good day, sorry to bother at this late hour.
but i...
# kolideb
Bennett Hitchcox-lain
04/03/2020, 11:58 PMgood day, sorry to bother at this late hour.
but i was wondering where i could find any docs there are about kolide and Authorization
s
sundsta
04/03/2020, 11:59 PMAuthorization of?
b
Bennett Hitchcox-lain
04/03/2020, 11:59 PMbasically if i have a user auth into fleet, what controls can i place onthat.
Bennett Hitchcox-lain
04/04/2020, 12:00 AMcan i have diffeernt users with different levels of access?
Bennett Hitchcox-lain
04/04/2020, 12:00 AMor is it full access?
s
sundsta
04/04/2020, 12:02 AMThere are two roles: admin and standard user. If I remember right, the main difference is standard users can’t modify modify other user settings… let me find the docs
b
Bennett Hitchcox-lain
04/04/2020, 12:02 AMthank you
s
sundsta
04/04/2020, 12:08 AMMaybe it’s not documented? Anyway, the standard user can do almost everything the admin can, but cannot make changes to other users or system settings like SAML auth
b
Bennett Hitchcox-lain
04/04/2020, 12:09 AMfor SSO, (okta for example) would i set up one for admins, and one for regular users?
Bennett Hitchcox-lain
04/04/2020, 12:11 AMor would I be able to separate users in that way with the fleet product?
Bennett Hitchcox-lain
04/04/2020, 12:16 AMi think i found my answer here https://github.com/kolide/fleet/blob/master/docs/dashboard/single-sign-on.md#creating-sso-users-in-fleet
s
sundsta
04/05/2020, 12:19 AMUsers must be invited via email. If SAML is enabled, they can SAML after invitation. Otherwise it's username/password. Fleet does not support JIT user creation via SAML
8 Views