correct the okta docs (#8403)

2020-02-21 11:13:42 -08:00 · 2020-02-21 11:13:42 -08:00 · 24ae59b317
parent 1bc1b45c07
commit 24ae59b317
2 changed files with 29 additions and 21 deletions
--- a/website/pages/api-docs/auth/okta/index.mdx
+++ b/website/pages/api-docs/auth/okta/index.mdx
@ -33,7 +33,8 @@ distinction between the `create` and `update` capabilities inside ACL policies.
  groups will be enabled.
  **Support for okta auth without api_token is deprecated in Vault 1.4**
 - `base_url` `(string: "")` - If set, will be used as the base domain
-  for API requests. Examples are okta.com, oktapreview.com, and okta-emea.com.
+  for API requests. If unset, "okta.com" will be used. Other valid examples
+  are oktapreview.com, and okta-emea.com.
 - `bypass_okta_mfa` `(bool: false)` - Whether to bypass an Okta MFA request.
  Useful if using one of Vault's built-in MFA mechanisms, but this will also
  cause certain other statuses to be ignored, such as `PASSWORD_EXPIRED`.
@ -84,11 +85,18 @@ $ curl \
  "lease_duration": 0,
  "renewable": false,
  "data": {
-    "org_name": "example",
-    "api_token": "abc123",
    "base_url": "okta.com",
-    "ttl": "",
-    "max_ttl": ""
+    "bypass_okta_mfa": false,
+    "org_name": "example",
+    "token_bound_cidrs": [],
+    "token_explicit_max_ttl": 0,
+    "token_max_ttl": 0,
+    "token_no_default_policy": false,
+    "token_num_uses": 0,
+    "token_period": 0,
+    "token_policies": [],
+    "token_ttl": 0,
+    "token_type": "default"
  },
  "warnings": null
 }
--- a/website/pages/docs/auth/okta.mdx
+++ b/website/pages/docs/auth/okta.mdx
@ -62,18 +62,18 @@ management tool.

 1. Enable the Okta auth method:

-   ```text
-   $ vault auth enable okta
-   ```
+```
+$ vault auth enable okta
+```

 1. Configure Vault to communicate with your Okta account:

-   ```text
-   $ vault write auth/okta/config \
-       base_url="okta.com" \
-       organization="dev-123456" \
-       token="00KzlTNCqDf0enpQKYSAYUt88KHqXax6dT11xEZz_g"
-   ```
+```
+$ vault write auth/okta/config \
+   base_url="okta.com" \
+   org_name="dev-123456" \
+   api_token="00KzlTNCqDf0enpQKYSAYUt88KHqXax6dT11xEZz_g"
+```

   **If no token is supplied, Vault will function, but only locally configured
   group membership will be available. Without a token, groups will not be
@ -86,9 +86,9 @@ management tool.

 1. Map an Okta group to a Vault policy:

-   ```text
-   $ vault write auth/okta/groups/scientists policies=nuclear-reactor
-   ```
+```
+$ vault write auth/okta/groups/scientists policies=nuclear-reactor
+```

   In this example, anyone who successfully authenticates via Okta who is a
   member of the "scientists" group will receive a Vault token with the
@ -98,10 +98,10 @@ management tool.

   It is also possible to add users directly:

-   ```text
-   $ vault write auth/okta/groups/engineers policies=autopilot
-   $ vault write auth/okta/users/tesla groups=engineers
-   ```
+```
+$ vault write auth/okta/groups/engineers policies=autopilot
+$ vault write auth/okta/users/tesla groups=engineers
+```

   This adds the Okta user "tesla" to the "engineers" group, which maps to
   the "autopilot" Vault policy.