Uploaded image for project: 'Percona Monitoring and Management'
  1. Percona Monitoring and Management
  2. PMM-9718

Federation for Percona Account: Changes for PMM

    XMLWordPrintable

Details

    • New Feature
    • Status: Done
    • High
    • Resolution: Done
    • None
    • 2.27.0
    • None

    Description

      Problem
      Percona Customers who want to enable IDP Federation for their accounts will have problems Connecting their PMM instances with the Platform. Enabling the IDP Federation means that passwords will no longer be stored in the Okta identity provider, so we need to authenticate Platform users in PMM using the new approach (Okta token).

      Acceptance Creatiria:

      • There is a new page design on PMM>>>Settings for Percona Platform
      • User can see Connect PMM to Percona Platform header for the page
      • User can see the following fields
        PMM Server ID (predefined and disabled by default)
        PMM Server Name (required)
        Percona Platform Access token (required, taken from User Profile on Portal)
        Main PMM Server Domain name (predefined if exists in Advanced Settings>>>PMM server public address)
        If not present in Advanced Settings>>>PMM server public address there should be a button Get from browser and user can specify PMM server address using it or just add the address in the input field.
        Additionally, there is a Get Token button right-side from Percona Platform Access token field which redirects the user to https://portal.percona.com/profile when clicked.
      • Connect button is disabled until the user has specified all required data.
      • PMM Server users are able to specify all required data and by hitting the Connect button they can connect PMM and Platform with a new approach (Okta-token).
      • There are Success or Fail notifications for Connect PMM
      • If the user has performed a successful connection the screen is changed to Percona Platform
        with a note that
        This PMM server was connected to the Percona Platform
      • Fields should contain already entered information for PMM Server ID and PMM Server Name
      • There is also a Disconnect button enabled for Percona Portal organization members. If the user is not an organization member on Portal the button should be disabled.
      • Read more link is pointing users to Percona Platform Documentation page
      • After user has cnnected PMM and Platform it is possible for every organization member on Portal to login to PMM server using SSO

      Architecture and Design:
      https://confluence.percona.com/pages/viewpage.action?spaceKey=PMM&title=Single+Sign-On+-+PMM+Server+several+domains+support
      Out of the scope:
      Several domain names support

      Attachments

        Activity

          People

            Unassigned Unassigned
            zoriana.stefanyshyn Zoriana Stefanyshyn (Inactive)
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:

              Smart Checklist