docker
/
docs
mirror of https://github.com/docker/docs.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

security: update manage members and SSO users FAQs (#22021) 

## Description
- During Kapa triage, I noticed two uncertain answers: one regarding
SCIM enablement impact on existing licensed users and one about deleting
a user with SSO enabled
- These updates address both to improve future Kapa convos and sources
- Update to `members.md` that adds a callout about removing members from
an org, clarifying that SSO w/ SCIM enabled is a little different (must
be done in IdP)
- Update to `user-faqs.md` that adds a new FAQ clarifying the impact of
enabling SCIM for existing licensed users

## Related issues or tickets
- https://docker.atlassian.net/browse/ENGDOCS-2404
- https://docker.atlassian.net/browse/ENGDOCS-2403

## Reviews
- [ ] Technical review
- [ ] Editorial review
This commit is contained in:
Sarah Sanders 2025-02-13 09:04:07 -05:00 committed by GitHub
parent da13512a3d
commit 6c3cc9396c
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
2 changed files with 8 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
content/manuals/admin/organization/members.md
View File

@ -141,6 +141,10 @@ To add a member to a team with the Admin Console:
### Remove a member from a team
> [!NOTE]
>
> If your organization uses single sign-on (SSO) with [SCIM](/manuals/security/for-admins/provisioning/scim.md) enabled, you should remove members from your identity provider (IdP). This will automatically remove members from Docker. If SCIM is disabled, you must manually manage members in Docker.
Organization owners can remove a member from a team in Docker Hub or Admin Console. Removing the member from the team will revoke their access to the permitted resources.
{{< tabs >}}

4
content/manuals/security/faqs/single-sign-on/users-faqs.md
View File

@ -100,3 +100,7 @@ No, we don't differentiate the two in product.
### Is user information visible in Docker Hub?
All Docker accounts have a public profile associated with their namespace. If you don't want user information (for example, full name) to be visible, you can remove those attributes from your SSO and SCIM mappings. Alternatively, you can use a different identifier to replace a user's full name.
### What happens to existing licensed users when SCIM is enabled?
Enabling SCIM does not immediately remove or modify existing licensed users in your Docker organization. They retain their current access and roles, but after enabling SCIM, you will manage them in your identity provider (IdP). If SCIM is later disabled, previously SCIM-managed users remain in Docker but are no longer automatically updated or removed based on your IdP.