diff --git a/_data/errors.yml b/_data/errors.yml
index 6ed5c789..d2dbf5db 100644
--- a/_data/errors.yml
+++ b/_data/errors.yml
@@ -7,7 +7,7 @@ oidc:
##### Why it's happening
Login.gov recognizes incoming requests from Service Providers by validating the `client_id` field sent in the request and checking it against the Issuer string of Service Providers registered with Login.gov.
- This specific error occurs when Login.gov receives an OIDC request from a Service Provider that contains a `client_id` that is either not registered or not active with Login.gov. The `client_id` specified in the request must match EXACTLY the Issuer defined in the Portal.
+ This specific error occurs when Login.gov receives an OIDC request from a Service Provider that contains a `client_id` that is either not registered or not active with Login.gov. The `client_id` specified in the request must match EXACTLY the Issuer defined in the portal.
##### What to do:
- Ensure the authentication request has a `client_id` value
- Ensure that the `client_id` sent in the authentication request matches the Issuer registered in your application's configuration on the [Partner Portal](https://portal.int.identitysandbox.gov/){:target="_blank"}.
diff --git a/_includes/support/faq_csp_violation.html b/_includes/support/faq_csp_violation.html
index ff9d23ef..832c0b75 100644
--- a/_includes/support/faq_csp_violation.html
+++ b/_includes/support/faq_csp_violation.html
@@ -4,9 +4,9 @@ Background:
The CSP form-action directive restricts which URLs can be used as the target of form submissions from a given context. Certain Chromium-based internet browsers (e.g. Google Chrome and Microsoft Edge) enforce the form-action directive through the entire redirect chain (if any). Other non-Chromium-based browsers only check the first redirect in the chain (e.g. Firefox). For Chromium-based browsers, upon form submission, any attempts to redirect to a url not explicitly listed as a form-action source will violate the CSP directive and cause a failure to load and a console error.
- This error occurs when Service Providers attempt to redirect users to a url that is not registered in the Redirect URLs field in the Login.gov Portal application's configuration. All urls that users could be redirected to, even as a passthrough, need to be included in the list of Redirect URLs.
+ This error occurs when Service Providers attempt to redirect users to a url that is not registered in the Redirect URLs field in the Partner Portal application's configuration. All urls that users could be redirected to, even as a passthrough, need to be included in the list of Redirect URLs.
Solution:
- Use the Network tab of your web browser to identify which redirect (302) is hanging or failing. Add that uri to the list of Redirect URIs in your Login.gov Portal integration configuration.
-
\ No newline at end of file
+ Use the Network tab of your web browser to identify which redirect (302) is hanging or failing. Add that URI to the list of Redirect URIs in your portal integration configuration.
+
diff --git a/_includes/support/faq_unauthorized_sp.html b/_includes/support/faq_unauthorized_sp.html
index db332e85..7106df02 100644
--- a/_includes/support/faq_unauthorized_sp.html
+++ b/_includes/support/faq_unauthorized_sp.html
@@ -1,10 +1,10 @@
Background
- Login.gov recognizes incoming requests from Service Providers by validating the Issuer (for SAML) or ClientID (for OIDC) field sent in the request and checking it against Service Providers registered with Login.gov. The Issuer for each Service Provider is defined in the Issuer field on the Login.gov Portal.
+ Login.gov recognizes incoming requests from Service Providers by validating the Issuer (for SAML) or ClientID (for OIDC) field sent in the request and checking it against Service Providers registered with Login.gov. The Issuer for each Service Provider is defined in the Issuer field on the Partner Portal.
- 
+
- This specific error occurs when Login.gov receives a SAML request from a Service Provider that contains an Issuer field that is either not registered or not active with Login.gov. The Issuer defined in the request must match EXACTLY the Issuer defined in the Portal.
+ This specific error occurs when Login.gov receives a SAML request from a Service Provider that contains an Issuer field that is either not registered or not active with Login.gov. The Issuer defined in the request must match EXACTLY the Issuer defined in the portal.
Solution:
@@ -14,7 +14,7 @@
Solution:
See our video How to Troubleshoot and Fix "Unauthorized Service Provider" Error for SAML Integrations for a detailed visual explanation.
