fleet/tools/saml
Scott Gress 2d4e72ac7a
Alias JIT Saml "team" attribute to FLEET_JIT_USER_ROLE_FLEET_<FLEET ID> (#41402)
<!-- Add the related story/sub-task/bug number, like Resolves #123, or
remove if NA -->
**Related issue:** Resolves #40642 

# Details

This PR adds `FLEET_JIT_USER_ROLE_FLEET_` as an expected Saml attribute
alongside `FLEET_JIT_USER_ROLE_TEAM_`.

# Checklist for submitter

If some of the following don't apply, delete the relevant line.

- [X] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
See [Changes
files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/guides/committing-changes.md#changes-files)
for more information.

## Testing

- [X] Added/updated automated tests
- [X] QA'd all new/changed functionality manually
Tested with SimpleSAML SSO. 
- [x] Updated `users.php` to use both the new attribute and the old
attribute for a user, and was able to log in with that user and see them
created using JIT with the correct permissions
2026-03-13 08:34:29 -05:00
..
config.php End-user authentication for Window/Linux setup experience: agent (#34847) 2025-11-03 16:41:57 -06:00
README.md Set up Cypress testing for Teams/Tiers (#1005) 2021-06-09 11:56:59 -07:00
users.php Alias JIT Saml "team" attribute to FLEET_JIT_USER_ROLE_FLEET_<FLEET ID> (#41402) 2026-03-13 08:34:29 -05:00

The users.php file in this directory is mounted into the SimpleSAMLPHP Docker container to use for testing SSO with Fleet.

Edit that file to change the credentials or add new SSO users for local testing.