From d43c6571b90888e1313a15047442a21e2fc5383a Mon Sep 17 00:00:00 2001 From: John Landells Date: Wed, 18 Oct 2023 14:54:06 +0100 Subject: [PATCH] Update sso-saml.rst Added a note for EU-Login users, and fixed a typo on line 34. --- source/onboard/sso-saml.rst | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/source/onboard/sso-saml.rst b/source/onboard/sso-saml.rst index 1f469d078b7..951983dc9dc 100644 --- a/source/onboard/sso-saml.rst +++ b/source/onboard/sso-saml.rst @@ -31,7 +31,10 @@ Mattermost officially supports Okta, OneLogin, and Microsoft ADFS as the identit Microsoft ADFS SAML Configuration for Windows Server 2016 Keycloak SAML Configuration -In addition to the officially supported identity providers, you can also configure SAML for a custom IdP. For instance, customers have successfully set up miniOrange, Azure AD, DUO, PingFederate, Keycloak, and SimpleSAMLphp as a custom IdPs. Because we do not test against these identity providers, it is important that you test new versions of Mattermost in a staging environment to confirm it will work with your identity provider. You can also set up MFA on top of your SAML provider for additional security. +In addition to the officially supported identity providers, you can also configure SAML for a custom IdP. For instance, customers have successfully set up miniOrange, Azure AD, DUO, PingFederate, Keycloak, and SimpleSAMLphp as custom IdPs. Because we do not test against these identity providers, it is important that you test new versions of Mattermost in a staging environment to confirm it will work with your identity provider. You can also set up MFA on top of your SAML provider for additional security. + +.. note:: + If configuring Mattermost to use the EU-Login system for authentication, please be aware that their `issuerURI` field is what Mattermost calls "Service Provider Identifier". Using SAML attributes to apply roles -------------------------------------