Challenge Overview
Cloud Hub is looking to add our application to several SSO providers. We need to enable both the API and web application to support SAML. The first SSO provider we want to integrate with is Okta. Okta has both a SAML test environment and free accounts for setup of the application for testing.
We want to implement this as an identity provider (IDP) initiated flow. The use case is a user is inside their Okta account, their user has already been created by an admin, and they click the logo to login. I will share my test account in the forums, you can use this for local testing.
If you are new to SAML, this is the simplest article I have found explaining what we want to create: http://saml.xml.org/wiki/idp-initiated-single-sign-on-post-binding
Okta Testing: http://saml.oktadev.com/
Free Developer account: https://www.okta.com/developer/signup/
Requirements
1. Enable SAML using Passport, create API endpoint to support Assertion POST to /saml/sso/okta.
2. Successful login should create login token and redirect user to web application and place user on dashboard.
3. Failed login should return user to error page, that says contact administrator to validate account setup.
4. Add company specific flag for SSO, which will store IDP name.
5. Disable login and forgot password for companies with SSO turned on.
2. Provide your code and documentation in a single zip file. Please include a git patch for easier integration of changes.
3. The bulk of your documentation should be in the Readme.md and you should assume that this will be open source so make sure you cover all the steps to set up, If you have specific information that should not be included in a public readme (like links to your video) put them in a file called submission.txt and they will be omitted from the project if it is open sourced.
4. Provide a quick video of your solution in action (feel free to annotate your video if you are not comfortable with spoken English or don’t like the sound of your own voice). Video may be private on youtube or added to the submission files. Your video can skip the setup of your environment, linting and tests. We are interested to see the new functionality of the app in the video.
We want to implement this as an identity provider (IDP) initiated flow. The use case is a user is inside their Okta account, their user has already been created by an admin, and they click the logo to login. I will share my test account in the forums, you can use this for local testing.
If you are new to SAML, this is the simplest article I have found explaining what we want to create: http://saml.xml.org/wiki/idp-initiated-single-sign-on-post-binding
Okta Testing: http://saml.oktadev.com/
Free Developer account: https://www.okta.com/developer/signup/
Requirements
1. Enable SAML using Passport, create API endpoint to support Assertion POST to /saml/sso/okta.
2. Successful login should create login token and redirect user to web application and place user on dashboard.
3. Failed login should return user to error page, that says contact administrator to validate account setup.
4. Add company specific flag for SSO, which will store IDP name.
5. Disable login and forgot password for companies with SSO turned on.
Final Submission Guidelines
1. Any additions or modifications to the code project pass on "npm run lint" and "npm run test".2. Provide your code and documentation in a single zip file. Please include a git patch for easier integration of changes.
3. The bulk of your documentation should be in the Readme.md and you should assume that this will be open source so make sure you cover all the steps to set up, If you have specific information that should not be included in a public readme (like links to your video) put them in a file called submission.txt and they will be omitted from the project if it is open sourced.
4. Provide a quick video of your solution in action (feel free to annotate your video if you are not comfortable with spoken English or don’t like the sound of your own voice). Video may be private on youtube or added to the submission files. Your video can skip the setup of your environment, linting and tests. We are interested to see the new functionality of the app in the video.