From 3a95d3bb99daa13e8999b9b453dadd26757d1bf2 Mon Sep 17 00:00:00 2001 From: Jerae Duffin Date: Wed, 31 Aug 2022 12:17:07 -0500 Subject: [PATCH] Updated attributes note --- docker-hub/scim.md | 4 ++-- single-sign-on/index.md | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/docker-hub/scim.md b/docker-hub/scim.md index 4161e930d0..a86bf7106e 100644 --- a/docker-hub/scim.md +++ b/docker-hub/scim.md @@ -10,7 +10,7 @@ SCIM provides automated user provisioning and de-provisioning for your Docker or We currently support the following provisioning features: creating new users, push user profile updates, remove users, deactivate users and reactivate users. Group management is currently not supported. -The table below lists the supported attributes. +The table below lists the supported attributes. Note, that your attribute mappings must match for SAML to prevent duplicating your members. | Attribute | Description |:---------------------------------------------------------------|:-------------------------------------------------------------------------------------------| @@ -20,7 +20,7 @@ The table below lists the supported attributes. ## Configure -SAML-based SSO must be properly set up and be functional for your organization before you start configuring automated provisioning. In addition, you must verify your company domain and have the appropriate connectors in your IdP. Your user email domain must be the same company domain you use for Single Sign-on (SSO). Enforcing SSO is not required to enable SCIM. However, you must [configure SAML SSO](../single-sign-on/index.md){: target="_blank" rel="noopener" class="_"} before you enable SCIM. +SSO must be properly set up and be functional for your organization before you start configuring automated provisioning. In addition, you must verify your company domain and have the appropriate connectors in your IdP. Your user email domain must be the same company domain you use for Single Sign-on (SSO). Enforcing SSO is not required to enable SCIM. However, you must [configure SSO](../single-sign-on/index.md){: target="_blank" rel="noopener" class="_"} before you enable SCIM. Before you make SCIM configuration changes in your IdP, navigate to [Docker Hub](https://hub.docker.com){: target="_blank" rel="noopener" class="_"} and select **Organizations** > **Settings** > **Security**. SCIM is locked until you complete the SSO configuration and verify your company domain. Enable SCIM and access your Base URL and API Token. You can also generate a new API token. diff --git a/single-sign-on/index.md b/single-sign-on/index.md index 66a00c24e1..0eb52cdd07 100644 --- a/single-sign-on/index.md +++ b/single-sign-on/index.md @@ -3,7 +3,7 @@ description: Single Sign-on keywords: Single Sign-on, SSO, sign-on title: Configure Single Sign-on --- -This section is for administrators who want to enable Docker Single Sign-on (SSO) for their businesses. Docker SSO allows users to authenticate using their identity providers (IdPs) to access Docker. Docker currently supports SAML 2.0 and Azure AD authentication methods. You can enable SSO on organizations that are part of the Docker Business subscription. To upgrade your existing account to a Docker Business subscription, see [Upgrade your subscription](../subscription/upgrade/){:target="blank" rel="noopener" class=""}. +This section is for administrators who want to enable Docker Single Sign-on (SSO) for their businesses. Docker SSO allows users to authenticate using their identity providers (IdPs) to access Docker. You can enable SSO on organizations that are part of the Docker Business subscription. To upgrade your existing account to a Docker Business subscription, see [Upgrade your subscription](../subscription/upgrade/){:target="blank" rel="noopener" class=""}. When SSO is enabled, users are redirected to your provider’s authentication page to log in. They cannot authenticate using their Docker login credentials (Docker ID and password). Docker currently supports Service Provider Initiated SSO flow. Your users must sign in to Docker Hub or Docker Desktop to initiate the SSO authentication process.