Skip to content

Rewrite Okta SAML docs for application owners #2155

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 5 commits into
base: main
Choose a base branch
from
Open

Rewrite Okta SAML docs for application owners #2155

wants to merge 5 commits into from

Conversation

alexisintech
Copy link
Member

@alexisintech alexisintech commented Apr 2, 2025
edited
Loading

🔎 Previews:

Followup from #2112

What problem does this solve?

Here's how configuring SAML usually works:

  1. An App Owner begins to onboard a new enterprise, and is put in touch with the enterprise's IT Admin
  2. The App Owner creates the saml connection, and shares the Single sign-on URL and Audience URI (SP Entity ID) with the IT Admin via an email, along with more instructions
  3. The IT admin follows those instructions, and responds via email with a metadata url
  4. The App owner adds the metadata URL, and then coordinates on a time with the IT admin to enable and test the connection

Our docs today don't reflect that reality. They presume the the reader has simultaneous access to Clerk and the Okta IDP. As such, an application owner reading our docs needs to understand them deeply enough to re-write them into an email suitable for the IT-admin's consumption. This is time consuming and painful, because the App owner wants to avoid needing to internalize the nitty-gritty details of SAML - that's why they have Clerk!

What changed?

This rewrites the docs with the two above personas in mind.

The Application Owner is the primary reader, with access to Clerk. The instructions for the IT Admin (with access to Okta) are encapsulated in an email template.

Checklist

  • I have clicked on "Files changed" and performed a thorough self-review
  • All existing checks pass

@github-actions GitHub Actions
Copy link

github-actions bot commented Apr 2, 2025

Hey, here’s your docs preview: https://clerk.com/docs/pr/2155

@alexisintech alexisintech changed the title (wip) Rewrite Okta SAML docs for application owners Apr 2, 2025
@alexisintech alexisintech marked this pull request as ready for review April 4, 2025 20:24
@alexisintech alexisintech requested a review from a team as a code owner April 4, 2025 20:24
SarahSoutoul
SarahSoutoul approved these changes Jun 4, 2025
View reviewed changes
Copy link
Contributor

@SarahSoutoul SarahSoutoul left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looking goood! Left a few suggestions 🚀

docs/authentication/enterprise-connections/saml/okta.mdx

<Steps>
## Enable Okta as a SAML connection in Clerk
## Create an Okta SAML connection in Clerk
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Wondering if it might be helpful to precede each heading with who each step is for - e.g., "App Admin: Create an Okta SAML connection in Clerk" and "Okta Customer: Configure SAML app" to make it even clearer

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

ooo I like this idea too!

docs/authentication/enterprise-connections/saml/okta.mdx

> [!WARNING]
> If there are existing users with email domains that match the SAML connection, and there is an error in the SAML configuration in Clerk or Okta, those users will be **unable to sign in** when the connection is enabled. If this is a concern, we recommend coordinating with your counterpart to test the connection at an off-peak time.
> To make the connection available for users to authenticate with:
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is this sentence supposed to be included in the warning block? It feels like it might belong with the steps below for better readability

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

oopsie hehe probably

docs/authentication/enterprise-connections/saml/okta.mdx
Comment on lines +20 to +22
- Create a SSO connection via Clerk Dashboard
- Give your customer instructions on how to connect Okta Workforce to your Clerk app
- Enable and test the SAML connection
Copy link
Contributor

@SarahSoutoul SarahSoutoul Jun 4, 2025
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Not a suggestion/change but wondering what this is - couldn't see it on the preview?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

it's an artifact - the tutorialhero no longer supports this and needs to be updated! it's an old PR

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@SarahSoutoul SarahSoutoul SarahSoutoul approved these changes

@izaaklauer izaaklauer Awaiting requested review from izaaklauer

@LauraBeatris LauraBeatris Awaiting requested review from LauraBeatris

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@alexisintech @SarahSoutoul