diff options
| author | GitLab Bot <gitlab-bot@gitlab.com> | 2023-03-29 21:08:53 +0000 |
|---|---|---|
| committer | GitLab Bot <gitlab-bot@gitlab.com> | 2023-03-29 21:08:53 +0000 |
| commit | 31664a1a5ac22e8c56a471d3afab26e661efcc0e (patch) | |
| tree | a300c578ef9877df4fdbe28774b509172d474ae0 /doc/user/group | |
| parent | 511cd681d4ab0d4263df538b1800058edc07230e (diff) | |
| download | gitlab-ce-31664a1a5ac22e8c56a471d3afab26e661efcc0e.tar.gz | |
Add latest changes from gitlab-org/gitlab@master
Diffstat (limited to 'doc/user/group')
| -rw-r--r-- | doc/user/group/saml_sso/index.md | 21 |
1 files changed, 10 insertions, 11 deletions
diff --git a/doc/user/group/saml_sso/index.md b/doc/user/group/saml_sso/index.md index f7e6ea610fe..1af95b06aa8 100644 --- a/doc/user/group/saml_sso/index.md +++ b/doc/user/group/saml_sso/index.md @@ -210,17 +210,6 @@ To migrate users to a new email domain, tell users to: If the **NameID** is configured with the email address, [change the **NameID** for users](#change-nameid-for-one-or-more-users). -### User attributes - -To create users with the correct information for improved [user access and management](#user-access-and-management), -the user's details must be passed to GitLab as attributes in the SAML assertion. At a minimum, the user's email address -must be specified as an attribute named `email` or `mail`. - -You can configure the following attributes with GitLab.com Group SAML: - -- `username` or `nickname`. We recommend you configure only one of these. -- The [attributes available](../../../integration/saml.md#configure-assertions) to self-managed GitLab instances. - ## Configure GitLab After you set up your identity provider to work with GitLab, you must configure GitLab to use it for authentication: @@ -337,6 +326,16 @@ When a user tries to sign in with Group SSO, GitLab attempts to find or create a - Create a new account with another email address. - Sign-in to their existing account to link the SAML identity. +### User attributes + +You can pass user information to GitLab as attributes in the SAML assertion. + +- The user's email address can be an **email** or **mail** attribute. +- The username can be either a **username** or **nickname** attribute. You should specify only + one of these. + +For more information, see the [attributes available for self-managed GitLab instances](../../../integration/saml.md#configure-assertions). + ### Linking SAML to your existing GitLab.com account > **Remember me** checkbox [introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/121569) in GitLab 15.7. |