fixed formatting

2022-01-13 09:48:32 -06:00 · 2022-01-13 09:48:32 -06:00 · 002196f6c1
parent db9ae58161
commit 002196f6c1
6 changed files with 18 additions and 15 deletions
--- a/_data/toc.yaml
+++ b/_data/toc.yaml
@ -1355,9 +1355,9 @@ manuals:
      - sectiontitle: Single-Sign-on
        section:
          -  path: /single-sign-on/
-             title: Configure Single Sign-on
+             title: Configure
          -  path: /single-sign-on/faqs/
-             title: Single Sign-on Faqs
+             title: FAQs
  - path: /docker-hub/download-rate-limit/
    title: Download rate limit
  - sectiontitle: Administration
--- a/single-sign-on/images/sso-azure2.png
+++ b/single-sign-on/images/sso-azure2.png
--- a/single-sign-on/images/sso-azure3.png
+++ b/single-sign-on/images/sso-azure3.png
--- a/single-sign-on/images/sso-domain.png
+++ b/single-sign-on/images/sso-domain.png
--- a/single-sign-on/images/sso-saml2.png
+++ b/single-sign-on/images/sso-saml2.png
--- a/single-sign-on/index.md
+++ b/single-sign-on/index.md
@ -24,6 +24,7 @@ We currently support enabling SSO on a single organization. If you have any user
 * Verify that your org members have Docker Desktop version 4.4.0 installed on their machines
 * Each org member must create a Personal Access Token (PAT) to replace their passwords
 * Confirm that all CI/CD pipelines have replaced their passwords with PATs
+* For your service accounts, add your additional domains or enable it in your IdP
 * Test SSO using your domain email address and IdP password to successfully log in and log out of Docker Hub

 ## Create a Personal Access Token (PAT)
@ -49,9 +50,9 @@ To configure SSO, log into [Docker Hub](https://hub.docker.com){: target="_blank

 5. Log into your IdP to complete the IdP server configuration process. Refer to your IdP documentation for detailed instructions.

-> **Note:**
-> the NameID is your email address and is set as the default.
-> For example, <Subject><NameID>yourname@mycompany.com</NameID>.
+    > **Note:**
+    > the NameID is your email address and is set as the default.
+    > For example, <Subject><NameID>yourname@mycompany.com</NameID>.

 6. Complete the fields in the **Configuration Settings** section and click **Save**. If you want to change your IdP, you must delete your existing provider and configure SSO with your new IdP.

@ -71,9 +72,9 @@ To configure SSO, log into [Docker Hub](https://hub.docker.com){: target="_blank

 5. Log into your IdP to complete the IdP server configuration process. Refer to your IdP documentation for detailed instructions.

-> **Note:**
-> the NameID is your email address and is set as the default.
-> For example: <Subject><NameID>yourname@mycompany.com</NameID>.
+    > **Note:**
+    > the NameID is your email address and is set as the default.
+    > For example: <Subject><NameID>yourname@mycompany.com</NameID>.

 6. Complete the fields in the **Configuration Settings** section and click **Save**. If you want to change your IdP, you must delete your existing provider and configure SSO with your new IdP.

@ -89,6 +90,8 @@ Click **Add Domain** and specify the corporate domain you’d like to manage wit
 > Public domains such as gmail.com, outlook.com, etc are not permitted.
 > Also, the email domain should be set as the primary email.

+![SSO Domain](images/sso-domain.png){:width="500px"}
+
 ### Domain verification

 To verify ownership of a domain, add a TXT record to your Domain Name System (DNS) settings.
@ -103,11 +106,11 @@ To verify ownership of a domain, add a TXT record to your Domain Name System (DN

 3. After you have updated the fields, click **Save**.

-> **Note:**
->
-> It can take up to 72 hours for DNS changes to take effect, depending on
-> your DNS host. The Domains table will have an Unverified status during
-> this time.
+    > **Note:**
+    >
+    > It can take up to 72 hours for DNS changes to take effect, depending on
+    > your DNS host. The Domains table will have an Unverified status during
+    > this time.

 4. In the Security section of your Docker organization, click **Verify** next to the domain you want to verify after 72 hours.

@ -121,7 +124,7 @@ After you’ve completed the SSO configuration process in Docker Hub, you can te
 ## Enforce SSO in Docker Hub

 Before you enforce SSO in Docker Hub, you must complete the following:
-Test SSO by logging in and out successfully, confirm that all members in your org have upgraded to Docker Desktop version 4.4.0, PATs are created for each member, CI/CD passwords are converted to PAT. Also, when using Docker partner products (for example, VS Code), you must use a PAT when you enforce SSO.
+Test SSO by logging in and out successfully, confirm that all members in your org have upgraded to Docker Desktop version 4.4.2, PATs are created for each member, CI/CD passwords are converted to PAT. Also, when using Docker partner products (for example, VS Code), you must use a PAT when you enforce SSO. For your service accounts add your additional domains in **Add Domains** or enable the accounts in your IdP.

 Admins can force users to authenticate with Docker Desktop by provisioning a registry.json configuration file. The registry.json file will force users to authenticate as a user that is configured in the allowedOrgs list in the registry.json file. For info on how to configure a registry.json file see Configure registry.json.

@ -135,7 +138,7 @@ Admins can force users to authenticate with Docker Desktop by provisioning a reg
 > forced to authenticate through your IdP and can log into Docker using
 > their personal credentials.

-    ![SSO Enforced](images/sso-enforce.png){:width="500px"}
+![SSO Enforced](images/sso-enforce.png){:width="500px"}

 ## Manage users when SSO is enabled