@@ -420,36 +420,25 @@ settings, a user's memberships will update when they log out and log back in.
420420 Depending on the OIDC provider, this claim may be called something else.
421421 Common names include `groups`, `memberOf`, and `roles`.
422422
423- 1. Configure the Coder server to read groups from the claim name with the OIDC
424- organization field server flag:
425-
426- ```sh
427- # as an environment variable
428- CODER_OIDC_ORGANIZATION_FIELD=groups
429- ```
430-
4314231. Fetch the corresponding organization IDs using the following endpoint:
432424
433425 ```text
434426 https://[coder.example.com]/api/v2/organizations
435427 ```
436428
437- 1. Set the following in your Coder server [configuration](../setup/index.md) .
429+ 1. As a Coder admin, go to **Settings** > **IdP organization sync** .
438430
439- ```env
440- CODER_OIDC_ORGANIZATION_MAPPING=' {" data-scientists" " d8d9daef-e273-49ff-a832-11fe2b2d4ab1" " 70be0908-61b5-4fb5-aba4-4dfb3a6c5787" '
441- ```
431+ 1. In the **Organization sync field** text box, enter the organization claim,
432+ then select **Save**.
442433
443- > One claim value from your identity provider can be mapped to many
444- > organizations in Coder. The example above maps to two organizations in
445- > Coder .
434+ If there are already users in the default organization, leave **Assign
435+ Default Organization** enabled. Disabling it might remove users from the
436+ default organization .
446437
447- 1. By default, all users are assigned to the default (first) organization. You
448- can disable that with :
438+ 1. Enter an IdP organization name and Coder organization, then select **Add IdP
439+ organization** :
449440
450- ```env
451- CODER_OIDC_ORGANIZATION_ASSIGN_DEFAULT=false
452- ```
441+ 
453442
454443</div>
455444
0 commit comments