@@ -420,36 +420,27 @@ settings, a user's memberships will update when they log out and log back in.
420420 Depending on the OIDC provider, this claim may be called something else.
421421 Common names include `groups`, `memberOf`, and `roles`.
422422
423- 1. Configure the Coder server to read groups from the claim name with the OIDC
424- organization field server flag:
425-
426- ```sh
427- # as an environment variable
428- CODER_OIDC_ORGANIZATION_FIELD=groups
429- ```
430-
4314231. Fetch the corresponding organization IDs using the following endpoint:
432424
433425 ```text
434426 https://[coder.example.com]/api/v2/organizations
435427 ```
436428
437- 1. Set the following in your Coder server [configuration](../setup/index.md).
429+ 1. As a Coder organization user admin or site-wide user admin, go to
430+ **Settings** > **IdP organization sync**.
438431
439- ```env
440- CODER_OIDC_ORGANIZATION_MAPPING=' {" data-scientists" " d8d9daef-e273-49ff-a832-11fe2b2d4ab1" " 70be0908-61b5-4fb5-aba4-4dfb3a6c5787" '
441- ```
432+ 1. In the **Organization sync field** text box, enter the organization claim,
433+ then select **Save**.
442434
443- > One claim value from your identity provider can be mapped to many
444- > organizations in Coder. The example above maps to two organizations in
445- > Coder.
435+ Users are automatically added to the default organization.
446436
447- 1. By default, all users are assigned to the default (first) organization. You
448- can disable that with:
437+ Do not disable **Assign Default Organization**. If you disable the default
438+ organization, the system will remove users who are already assigned to it.
449439
450- ```env
451- CODER_OIDC_ORGANIZATION_ASSIGN_DEFAULT=false
452- ```
440+ 1. Enter an IdP organization name and Coder organization(s), then select **Add
441+ IdP organization**:
442+
443+ 
453444
454445</div>
455446
0 commit comments