@@ -80,10 +80,13 @@ Please note that the certificate [fingerprint algorithm](#additional-providers-a
...
@@ -80,10 +80,13 @@ Please note that the certificate [fingerprint algorithm](#additional-providers-a
-[Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/5291) in GitLab 11.8.
-[Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/5291) in GitLab 11.8.
-[Improved](https://gitlab.com/gitlab-org/gitlab/-/issues/9255) in GitLab 11.11 with ongoing enforcement in the GitLab UI.
-[Improved](https://gitlab.com/gitlab-org/gitlab/-/issues/9255) in GitLab 11.11 with ongoing enforcement in the GitLab UI.
-[Improved](https://gitlab.com/gitlab-org/gitlab/-/issues/292811) in GitLab 13.8, with an updated timeout experience.
With this option enabled, users must go through your group's GitLab single sign-on URL. They may also be added via SCIM, if configured. Users can't be added manually, and may only access project/group resources via the UI by signing in through the SSO URL.
With this option enabled, users must go through your group's GitLab single sign-on URL. They may also be added via SCIM, if configured. Users can't be added manually, and may only access project/group resources via the UI by signing in through the SSO URL.
However, users are not prompted to sign in through SSO on each visit. GitLab checks whether a user has authenticated through SSO, and only prompts the user to sign in via SSO if the session has expired.
However, users are not prompted to sign in through SSO on each visit. GitLab checks whether a user
has authenticated through SSO. If it's been more than 7 days since the last sign-in, GitLab
prompts the user to sign in again through SSO.
You can see more information about how long a session is valid in our [user profile documentation](../../profile/#why-do-i-keep-getting-signed-out).
You can see more information about how long a session is valid in our [user profile documentation](../../profile/#why-do-i-keep-getting-signed-out).
We intend to add a similar SSO requirement for [Git and API activity](https://gitlab.com/gitlab-org/gitlab/-/issues/9152).
We intend to add a similar SSO requirement for [Git and API activity](https://gitlab.com/gitlab-org/gitlab/-/issues/9152).
%h4=_('Sign in to "%{group_name}"')%{group_name: @group_name}
-else
%h4=_('Allow "%{group_name}" to sign you in')%{group_name: @group_name}
%p=_('The "%{group_path}" group allows you to sign in with your Single Sign-On Account')%{group_path: @group_path}
%p=_('The "%{group_path}" group allows you to sign in with your Single Sign-On Account')%{group_path: @group_path}
-if@group_saml_identity||!user_signed_in?
-if@group_saml_identity||!user_signed_in?
%p=_("This will redirect you to an external sign in page.")
%p=_("This will redirect you to an external sign in page.")
=saml_link_('Sign in with Single Sign-On'),@group_path,html_class: 'btn btn-success btn-block qa-saml-sso-signin-button',redirect: @redirect_path
=saml_link_('Sign in with Single Sign-On'),@group_path,html_class: 'btn btn-success btn-md gl-button btn-block qa-saml-sso-signin-button',redirect: @redirect_path
-else
-else
.card.card-body.bs-callout-warning
.card.card-body.bs-callout-warning
=_("Only proceed if you trust %{idp_url} to control your GitLab account sign in.")%{idp_url: @idp_url}
=_("Only proceed if you trust %{idp_url} to control your GitLab account sign in.")%{idp_url: @idp_url}