Skip to content

add okta configuration steps for scim #1854

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 5 commits into
base: main
Choose a base branch
from
Open

add okta configuration steps for scim #1854

wants to merge 5 commits into from
+74 −1

Conversation

Muhammadsaeed707
Copy link

@Muhammadsaeed707 Muhammadsaeed707 commented Jul 29, 2025
edited
Loading

Adding Okta configuration steps for SCIM to the newly drafted SCIM documentation

This PR builds on top of #1845 by @Charlie-Boyer.

@Charlie-Boyer @Pierrci Would you mind reviewing this when you get a chance?

@HuggingFaceDocBuilderDev
Copy link

The docs for this PR live here. All of your documentation changes will be reflected on that endpoint. The docs are available until 30 days after the last update.

@Muhammadsaeed707 Muhammadsaeed707 marked this pull request as ready for review July 29, 2025 22:20
@pcuenca
Copy link
Member

pcuenca commented Jul 30, 2025

diff on top of #1845 for those that already reviewed it (or, alternatively, we could merge #1845 first).

pcuenca
pcuenca reviewed Jul 30, 2025
View reviewed changes
pcuenca
pcuenca reviewed Jul 30, 2025
View reviewed changes
pcuenca
pcuenca reviewed Jul 30, 2025
View reviewed changes
pcuenca
pcuenca reviewed Jul 30, 2025
View reviewed changes
docs/hub/security-sso-okta-scim.md Outdated
Comment on lines 52 to 58
> **Note:**
> - Only regular characters and `-` are accepted in the Username.
> - `--` (double dash) is forbidden.
> - `-` cannot start or end the name.
> - Digit-only names are not accepted.
> - Minimum length is 2 and maximum length is 42.
> - Username has to be unique
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
> **Note:**
> - Only regular characters and `-` are accepted in the Username.
> - `--` (double dash) is forbidden.
> - `-` cannot start or end the name.
> - Digit-only names are not accepted.
> - Minimum length is 2 and maximum length is 42.
> - Username has to be unique
<tip>
<ul>
<li>Only regular characters and `-` are accepted in the Username.</li>
<li>`--` (double dash) is forbidden.</li>
<li>`-` cannot start or end the name.</li>
<li>Digit-only names are not accepted.</li>
<li>Minimum length is 2 and maximum length is 42.</li>
<li>Username has to be unique.</li>
</ul>
</tip>

Just in case you prefer the "tip" rendering style (light green background, as shown at the end of this section).

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

can change to tip if that is preferred @Pierrci

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

ah yes, maybe even <Tip warning={true}> so that it's with an orange background actually, this is an important precision I think

also, I would move that at the end of Step 4 I think, where you list the attributes

can you also add the same thing in the Entra doc? (cc @Charlie-Boyer)

and finally: Username has to be unique within your org for the last item (maybe that's what you meant, but let's make it clear so that people don't panic, since we're prefixing all the usernames by the org name)

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

i think it makes sense to keep it where it is since this is where the username can be edited. After step 4 username is not able to be edited

@Pierrci
Copy link
Member

Pierrci commented Jul 30, 2025

can you push a merge commit w/ main (or rebase, as you prefer) now that #1845 has been merged @Muhammadsaeed707?

Pierrci
Pierrci reviewed Aug 1, 2025
View reviewed changes
docs/hub/security-sso-okta-scim.md Outdated
Comment on lines 52 to 58
> **Note:**
> - Only regular characters and `-` are accepted in the Username.
> - `--` (double dash) is forbidden.
> - `-` cannot start or end the name.
> - Digit-only names are not accepted.
> - Minimum length is 2 and maximum length is 42.
> - Username has to be unique
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

ah yes, maybe even <Tip warning={true}> so that it's with an orange background actually, this is an important precision I think

also, I would move that at the end of Step 4 I think, where you list the attributes

can you also add the same thing in the Entra doc? (cc @Charlie-Boyer)

and finally: Username has to be unique within your org for the last item (maybe that's what you meant, but let's make it clear so that people don't panic, since we're prefixing all the usernames by the org name)

Charlie-Boyer
Charlie-Boyer reviewed Aug 4, 2025
View reviewed changes
docs/hub/security-sso-okta-scim.md Outdated
Comment on lines 21 to 30
### Step 2: Enter Admin Credentials

1. In Okta, go to **Applications** and select your Hugging Face app.
2. Go to the **Provisioning** tab and click **Integration** from the side nav.
3. Check **Enable API Integration**.
4. Enter the **SCIM Tenant URL** as the Base URL.
5. Enter the **access token** you generated as the OAuth Bearer Token.
6. Click **Test API Credentials** to verify the connection.
7. Save your changes.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This flow assumes the use of an app from the catalog. Since our SSO guide involves creating a custom app, I believe the flow is a bit different.

also adding a screenshot here would be nice I think

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@pcuenca pcuenca pcuenca left review comments

@Pierrci Pierrci Pierrci left review comments

@Charlie-Boyer Charlie-Boyer Charlie-Boyer left review comments

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@Muhammadsaeed707 @HuggingFaceDocBuilderDev @pcuenca @Pierrci @Charlie-Boyer