docs: improve advanced sso page#9507
Open
wvandeun wants to merge 2 commits into
Open
Conversation
Contributor
There was a problem hiding this comment.
1 issue found across 1 file
Confidence score: 4/5
- This PR looks safe to merge overall, but there is a minor documentation accuracy issue in
docs/docs/deploy-manage/user-management/sso/advanced-sso.mdx. - The summary currently states all three group-mapping approaches require IdP group claims, which conflicts with the documented default-group path intended for setups without group claims.
- Because the issue is low severity (3/10) and limited to wording, risk is minimal, but it could still mislead SSO configuration decisions for readers.
- Pay close attention to
docs/docs/deploy-manage/user-management/sso/advanced-sso.mdx- ensure the summary distinguishes the no-group-claims default-group flow from claim-dependent mappings.
Shadow auto-approve: would not auto-approve because issues were found.
Re-trigger cubic
Local username/password logins never use the default group; only the SSO sign-in path reads sso_user_default_group. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
Contributor
There was a problem hiding this comment.
0 issues found across 1 file (changes from recent commits).
Shadow auto-approve: would auto-approve. This PR only updates documentation for the Advanced SSO page, restructuring explanations and adding examples without any changes to source code, configuration, or business logic, so the risk of breakage is extremely low.
Re-trigger cubic
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary by cubic
Clarifies and restructures Advanced SSO docs for group mapping: map to existing groups, auto-create from claims (regex filters incl. multiple patterns, JSON-array env var, per-login cap, audit events, provenance; invalid regex blocks startup), and a default-group fallback (SSO logins only).
Adds IdP group-claim setup, log examples, a membership-resolution overview (behavior with/without auto-creation), and sets
toc_max_heading_level: 4.Written for commit 32b2e74. Summary will update on new commits.