Add self-serve SSO docs#3349
Open
im2nguyen wants to merge 14 commits into
Open
Conversation
|
The latest updates on your projects. Learn more about Vercel for GitHub.
|
Contributor
|
This PR modifies files in the 'clerk-typedoc/' folder. These files are auto-generated from the clerk/javascript repository and should not be edited directly. To make changes to TypeDoc documentation:
Thanks for contributing! 🙏 |
LauraBeatris
reviewed
May 7, 2026
| @@ -0,0 +1,7 @@ | |||
| --- | |||
| title: '`OAuthConsentInfo`' | |||
| description: An interface that represents OAuth consent information. | |||
Member
There was a problem hiding this comment.
Was this added due to a bad git rebase?
LauraBeatris
reviewed
May 7, 2026
LauraBeatris
reviewed
May 7, 2026
LauraBeatris
reviewed
May 7, 2026
LauraBeatris
reviewed
May 7, 2026
| sdk: astro, nextjs, react, tanstack-react-start, vue, js-frontend | ||
| --- | ||
|
|
||
| The `<ConfigureSSO />` component renders a guided wizard that lets a signed-in user — typically the IT admin at one of your enterprise customers — configure an enterprise SSO connection end-to-end without leaving your application or touching the Clerk Dashboard. |
Member
There was a problem hiding this comment.
Let's add an screenshot of the component once we release it
LauraBeatris
reviewed
May 7, 2026
| <If sdk="astro"> | ||
| ```astro {{ filename: 'src/pages/sso-setup.astro' }} | ||
| --- | ||
| import { __experimental_ConfigureSSO as ConfigureSSO } from '@clerk/astro/components' |
Member
There was a problem hiding this comment.
We'll remove the __experimental prefix from here before releasing it GA - this is just used in the SDK now so we can incrementally implement internally
LauraBeatris
reviewed
May 7, 2026
Comment on lines
-72
to
+74
|
|
||
| 1. In the Okta dashboard, find the **Attribute Statements (optional)** section. | ||
| 1. For the **Name** field, enter `mail`. | ||
| 1. For the **Value** field, choose `user.email` from the dropdown. | ||
| 1. Select the **Add Another** button to add another attribute. | ||
| 1. For the **Name** field, enter `firstName`. | ||
| 1. For the **Value** field, choose `user.firstName` from the dropdown. | ||
| 1. Select the **Add Another** button to add another attribute. | ||
| 1. For the **Name** field, enter `lastName`. | ||
| 1. For the **Value** field, choose `user.lastName` from the dropdown. | ||
| 1. Scroll to the bottom of the page and select the **Next** button to continue. | ||
| 1. You will be redirected to the **Feedback** page. Fill out the feedback however you would like and select the **Finish** button to complete the setup. | ||
| | Attribute | Required | Claim name | | ||
| | - | - | - | | ||
| | Email address | ✅ | `user.email` | | ||
| | First name | ❌ | `user.firstName` | | ||
| | Last name | ❌ | `user.lastName` | | ||
|
|
||
| Okta uses these values by default, so you probably won't need to configure them manually. However, incorrect attribute mappings cause many SAML configuration errors. If the integration doesn't work as expected, define the attributes explicitly: | ||
|
|
||
| 1. In the Okta dashboard, find the **Attribute Statements** section. | ||
| 1. Select **Add expression** for each attribute, and enter the following name and expression pairs: | ||
| - `mail` and `user.profile.email` |
Member
There was a problem hiding this comment.
Was this due to the Okta UI changes? They recently updated the UI for attribute statements and our copy here was using the "legacy" UI
Contributor
Author
There was a problem hiding this comment.
yep, this is the new ui changes. using expressions instead of legacy ui
Contributor
Author
There was a problem hiding this comment.
we should also update self-serve sso to use these instructions too 👀
LauraBeatris
reviewed
May 7, 2026
Co-authored-by: Laura Beatris <48022589+LauraBeatris@users.noreply.github.com>
|
|
||
| The `<ConfigureSSO />` component renders a UI with instructions that allows end-users, typically the IT admin at one of your enterprise customers, configure single sign-on directly from your application. | ||
|
|
||
| The wizard walks the user through selecting an Identity Provider (IdP), verifying their email domain, supplying the protocol-specific configuration (with IdP setup instructions embedded inline), running a test sign-in, and activating the connection. |
Member
There was a problem hiding this comment.
we've never used "wizard" in the docs, we usually use "flow" or "process" 💭
Co-authored-by: Alexis Aguilar <98043211+alexisintech@users.noreply.github.com>
alexisintech
force-pushed
the
tu/self-serve-sso-docs
branch
from
9870062 to
0a77bcc
Compare
Contributor
Author
|
@clerk/docs can you help review this? we wanna get this out early next week |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
4 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
🔎 Previews:
<ConfigureSSO/>What does this solve? What changed?
<ConfigureSSO/>so folks can embed this component to enable this feature.Deadline
Other resources