Clean up

apollographql · Jul 29, 2024 · 88c6e5d · 88c6e5d
1 parent cb05999
commit 88c6e5d
Show file tree

Hide file tree

Showing 6 changed files with 25 additions and 10 deletions.
diff --git a/src/content/graphos/org/sso/self-service/availability.mdx b/src/content/graphos/org/sso/self-service/availability.mdx
@@ -17,9 +17,13 @@ To confirm if you can use self-service SSO, visit [GraphOS Studio](https://studi
 
 If you don't see the migration banner, you can't use the self-service setup and must use these instructions to set up your SSO:
 
+#### SAML-based
+
 - [Okta](../okta-integration-guide/) (SAML-based)
-- Microsoft Entra ID (formerly known as Azure Active Directory)
-  - [SAML-based](../microsoft-entra-id-integration-saml-guide)
-  - [OIDC-based](../microsoft-entra-id-integration-oidc-guide)
+- [Microsoft Entra ID](../microsoft-entra-id-integration-saml-guide) (formerly known as Azure Active Directory)
 - [Generic SAML](../saml-integration-guide/)
+
+#### OIDC-based
+
+- [Microsoft Entra ID](../microsoft-entra-id-integration-oidc-guide) (formerly known as Azure Active Directory)
 - [Generic OIDC](../oidc-integration-guide/)
diff --git a/src/content/graphos/org/sso/self-service/oidc-integration-guide.mdx b/src/content/graphos/org/sso/self-service/oidc-integration-guide.mdx
@@ -53,15 +53,22 @@ Setup requires:
 
 ### Step 3. Configure OIDC to work with Apollo
 
-If your IdP permits it, set the following user attributes:
+1. Verify that the **Sign-in Redirect URL** in your application matches the one shown in the GraphOS wizard.
+2. If your IdP permits it, set the following user attributes:
 
 - `sub`: `user.email`
   - The `sub` attribute should uniquely identify any particular user to GraphOS. In most cases, `user.email` or `user.mail` provides this unique mapping.
 - `email`: Your IdP's email attribute, often something like `user.email`
 - `given_name`: Your IdP's first name attribute, often something like `user.firstName`
 - `family_name`: Your IdP's last name attribute,often something like `user.lastName`
 
-### Step 4. Enable SSO
+3. Save this configuration in your IdP and click **Next** in the GraphOS wizard.
+
+### Step 4. Verify SSO Configuration
+
+<SSOVerification />
+
+### Step 5. Enable SSO
 
 <!-- vale Apollo.Headings = YES -->
 

diff --git a/src/content/graphos/org/sso/self-service/oidc-microsoft-entra-id.mdx b/src/content/graphos/org/sso/self-service/oidc-microsoft-entra-id.mdx
@@ -27,8 +27,6 @@ Setup requires:
 
 <SSOSetupSteps type="OIDC" idp="Entra ID enterprise application" />
 
-The SSO setup wizard in GraphOS Studio guides you through these steps.
-
 <!-- vale Apollo.Headings = NO -->
 
 ### Step 1. Enter your SSO details
@@ -65,7 +63,11 @@ The SSO setup wizard in GraphOS Studio guides you through these steps.
 3. From the **Manifest** section of your app registration, find the `groupMembershipClaims` property. Change its value from `null` to either `"All"` or `"SecurityGroup"`. These values ensure that the access token includes the group membership claim during SSO.
 4. **Save** your changes.
 
-### Step 4. Enable SSO
+### Step 4. Verify SSO Configuration
+
+<SSOVerification />
+
+### Step 5. Enable SSO
 
 <!-- vale Apollo.Headings = YES -->
 

diff --git a/src/content/graphos/org/sso/self-service/saml-integration-guide.mdx b/src/content/graphos/org/sso/self-service/saml-integration-guide.mdx
@@ -18,6 +18,8 @@ If you use Okta or Microsoft Entra ID as your IdP, instead see the corresponding
 - [Okta](./saml-okta)
 - [Microsoft Entra ID](./saml-microsoft-entra-id) (formerly known as Azure Active Directory)
 
+<SSOMigrationNotice />
+
 ## Prerequisites
 
 Setup requires:

diff --git a/src/content/shared/sso-migration-notice.mdx b/src/content/shared/sso-migration-notice.mdx
@@ -1,5 +1,5 @@
 <Caution>
 
-If your organization's SSO was set up before April 2024 according to the [legacy instructions](#legacy-setup), you must create a new SSO configuration with the [updated instructions](#setup) before November 15, 2024. After November 15, 2024, the legacy setup using PingOne will no longer work, and your organization will lose access to GraphOS.
+If your organization's SSO was set up before April 2024, you must create a new SSO configuration with the [updated instructions](#setup) before November 15, 2024. After November 15, 2024, the legacy setup will no longer work, and your organization will lose access to GraphOS.
 
 </Caution>
diff --git a/src/content/shared/sso-setup-steps.js b/src/content/shared/sso-setup-steps.js
@@ -17,7 +17,7 @@ export const SSOSetupSteps = ({type, idp}) => {
           Share your {idp}&apos;s {type} metadata in GraphOS Studio.
         </ListItem>
         }
-        <ListItem>Verify your configuration details.</ListItem>
+        <ListItem>Verify and configure OIDC details.</ListItem>
         <ListItem>Verify your SSO configuration works.</ListItem>
         <ListItem>Enable SSO in GraphOS Studio.</ListItem>
       </OrderedList>