Add details about how can set external & auditor users

15425097 · Ben Bodenmiller · Mike Jang · e6dc194f · 15425097 · 15425097
Commit 15425097 authored Feb 01, 2021 by Ben Bodenmiller Committed by Mike Jang Feb 01, 2021
Showing with 8 additions and 3 deletions

doc/administration/auditor_users.md doc/administration/auditor_users.md +2 -0

doc/integration/saml.md doc/integration/saml.md +3 -3

doc/user/permissions.md doc/user/permissions.md +3 -0

No files found.
--- a/doc/administration/auditor_users.md
+++ b/doc/administration/auditor_users.md
@@ -68,6 +68,8 @@ To create a new Auditor user:
 To revoke Auditor permissions from a user, make them a regular user by
 following the previous steps.

+Additionally users can be set as an Auditor using [SAML groups](../integration/saml.md#auditor-groups).
+
 ## Permissions and restrictions of an Auditor user

 An Auditor user should be able to access all projects and groups of a GitLab

--- a/doc/integration/saml.md
+++ b/doc/integration/saml.md
@@ -163,7 +163,7 @@ will be returned to GitLab and will be signed in.

 ## SAML Groups

-You can require users to be members of a certain group, or assign users `external`, `admin` or `auditor` roles based on group membership.
+You can require users to be members of a certain group, or assign users [external](../user/permissions.md#external-users), admin or [auditor](../user/permissions.md#auditor-users) roles based on group membership.
 These groups are checked on each SAML login and user attributes updated as necessary.
 This feature **does not** allow you to
 automatically add users to GitLab [Groups](../user/group/index.md).
@@ -217,7 +217,7 @@ Example:

 ### External groups **(PREMIUM SELF)**

-SAML login supports automatic identification on whether a user should be considered an [external](../user/permissions.md) user. This is based on the user's group membership in the SAML identity provider.
+SAML login supports automatic identification on whether a user should be considered an [external user](../user/permissions.md#external-users). This is based on the user's group membership in the SAML identity provider.

 ```yaml
 { name: 'saml',
@@ -259,7 +259,7 @@ considered admin users.

 The requirements are the same as the previous settings, your IdP needs to pass Group information to GitLab, you need to tell
 GitLab where to look for the groups in the SAML response, and which group(s) should be
-considered auditor users.
+considered [auditor users](../user/permissions.md#auditor-users).

 ```yaml
 { name: 'saml',

--- a/doc/user/permissions.md
+++ b/doc/user/permissions.md
@@ -352,6 +352,9 @@ An administrator can flag a user as external by either of the following methods:
  or edit an existing one. There, you can find the option to flag the user as
  external.

+Additionally users can be set as external users using [SAML groups](../integration/saml.md#external-groups)
+and [LDAP groups](../administration/auth/ldap/index.md#external-groups).
+
 ### Setting new users to external

 By default, new users are not set as external users. This behavior can be changed