From 6a8f0972bab2ac706e317750b3aa6b8e1b2315b5 Mon Sep 17 00:00:00 2001 From: Paul Gottschling Date: Tue, 14 Jan 2025 13:16:01 -0500 Subject: [PATCH] Fix list item spacing --- .../admin-guides/access-controls/sso/keycloak.mdx | 14 ++++---------- 1 file changed, 4 insertions(+), 10 deletions(-) diff --git a/docs/pages/admin-guides/access-controls/sso/keycloak.mdx b/docs/pages/admin-guides/access-controls/sso/keycloak.mdx index 82554f0b85cbc..3a7dc31937918 100644 --- a/docs/pages/admin-guides/access-controls/sso/keycloak.mdx +++ b/docs/pages/admin-guides/access-controls/sso/keycloak.mdx @@ -104,19 +104,14 @@ $ tctl sso configure saml --name keycloak \ In the example above: - `--entity-descriptor` specifies the app federation metadata URL - - Each `--attributes-to-roles` specifies the name of the schema definition for groups, groups, the name of a Keycloak group and the Teleport role that members of the group will be assigned. - - Keycloak includes an explicit leading `/` in the group name, which is reflected in the group name specified in the above example. - - `--acs` specifies where the SAML provider makes callbacks after successful authentication. - - `--audience` uniquely identifies your service provider (Teleport). - The file `keycloak-connector.yaml` should now resemble the following: ```yaml @@ -338,18 +333,17 @@ Update the connector by saving and closing the file in your editor. - Navigate to the **Keys** tab, and enable "Client Signature Required" -![Enable client signature](../../../../img/sso/keycloak/client_signature.png) + ![Enable client signature](../../../../img/sso/keycloak/client_signature.png) - Import the converted cert.pkcs12 certificate -![Import Signature](../../../../img/sso/keycloak/Import_signature.png) + ![Import Signature](../../../../img/sso/keycloak/Import_signature.png) -Be sure to enter the correct **name** and **password** -defined when converting the certificate as the **Key Alias** and **Store Password.** + Be sure to enter the correct **name** and **password** defined when converting + the certificate as the **Key Alias** and **Store Password.** - Click **Confirm** to activate it. - If the SSO login with this connector is successful, the client signature validation works. ## Troubleshooting