Merge pull request #777 from docker/orchestration-saml-666

Orchestration saml 666
2018-10-15 13:58:56 -07:00 · 2018-10-15 13:58:56 -07:00 · c7eb98c696
parent fbc6d9b65b 8781830d49
commit c7eb98c696
3 changed files with 10 additions and 4 deletions
--- a/ee/ucp/admin/configure/enable-saml-authentication.md
+++ b/ee/ucp/admin/configure/enable-saml-authentication.md
@ -62,13 +62,19 @@ To enable SAML authentication:

    ![Enabling SAML in UCP](../../images/saml_enabled.png)

-4. In the **SAML Enabled** section, select **Yes** to display the required settings.
+4. In the **SAML Enabled** section, select **Yes** to display the required settings. The settings are grouped by those needed by the identity provider server and by those needed by UCP as a SAML service provider.

-    ![Configuring SAML in UCP](../../images/saml_settings.png)
+    ![Configuring IdP values for SAML in UCP](../../images/saml_settings.png)

 5. In **IdP Metadata URL** enter the URL for the identity provider's metadata.
-6. In **UCP Host** enter the URL that includes the IP address of your UCP console.
-7. Select **Save** to complete the integration.
+6. If the metadata URL is publicly certified, you can leave **Skip TLS Verification** unchecked and **Root Certificates Bundle** blank, which is the default. Skipping TLS verification is not recommended in production environments. If the metadata URL cannot be certified by the default certificate authority store, you must provide the certificates from the identity provider in the **Root Certificates Bundle** field.
+7. In **UCP Host** enter the URL that includes the IP address or domain of your UCP installation. The port number is optional. The current IP address or domain appears by default.
+
+    ![Configuring service provider values for SAML in UCP](../../images/saml_settings_2.png)
+
+8. To customize the text of the sign-in button, enter your button text in the **Customize Sign In Button Text** field. The default text is 'Sign in with SAML'.
+9. The **Service Provider Metadata URL** and **Assertion Consumer Service (ACS) URL** appear in shaded boxes. Select the copy icon at the right side of each box to copy that URL to the clipboard for pasting in the identity provider workflow.
+9. Select **Save** to complete the integration.

 ## Security considerations

--- a/ee/ucp/images/saml_settings.png
+++ b/ee/ucp/images/saml_settings.png
--- a/ee/ucp/images/saml_settings_2.png
+++ b/ee/ucp/images/saml_settings_2.png