Key Considerations for a Successful AuthHub Configuration

This section describes the key considerations for a successful AuthHub migration

  • When creating a claim rule, know that
    • The minimum required claim rules are email, name, and roles
    • All the claim rule names are case sensitive, and must match the given case. For example, you cannot use Email or email address claim rule in place of email.
    • Namespace field should be empty. Remove any existing values in this field. In the Okta portal, the Namespace field is referred to as Name Format, and it should be set to Unspecified.
    • Previously, if you used a claim rule named groups to assign users to Usergroups in the Tanzu CloudHealth platform, you must update the claim rule name to roles.
  • When configuring SAML and Okta SSO in the Tanzu CloudHealth platform, ensure there is a space after your domain name.
  • To add custom roles, add cloudhealth- before the IDP role name. You can find the IDP name for a custom role by going to https://apps.cloudhealthtech.com/roles. For example, for an IDP named tech-support, the corresponding group name in Okta is cloudhealth-tech-support.
check-circle-line exclamation-circle-line close-line
Scroll to top icon