img src="media/azure-add-application-uri.png" alt="azure-add-application-uri" />
+    <img src="/docs-static/img/how-to-guides/azure-add-application-uri.png" alt="azure-add-application-uri" />
 </p>
 
 - Under `Scopes defined by this API` click `+ Add a Scope`
@@ -111,15 +111,15 @@ Before you start creating and configuring an Azure AD application, ensure that y
   - State: `Enabled`
 
 <p>
-    <img src="media/azure-add-scope.png" alt="azure-add-scope" />
+    <img src="/docs-static/img/how-to-guides/azure-add-scope.png" alt="azure-add-scope" />
 </p>
 
 - Under `Authorized client Applications`, click on `+ add a client application` and enter the following:
 - Fill in the form with the following values and click `Add application`
 - Client ID: same as your Application ID URI minus the `api://`
 
 <p>
-    <img src="media/azure-authorize-application.png" alt="azure-authorize-application" />
+    <img src="/docs-static/img/how-to-guides/azure-authorize-application.png" alt="azure-authorize-application" />
 </p>
 
 #### Step 4. Add API permissions
@@ -130,13 +130,13 @@ Before you start creating and configuring an Azure AD application, ensure that y
 - In `Select permissions` select `User.Read.All` and `Group.Read.All` and click  `Add permissions`
 
 <p>
-    <img src="media/azure-openid-permissions.png" alt="azure-openid-permissions" />
+    <img src="/docs-static/img/how-to-guides/azure-openid-permissions.png" alt="azure-openid-permissions" />
 </p> 
 
 - Click `Grant admin conset for Default Directory` and click `Yes`
 
 <p>
-    <img src="media/azure-grant-admin-conset.png" alt="azure-grant-admin-conset"/>
+    <img src="/docs-static/img/how-to-guides/azure-grant-admin-conset.png" alt="azure-grant-admin-conset"/>
 </p>
 
 #### Step 5. Update token version
@@ -152,7 +152,7 @@ Before you start creating and configuring an Azure AD application, ensure that y
 - Copy `Value` and save it as it can be viewed only once after creation.
 
 <p>
-    <img src="media/azure-client-secret.png" alt="azure-client-secret" />
+    <img src="/docs-static/img/how-to-guides/azure-client-secret.png" alt="azure-client-secret" />
 </p>
 
 - Navigate to [Owner applications](https://portal.azure.com/#view/Microsoft_AAD_IAM/ActiveDirectoryMenuBlade/~/RegisteredApps).