From 72709422d3b5e1b4da95f5f3cc9c7f2479f77b18 Mon Sep 17 00:00:00 2001 From: Steven Smith Date: Mon, 6 May 2024 10:06:33 -0400 Subject: [PATCH] Updates team sync proc --- modules/enabling-team-sync-oidc.adoc | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/modules/enabling-team-sync-oidc.adoc b/modules/enabling-team-sync-oidc.adoc index 5881091ab..eb6627a40 100644 --- a/modules/enabling-team-sync-oidc.adoc +++ b/modules/enabling-team-sync-oidc.adoc @@ -33,7 +33,7 @@ OIDC_LOGIN_CONFIG: # ... FEATURE_TEAM_SYNCING: true <7> FEATURE_NONSUPERUSER_TEAM_SYNCING_SETUP: true <8> -FEATURE_V2_UI: true +FEATURE_UI_V2: true # ... ---- <1> Required. The registered OIDC client ID for this {productname} instance. @@ -72,14 +72,16 @@ FEATURE_V2_UI: true . On the *Review and Finish* page, review the information that you have provided and click *Review and Finish*. -. To enable team synchronization for your {productname} OIDC deployment, click *Enable Directory Sync* on the *Teams and membership* page. Note the message in the popup: +. To enable team synchronization for your {productname} OIDC deployment, click *Enable Directory Sync* on the *Teams and membership* page. + +. You are prompted to enter the group Object ID if your OIDC authenticator is Azure Entra ID, or the group name if using a different provider. Note the message in the popup: + [WARNING] ==== Please note that once team syncing is enabled, the membership of users who are already part of the team will be revoked. OIDC group will be the single source of truth. This is a non-reversible action. Team's user membership from within Quay will be ready-only. ==== -. In the popup box, enter the name of the group to sync membership with. Then, click *Enable Sync*. +. Click *Enable Sync*. . You are returned to the *Teams and membership* page. Note that users of this team are removed and are re-added upon logging back in. At this stage, only the robot account is still part of the team. +