summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJames Lopez <james@gitlab.com>2019-05-17 07:09:01 +0000
committerJames Lopez <james@gitlab.com>2019-05-17 07:09:01 +0000
commit64a17ba84128721d3d0138376eaf78030ab00a4c (patch)
treefefe8b80b23d91a480ecdc652543ff3a0e035273
parenta73ee1cc3cc78f1f25034be9394e980ff5209ecc (diff)
parent795681e2f7060f41a31a4d14b8a6d3ea3eaafe7c (diff)
downloadgitlab-ce-64a17ba84128721d3d0138376eaf78030ab00a4c.tar.gz
Merge branch 'docs-sso-enforcement-ce' into 'master'
SSO enforcement docs details added from 11.11 See merge request gitlab-org/gitlab-ce!28394
-rw-r--r--doc/user/group/saml_sso/index.md12
1 files changed, 10 insertions, 2 deletions
diff --git a/doc/user/group/saml_sso/index.md b/doc/user/group/saml_sso/index.md
index ee3137d032e..53116606201 100644
--- a/doc/user/group/saml_sso/index.md
+++ b/doc/user/group/saml_sso/index.md
@@ -22,8 +22,16 @@ SAML SSO for groups is used only as a convenient way to add users and does not s
![Issuer and callback for configuring SAML identity provider with GitLab.com](img/group_saml_configuration_information.png)
-NOTE: **Note:**
-Partial SSO enforcement was introduced in [11.8](https://gitlab.com/gitlab-org/gitlab-ee/issues/5291). With this option enabled, users must use your group's GitLab single sign on URL to be added to the group or be added via SCIM. Users can no longer be added manually. After a user has been added to the group, GitLab does not continue to enforce the use of SSO, but we'll [add a persistent check](https://gitlab.com/gitlab-org/gitlab-ee/issues/9255) in a later version.
+### SSO enforcement
+
+SSO enforcement was:
+
+- [Introduced in GitLab 11.8](https://gitlab.com/gitlab-org/gitlab-ee/issues/5291).
+- [Improved upon in GitLab 11.11 with ongoing enforcement in the GitLab UI](https://gitlab.com/gitlab-org/gitlab-ee/issues/9255).
+
+With this option enabled, users must use your group's GitLab single sign on URL to be added to the group or be added via SCIM. Users cannot be added manually, and may only access project/group resources via the UI by signing in through the SSO URL.
+
+We intend to add a similar SSO requirement for [Git and API activity](https://gitlab.com/gitlab-org/gitlab-ee/issues/9152) in the future.
### NameID