Home Explore Blog Models CI



docker
3rd chunk of `content/manuals/security/for-admins/single-sign-on/connect.md`
16bf737ace10c5a0092cefdb13343e684bbb5377a0a2130d0000000100000b77
4. After confirming, select **Add a permission** and then **Delegated permissions**.
5. Search for `User.Read` and select this option.
6. Select **Add permissions** to confirm.
7. Verify admin consent was granted for each permission by checking the **Status** column.

{{< /tab >}}
{{< /tabs >}}

## Step three: Connect Docker and your IdP

After creating your connection in Docker and your IdP, you can cross-connect them to complete your SSO connection:

{{< tabs >}}
{{< tab name="Okta SAML" >}}

1. Open your app you created in Okta and select **View SAML setup instructions**.
2. Copy the following values from the Okta SAML setup instruction page:
    - **SAML Sign-in URL**
    - **x509 Certificate**

        > [!IMPORTANT]
        >
        > You must copy the entire contents of your **x509 Certificate**,
        including the `----BEGIN CERTIFICATE----` and `----END CERTIFICATE----` lines.

3. Open Docker Hub or the Admin Console. Your SSO configuration page should still be open from Step one of this guide.
4. Select **Next** to open the **Update single-sign on connection** page.
5. Paste your Okta **SAML Sign-in URL** and **x509 Certificate** values in Docker.
6. Select **Next**.
7. Optional. Select a default team to provision users to and select **Next**.
8. Verify your SSO connection details and select **Create Connection**.

{{< /tab >}}
{{< tab name="Entra ID SAML 2.0" >}}

1. Open your app in Azure AD.
2. Open your downloaded **Certificate (Base64)** in a text editor.
3. Copy the following values:
    - From Azure AD: **Login URL**
    - Copy the contents of your **Certificate (Base64)** file from your text editor

        > [!IMPORTANT]
        >
        > You must copy the entire contents of your **Certificate (base64)**,
        including the `----BEGIN CERTIFICATE----` and `----END CERTIFICATE----` lines.

4. Open Docker Hub or the Admin Console. Your SSO configuration page should still be open from Step one of this guide.
5. Paste your **Login URL** and **Certificate (Base64)** values in Docker.
6. Select **Next**.
7. Optional. Select a default team to provision users to and select **Next**.
8. Verify your SSO connection details and select **Create Connection**.

{{< /tab >}}
{{< tab name="Azure Connect (OIDC)" >}}

1. Open Docker Hub or the Admin Console. Your SSO configuration page should still be open from Step one of this guide.
2. Paste the following values from Azure AD in to Docker:
    - **Client ID**
    - **Client Secret**
    - **Azure AD Domain**
3. Select **Next**.
4. Optional. Select a default team to provision users to and select **Next**.
5. Verify your SSO connection details and select **Create Connection**.

{{< /tab >}}
{{< /tabs >}}

## Step four: Test your connection

After you've completed the SSO connection process in Docker, we recommend testing it:

1. Open an incognito browser.
2. Sign in to the Admin Console using your **domain email address**.
Title: Connecting Docker to IdP and Testing the Connection: Okta SAML, Entra ID SAML 2.0, and Azure Connect (OIDC)
Summary
This section describes the final steps in connecting Docker to your Identity Provider (IdP) and testing the connection. It provides specific instructions for Okta SAML, Entra ID SAML 2.0, and Azure Connect (OIDC). It includes copying values from the IdP (SAML Sign-in URL, x509 Certificate, Login URL, Certificate (Base64), Client ID, Client Secret, Azure AD Domain) and pasting them into Docker. It also covers the optional steps of selecting a default team for provisioning users and verifying SSO connection details before creating the connection. Finally, it recommends testing the connection in an incognito browser using a domain email address.