From 2dc281f0296ddcbd70fa4a337dabba10914c7b7b Mon Sep 17 00:00:00 2001
From: Maria Bermudez <bermudezmt@users.noreply.github.com>
Date: Mon, 11 Mar 2019 18:16:58 -0700
Subject: [PATCH] Fixed XML and note formatting

---
 ee/ucp/admin/configure/integrate-saml.md | 64 ++++++++++++++----------
 1 file changed, 38 insertions(+), 26 deletions(-)

diff --git a/ee/ucp/admin/configure/integrate-saml.md b/ee/ucp/admin/configure/integrate-saml.md
index 6dec635620..e5d7433aef 100644
--- a/ee/ucp/admin/configure/integrate-saml.md
+++ b/ee/ucp/admin/configure/integrate-saml.md
@@ -15,7 +15,7 @@ keywords: cluster, node, join
 Service Provider metadata is available at `https://<SP Host>/enzi/v0/saml/metadata`
 after SAML is enabled. The metadata link is also labeled as `entityID`.
 
-**Note**: Only `POST` binding is supported for the 'Assertion Consumer Service', which is located
+> **Note**: Only `POST` binding is supported for the 'Assertion Consumer Service', which is located
 at `https://<SP Host>/enzi/v0/saml/acs`.
 
 ### Enable SAML and configure UCP
@@ -25,41 +25,53 @@ is expected:
 1. `Subject` includes a `NameID` that is identified as the UCP username.
 In `AuthnRequest`, `NameIDFormat` is set to `urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified`.
 This allows maximum compatibility for various Identity Providers.
+
 ```xml
-    <saml2:Subject>
-        <saml2:NameID Format="urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified">ry4nz</saml2:NameID>
-        <saml2:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
-            <saml2:SubjectConfirmationData NotOnOrAfter="2018-09-10T20:04:48.001Z" Recipient="https://18.237.224.122/enzi/v0/saml/acs"/>
-        </saml2:SubjectConfirmation>
-    </saml2:Subject>
+<saml2:Subject>
+    <saml2:NameID Format="urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified">ry4nz</saml2:NameID>
+    <saml2:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
+        <saml2:SubjectConfirmationData NotOnOrAfter="2018-09-10T20:04:48.001Z" Recipient="https://18.237.224.122/enzi/v0/saml/acs"/>
+    </saml2:SubjectConfirmation>
+</saml2:Subject>
 ```
+
 2. Optional `Attribute` named `fullname` is mapped to the 'Full name' field
 in the UCP account.  
 
-Note: UCP uses the value of the first occurrence of an `Attribute` with `Name="fullname"` as the 'Full name'.
+   > **Note**: UCP uses the value of the first occurrence of an `Attribute` with `Name="fullname"` as the 'Full name'.
 ```xml
 <saml2:Attribute Name="fullname" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified">
-  <saml2:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">user.displayName
-  </saml2:AttributeValue>
-</saml2:Attribute>
-```
-3. Optional `Attribute` named `member-of` is linked to the UCP team.
-Values are set in the UCP team UI. 
-
-Note: UCP uses all `AttributeStatements` and `Attributes` in the `Assertion` with `Name="member-of"`.
-```xml
-<saml2:Attribute Name="member-of" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified">
-   <saml2:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">groupName
-   </saml2:AttributeValue>
-</saml2:Attribute>
-```
-4. Optional `Attribute` named `is-admin` determines if the user is an administrator. The content in the `AttributeValue` is ignored.
-```xml
-<saml2:Attribute Name="is-admin" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified">
-    <saml2:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">value_does_not_matter
+    <saml2:AttributeValue
+        xmlns:xs="http://www.w3.org/2001/XMLSchema"
+        xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">user.displayName
     </saml2:AttributeValue>
 </saml2:Attribute>
 ```
+
+3. Optional `Attribute` named `member-of` is linked to the UCP team.
+Values are set in the UCP team UI. 
+
+   > **Note**: UCP uses all `AttributeStatements` and `Attributes` in the `Assertion` with `Name="member-of"`.
+
+```xml
+<saml2:Attribute Name="member-of" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified">
+    <saml2:AttributeValue
+        xmlns:xs="http://www.w3.org/2001/XMLSchema"
+        xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">groupName
+    </saml2:AttributeValue>
+</saml2:Attribute>
+```
+4. Optional `Attribute` named `is-admin` determines if the user is an administrator. The content in the `AttributeValue` is ignored.
+
+```xml
+<saml2:Attribute Name="is-admin" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified">
+    <saml2:AttributeValue
+        xmlns:xs="http://www.w3.org/2001/XMLSchema"
+        xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">value_doe_not_matter
+    </saml2:AttributeValue>
+</saml2:Attribute>
+```
+
 #### Okta Configuration
 Configuring with Okta is straightforward, as shown in the following examples:
 ![Configure in Okta](../../images/saml_okta_2.png)