- Note that certain Service Providers will not allow partners to set or change the Issuer value after the application is configured (e.g. MS Power Apps Portal). In this case, the best option would be to create the Login.gov Portal integration configuration after the Service Provider application has defined the Issuer and use that Issuer in the Portal.
+ Note that certain Service Providers will not allow partners to set or change the Issuer value after the application is configured (e.g. MS Power Apps Portal). In this case, the best option would be to create the Login.gov Partner Portal integration configuration after the Service Provider application has defined the Issuer and use that Issuer in the portal.
diff --git a/_layouts/base.html b/_layouts/base.html
index 62e678b9..b31ec1bf 100644
--- a/_layouts/base.html
+++ b/_layouts/base.html
@@ -120,14 +120,14 @@
- Go to Portal
+ Go to portal
{% include nav/list.html
links = site.data.nav.primary
li_class = 'usa-nav__primary-item'
subnav_ul_class = 'desktop:display-none usa-sidenav__sublist'
%}
diff --git a/_pages/index.md b/_pages/index.md
index b8085b19..1ca16322 100644
--- a/_pages/index.md
+++ b/_pages/index.md
@@ -20,7 +20,7 @@ sidenav:
How to integrate with Login.gov
-
-
Register your application in our partner portal
+ Register your application in our Partner Portal
First, create a team. Then, follow the steps to create an application in a sandbox environment where you can configure and test without affecting your live systems. For more details, check out our instructions on using the sandbox.
diff --git a/_pages/oidc/token.md b/_pages/oidc/token.md
index b3c61274..4d267d4f 100644
--- a/_pages/oidc/token.md
+++ b/_pages/oidc/token.md
@@ -23,7 +23,7 @@ sidenav:
---
{% capture client_assertion %}
-A [JWT](https://jwt.io/){:class="usa-link--external"} signed with the client’s private key (minimum length of 2048 bits) associated with the public key uploaded to your integration configuration within the Portal. The JWT should use the RS256 algorithm and containing the following claims:
+A [JWT](https://jwt.io/){:class="usa-link--external"} signed with the client’s private key (minimum length of 2048 bits) associated with the public key uploaded to your integration configuration within the portal. The JWT should use the RS256 algorithm and containing the following claims:
- **iss** (string) — The issuer, which must be the `client_id`.
- **sub** (string) — The subject, which must also be the `client_id`.
- **aud** (string) — The audience, which should be (or, in the case of multiple audience values, include) the URL of the token endpoint, for example: `https://idp.int.identitysandbox.gov/api/openid_connect/token`
diff --git a/_pages/overview.md b/_pages/overview.md
index 1724a5ca..c6996130 100644
--- a/_pages/overview.md
+++ b/_pages/overview.md
@@ -28,7 +28,7 @@ Login.gov is a FedRAMP moderate approved multifactor authentication and identity
This is the configuration for your application within Login.gov’s identity provider. In the sandbox environment, you will be able to determine the configuration yourself and decide what is the best fit for your needs. In the Login.gov production environment, we will manage the final configuration.
To configure a test application in the sandbox environment:
-* Create an account in the [Login.gov Portal](https://portal.int.identitysandbox.gov). From here you will be able to test various configurations and determine what is right for your agency.
+* Create an account in the [Partner Portal](https://portal.int.identitysandbox.gov). From here you will be able to test various configurations and determine what is right for your agency.
* Select between [OIDC]({{ site.baseurl }}/oidc/) or [SAML]({{ site.baseurl }}/saml/) protocol implementation protocols and understand which user attributes are required.
* If you have questions when testing your integration, read through our [FAQs]({{ site.baseurl }}/support/) or submit a ticket to our [technical support help desk]({{ site.baseurl}}/support/#contacting-partner-support).
