Challenge Overview

Cloud Hub is looking to enable our application to work with several different SSO providers. Our setup is a single page JavaScript app, using a Node.js API for data access. The first SSO provider we want to integrate with is Okta. Okta has both a SAML test environment and free accounts for setup of the application for testing.

Project Overview
Cloud Hub is trying to help their client solve the problem of knowing what software applications they are spending the most money on over time. Cloud Hub will take in data from credit cards and other sources and attempt to show what software the client has purchased and who is using the applications the most.

Okta Testing: http://saml.oktadev.com/
Free Developer account: https://www.okta.com/developer/signup/

We have done some initial research on SAML support in Node, and it seems like using Passport strategies is the best route. If you have other suggestions, please reach out in the forums. This is the beginning of a series of login related challenges, we are going to be adding SCIM and login support for 3rd parties such as Google Apps.

Requirements
1. Enable SAML and demonstrate authentication through Okta demo account.
2. Add company specific on/off flag for SSO. Not all companies will use SSO.
3. Allow for multiple identity providers. Any SSO configurations should be stored inside the company record inside settings or other fields.
4. Disable login and forgot password for companies with SSO turned on.

Final Submission Guidelines

1. Any additions or modifications to the code project pass on "npm run lint" and "npm run test".
2. Provide your code and documentation in a single zip file. Please include a git patch for easier integration of changes.
3. The bulk of your documentation should be in the Readme.md and you should assume that this will be open source so make sure you cover all the steps to set up,  If you have specific information that should not be included in a public readme (like links to your video) put them in a file called submission.txt and they will be omitted from the project if it is open sourced.
4. Provide a quick video of your solution in action (feel free to annotate your video if you are not comfortable with spoken English or don’t like the sound of your own voice). Video may be private on youtube or added to the submission files. Your video can skip the setup of your environment and application.

Review style

Final Review

Community Review Board

Approval

User Sign-Off

ID: 30054691