teleport icon indicating copy to clipboard operation
teleport copied to clipboard

Published 20 hours ago verified publisher icon gravitational

Deny Github organizations using external SSO on Teleport OSS

Open capnspacehook opened this issue 2 years ago • 1 comments

SSO is a Teleport Enterprise feature, but the Github auth connector is available in Teleport OSS and Github supports SSO. So, when using the OSS Github auth connector deny access if the Github organization the user is trying to use to log on to Teleport uses SSO.

This will be released in Teleport 11, and will need to be noted in the preview and release section that existing OSS setups may break.

Fixes #13862

capnspacehook avatar Jul 15 '22 18:07 capnspacehook

@nklaassen added some info to the PR description. I could make a backport that logs a warning instead of blocking Github orgs to v10 if that's what we want to do

capnspacehook avatar Jul 18 '22 20:07 capnspacehook

@jakule @zmb3 You requested changes here before, do you guys have any other feedback?

r0mant avatar Sep 14 '22 19:09 r0mant