* Before submitting a request to move your application's configuration to production, review the [User experience]({{ site.baseurl }}/design-guidelines/) page and the [Production]({{ site.baseurl }}/production/) page. Additional requirements, like a [signed Interagency agreement]({{ site.baseurl }}/production/#confirm-interagency-agreement-iaa) (IAA) and [agency logo]({{ site.baseurl }}/user-experience/agency-logo/), are described in these pages.
diff --git a/_pages/production.md b/_pages/production.md
index d0e17a8d..366db4ea 100644
--- a/_pages/production.md
+++ b/_pages/production.md
@@ -35,7 +35,7 @@ Make sure you have the following items ready before you start the deployment pro
- [Signed Interagency Agreement (IAA) listing this integration ]({{ site.baseurl}}/production/#confirm-interagency-agreement-iaa)
-- A dedicated [integration configuration within the Portal](https://dashboard.int.identitysandbox.gov/)
+- A dedicated [integration configuration within the portal](https://dashboard.int.identitysandbox.gov/)
* We recommend having two configurations, one that is intended for deployment to production and one which is purely for testing purposes.
* All production urls should have .gov, .mil, or a dedicated .com address and point to an Authority to Operate (ATO) approved environment.
@@ -69,7 +69,7 @@ Please reach out to your agency IAA contact if you have any questions. If your a
## Production configuration process
-Before you can request deployment, you need to create a new and separate integration configuration on our partner portal. This new app will include your production certificate, urls, and logo. When starting this process you need the following items ready to go:
+Before you can request deployment, you need to create a new and separate integration configuration on our Partner Portal. This new app will include your production certificate, urls, and logo. When starting this process you need the following items ready to go:
- Signed IAA listing this integration
- ATO approved environment
diff --git a/_pages/saml/getting-started.md b/_pages/saml/getting-started.md
index 9bd7255b..0a31eeb6 100644
--- a/_pages/saml/getting-started.md
+++ b/_pages/saml/getting-started.md
@@ -100,7 +100,7 @@ Here are values needed to configure your service provider (SP) to work with Logi
Consistent with the [SAML metadata specification](https://docs.oasis-open.org/security/saml/v2.0/saml-metadata-2.0-os.pdf){:class="usa-link--external"}, Login.gov's metadata for our sandbox environment is available at [https://idp.int.identitysandbox.gov/api/saml/metadata{{ site.data.saml.year.current }}](https://idp.int.identitysandbox.gov/api/saml/metadata{{ site.data.saml.year.current }}).
### Signing Certificates
-Below you can find the X509 certificates used by the Login.gov IdP to sign SAML requests. **Do not enter these certificates in the Portal when configuring an application for testing** - you can follow the instructions in our [testing article]({% link _pages/testing.md %}#creating-a-public-certificate) to generate a client certificate.
+Below you can find the X509 certificates used by the Login.gov IdP to sign SAML requests. **Do not enter these certificates in the portal when configuring an application for testing** - you can follow the instructions in our [testing article]({% link _pages/testing.md %}#creating-a-public-certificate) to generate a client certificate.
{% capture saml_cert_sandbox_title %}
View {{ site.data.saml.year.current }} sandbox certificate
diff --git a/_pages/testing.md b/_pages/testing.md
index 1f599c00..ec4b9719 100644
--- a/_pages/testing.md
+++ b/_pages/testing.md
@@ -29,7 +29,7 @@ The Login.gov sandbox is an open environment to create and test integrations bet
**The Login.gov sandbox environment is supported M-F, 8a-5p ET.** The sandbox is typically available during these hours, though outages may occur.
-In the sandbox environment, our [partner portal](https://portal.int.identitysandbox.gov/) is where you can manage your test applications. ***It is important to note that your Login.gov production account and your Login.gov sandbox account are two separate accounts.***
+In the sandbox environment, our [Partner Portal](https://portal.int.identitysandbox.gov/) is where you can manage your test applications. ***It is important to note that your Login.gov production account and your Login.gov sandbox account are two separate accounts.***
## Getting access to the Login.gov sandbox
@@ -42,7 +42,7 @@ You can create an account in the sandbox environment on your own.
Ask your agency partner to help you gain access. Login.gov will not create an account or add you to a team; your partner must do this for you.
**If you are with a government entity that is not a federal agency (a state or municipality) and do not have an email ending in .gov or .mil**
-Please submit a support ticket through the [Partner Support Help Desk](https://zendesk.login.gov) to get access to the Portal.
+Please submit a support ticket through the [Partner Support Help Desk](https://zendesk.login.gov) to get access to the portal.
## Using the sandbox