docs: Advertise SAML authentication as an official feature.

Fixes #13275.
2019-10-29 16:23:07 -07:00 · 2019-10-29 16:23:07 -07:00 · c7c6f01236
parent 4561652513
commit c7c6f01236
6 changed files with 25 additions and 21 deletions
--- a/docs/production/authentication-methods.md
+++ b/docs/production/authentication-methods.md
@ -36,9 +36,9 @@ are documented in your `settings.py`.

 ## SAML

-Zulip 2.1 and later has beta support for SAML authentication, used by
-Okta, OneLogin, and many other IdPs (identity providers).  You can
-configure it as follows:
+Zulip 2.1 and later supports SAML authentication, used by Okta,
+OneLogin, and many other IdPs (identity providers).  You can configure
+it as follows:

 1. These instructions assume you have an installed Zulip server.  You
   can have created an organization already using EmailAuthBackend, or
--- a/docs/production/settings.md
+++ b/docs/production/settings.md
@ -38,9 +38,7 @@ prefilled with that value.

 `AUTHENTICATION_BACKENDS`: Zulip supports a wide range of popular
 options for authenticating users to your server, including Google
-Auth, GitHub Auth, LDAP, REMOTE_USER, and more.  Note, however, that
-the default (email) backend must be used when creating a new
-organization.
+Auth, GitHub Auth, LDAP, SAML, REMOTE_USER, and more.

 If you want an additional or different authentication backend, you
 will need to uncomment one or more and then do any additional
--- a/templates/zerver/features.html
+++ b/templates/zerver/features.html
@ -240,6 +240,13 @@
                by your choice of Zoom, Jitsi Meet, or Google Hangouts.
            </p>
        </a>
+        <a class="feature-block" href="/help/configure-authentication-methods" target="_blank">
+            <h3>FLEXIBLE AUTHENTICATION</h3>
+            <p>
+                Supported authentication providers include LDAP, SAML,
+                Google, GitHub, and more.
+            </p>
+        </a>
        <a class="feature-block" href="/help/import-from-slack" target="_blank">
            <h3>DATA IMPORT</h3>
            <p>
@ -296,7 +303,6 @@
        <!--Hack: These two pseudo elements are here to ensure the flex
        arrangment uses the proper cell size with 4 elements in 2 rows.-->
        <div class="feature-block"></div>
-        <div class="feature-block"></div>
    </section>
 </div>
 {% endblock %}
--- a/templates/zerver/help/configure-authentication-methods.md
+++ b/templates/zerver/help/configure-authentication-methods.md
@ -2,13 +2,13 @@

 {!admin-only.md!}

-By default, Zulip allows logging in via email/password, your Google account,
-or your GitHub account. You can restrict users to logging in via only a
-subset of these methods.
+By default, Zulip allows logging in via email/password, your Google
+account, or your GitHub account. You can restrict users to logging in
+via only a subset of these methods.

-LDAP and other SSO login methods are currently restricted to self-hosted
-Zulips only, though contact us at support@zulipchat.com if that is a
-blocker.
+LDAP and various custom SSO login methods are currently restricted to
+self-hosted Zulips only.  SAML authentication is supported by Zulip
+Cloud but requires contacting support@zulipchat.com to configure it.

 **Note:** If you are running your own server,
 [read this](https://zulip.readthedocs.io/en/latest/production/authentication-methods.html)
--- a/templates/zerver/help/logging-in.md
+++ b/templates/zerver/help/logging-in.md
@ -4,8 +4,8 @@ By default, Zulip allows you to log with an email/password pair, a Google accoun
 a GitHub account.

 Organization administrators can
-[add other authentication methods](configure-authentication-methods),
-including SSO or LDAP integration, or disable any of the methods above.
+[add other authentication methods](/help/configure-authentication-methods),
+including the SAML and LDAP integrations, or disable any of the methods above.

 You can log in with any method allowed by your organization, regardless of
 how you signed up. E.g. if you originally signed up using your Google
--- a/templates/zerver/security.md
+++ b/templates/zerver/security.md
@ -63,13 +63,13 @@ priority.

 ## Authentication

- Zulip supports integrated single sign-on with Google, GitHub, and Active
-  Directory/LDAP. SAML and Okta authentication are coming soon. With Zulip
-  on-premise, we can support any of the 100+ authentication tools supported
-  by
+- Zulip supports integrated single sign-on with Google, GitHub, SAML
+  (including Okta), AzureAD, and Active Directory/LDAP.  With Zulip
+  on-premise, we can support any of the 100+ authentication tools
+  supported by
  [python-social-auth](https://python-social-auth-docs.readthedocs.io/en/latest/backends/index.html#social-backends)
-  as well as
-  [any SSO service that has a plugin for Apache][apache-sso].
+  as well as [any SSO service that has a plugin for
+  Apache][apache-sso].
 - Zulip uses the zxcvbn password strength checker by default, and supports
  customizing users’ password strength requirements. See our documentation
  on