Merge branch 'docs-saml-screenshots' into 'master'

Add SAML screenshots and links

See merge request gitlab-org/gitlab!24013

doc/administration/index.md

@@ -228,3 +228,6 @@ who are aware of the risks.
   - [Repairing and recovering broken Git repositories](https://git.seveas.net/repairing-and-recovering-broken-git-repositories.html)
   - [Testing with OpenSSL](https://www.feistyduck.com/library/openssl-cookbook/online/ch-testing-with-openssl.html)
   - [Strace zine](https://wizardzines.com/zines/strace/)
+- GitLab.com-specific resources:
+  - [Group SAML/SCIM setup](troubleshooting/group_saml_scim.md)
+  
\ No newline at end of file

doc/administration/troubleshooting/group_saml_scim.md

+---
+type: reference
+---
+
+# Group SAML and SCIM troubleshooting **(SILVER ONLY)**
+
+These are notes and screenshots regarding Group SAML and SCIM that the GitLab Support Team sometimes uses while troubleshooting, but which do not fit into the official documentation. GitLab is making this public, so that anyone can make use of the Support team’s collected knowledge.
+
+Please refer to GitLab's [Group SAML](../../user/group/saml_sso/index.md) docs for information on the feature and how to set it up.
+
+When troubleshooting a SAML configuration, GitLab team members will frequently start with the [SAML troubleshooting section](../../user/group/saml_sso/index.md#troubleshooting).
+
+They may then set up a test configuration of the desired identity provider. We include example screenshots in this section.
+
+## SAML and SCIM screenshots
+
+This section includes relevant screenshots of the following example configurations of [Group SAML](../../user/group/saml_sso/index.md) and [Group SCIM](../../user/group/saml_sso/scim_setup.md):
+
+- [Azure Active Directory](#azure-active-directory)
+- [OneLogin](#onelogin)
+
+CAUTION: **Caution:**
+These screenshots are updated only as needed by GitLab Support. They are **not** official documentation.
+
+If you are currently having an issue with GitLab, you may want to check your [support options](https://about.gitlab.com/support/).
+
+## Azure Active Directory
+
+Basic SAML app configuration:
+
+![Azure AD basic SAML](img/AzureAD-basic_SAML.png)
+
+User claims and attributes:
+
+![Azure AD user claims](img/AzureAD-claims.png)
+
+SCIM mapping:
+
+![Azure AD SCIM](img/AzureAD-scim_attribute_mapping.png)
+
+## OneLogin
+
+Application details:
+
+![OneLogin application details](img/OneLogin-app_details.png)
+
+Parameters:
+
+![OneLogin application details](img/OneLogin-parameters.png)
+
+Adding a user:
+
+![OneLogin user add](img/OneLogin-userAdd.png)
+
+SSO settings:
+
+![OneLogin SSO settings](img/OneLogin-SSOsettings.png)

doc/user/group/saml_sso/index.md

@@ -265,6 +265,10 @@ Specific attention should be paid to:
 - The presence of a `X509Certificate`, which we require to verify the response signature.
 - The `SubjectConfirmation` and `Conditions`, which can cause errors if misconfigured.
 
+### Verifying configuration
+
+For convenience, we've included some [example resources](../../../administration/troubleshooting/group_saml_scim.md) used by our Support Team. While they may help you verify the SAML app configuration, they are not guaranteed to reflect the current state of third-party products.
+
 ### Verifying NameID
 
 In troubleshooting the Group SAML setup, any authenticated user can use the API to verify the NameID GitLab already has linked to the user by visiting [https://gitlab.com/api/v4/user](https://gitlab.com/api/v4/user) and checking the `extern_uid` under identities.