From 7c8f5e03a620e92ce8a3bcc935f5eaf8407ba8a3 Mon Sep 17 00:00:00 2001
From: ddeyo <david.deyo@docker.com>
Date: Tue, 4 Sep 2018 14:29:12 -0700
Subject: [PATCH] more Okta values

---
 ee/ucp/admin/configure/enable-saml-authentication.md | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/ee/ucp/admin/configure/enable-saml-authentication.md b/ee/ucp/admin/configure/enable-saml-authentication.md
index a78975112b..d2ac3022b4 100644
--- a/ee/ucp/admin/configure/enable-saml-authentication.md
+++ b/ee/ucp/admin/configure/enable-saml-authentication.md
@@ -27,6 +27,15 @@ The integration values required by Okta are:
 
 - URL for single signon (SSO). This value is the URL for UCP, qualified with `/enzi/v0/saml/acs`. For example, `https://111.111.111.111/enzi/v0/saml/acs`.
 - Service provider audience URI. This value is the URL for UCP, qualified with `/enzi/v0/saml/metadata`. For example, `https://111.111.111.111/enzi/v0/saml/metadata`.
+- NameID format. Select Unspecified.
+- Application username. Email (For example, a custom `${f:substringBefore(user.email, "@")}` specifies the username in the email address.
+- Attribute Statements:
+- - Name: `fullname`, Value: `user.displayName`.
+- Group Attribute Statement:
+Name: `member-of`, Filter: (user defined) for associate group membership. The group name is returned with the assertion.
+Name: `is-admin`, Filter: (user defined) for identifying if the user is an admin.
+
+
 
 ### ADFS integration values