Doppler Integration
This guide will show you how to setup an integration with Doppler and Indent. Once complete, you can securely grant access to secrets and any other information stored with Doppler.
Through API magic, Indent securely grants access to just about any service. Doppler is a good integration if you want to improve your org's security around password management.
What can I do with Doppler + Indent?
- Make access to secrets temporary and auto-expiring
- Streamline onboarding new hires
- Standardize permissions across roles
- Holistically transfer permissions when an employee moves to a new role
- Securely offboard users by instantly revoking access
Doppler is one of a few secret managers integrated with Indent. If you'd like us to add another secrets manager, send us a request.
Components
- Okta
- Doppler
- Google Groups + Indent Integration
- Doppler
- Okta Groups + Indent Integration
Installation
This guide uses an identity provider (like Google or Okta) to connect with Doppler. Indent is used to grant temporary (or permanent) access to those groups, and automatically collects evidence your org needs for audits and compliance.
A GitHub Actions and Terraform repo will be used to deploy an Okta + Indent. The integration between Okta and Doppler will then grant access to appropriate secrets for anyone who's part of a related Okta Group. S3 will be used to store Terraform state, and AWS Lambda will run the webhook.
1. Setup your Identity Provider
- Okta
- Open the Google Groups + Indent docs
- Follow the Configuration instructions
- Test your integration with the Using Indent + Google Groups instructions
- Open the Indent + Okta docs
- Follow the Configuration instructions
- Test your integration with the Using Indent + Okta Groups instructions
2. Follow the SAML or SCIM Bridge Guide
- Okta
- Follow the Doppler guide for Google SAML SSO
- Visit the Doppler SCIM Bridge Guide docs
- Note: a Doppler SAML guide is also available, and can replace the SCIM bridge
3. Assign Groups
- Okta
- Follow the testing section, and be sure to follow the instructions for Limiting user access to groups
- For SCIM, follow the Okta guide and confirm groups are pushed to Doppler correctly
- For SAML/SSO, follow the Okta testing section and choose to assign to groups for your test
Interactive Demo
In the following example, you're logged in as Fouad and can request access to an Okta Group. In real usage, you would want an Okta Group linked with a Doppler account. Requesting access to the Okta Group through Indent gives you the ability to grant secure, on-demand, and auto-expiring access sensitive secrets. Indent can also be used for new employees to self-serve requests for permanent access during onboarding.
Try submitting and approving a request:
Summary
Congrats! You added the Doppler + Indent integration. Your employees can now securely request access to credentials. Indent will automatically record an audit log, and auto-expire access after a time period of your choosing.
Next, check out the Integrations page page for other services your teams want to request. If we're missing something from your stack, you can request a new integration. You might be ready to start inviting others in your org to try Indent. If that's the case, you'll want to send them docs on how to make a request. You and anyone approving requests should read more about approving and declining requests.
Questions
Why can't I see my Groups in Indent?
You might need to sync Okta Groups or Google Workspaces with Indent. Try visiting the Resources section in your Indent dashboard, and clicking Pull Updates.
Can Indent manage the integration for me?
Sure! We can host the integration on an single-tenant AWS account. That's a popular way to do an initial setup while your teams test out Indent. To start that process, contact Indent Support
How do I ask for help?
If you have questions or need help with your integration, try chatting with Indent Support.