pr review comments

phil198 · renetapopova · commit 69ce049d2edf · 2024-09-16T15:19:47.000+01:00
diff --git a/modules/ROOT/pages/authentication-authorization/ldap-integration.adoc b/modules/ROOT/pages/authentication-authorization/ldap-integration.adoc
@@ -387,15 +387,15 @@ Conversely, when `internal.dbms.security.require_local_user` is set to `true`, u
 ======
 
 
-.Create a user with two Auth Providers allowing the user to authenticate and authorize with either LDAP or the `oidc-mysso` provider.
+.Create a user with two Auth Providers allowing the user to authenticate and authorize with either LDAP or the `mysso` provider.
 ======
 ----
 CREATE USER alice
 SET HOME DATABASE anotherDb
 SET AUTH PROVIDER 'ldap' { SET ID 'cn=alice,ou=engineering,dc=example,dc=com' }
-SET AUTH 'oidc-mysso1' {SET ID 'alicesUniqueMySso1Id'}
+SET AUTH 'oidc-mysso' {SET ID 'alicesUniqueMySsoId'}
 ----
-This will create a user who can authenticate and authorize using `ldap` or `oidc-mysso`. See xref:authentication-authorization/sso-integration.adoc#auth-sso-auth-providers[SSO integration] for more information on setting up an OIDC provider.
+This will create a user who can authenticate and authorize using `ldap` or `mysso`. See xref:authentication-authorization/sso-integration.adoc#auth-sso-auth-providers[SSO integration] for more information on setting up an OIDC provider.
 This example also illustrates that the user can have their home database set even when using only external auth providers.
 ======
 
diff --git a/modules/ROOT/pages/authentication-authorization/manage-users.adoc b/modules/ROOT/pages/authentication-authorization/manage-users.adoc
@@ -671,7 +671,7 @@ SET PASSWORD 'abcd1234' CHANGE REQUIRED
 SET STATUS SUSPENDED
 SET HOME DATABASE anotherDb
 ----
-
+[role=label--new-5.24]
 The equivalent command using the xref:authentication-authorization/auth-providers.adoc[Auth Providers] syntax would be:
 
 [source,cypher,role=noplay]
diff --git a/modules/ROOT/pages/authentication-authorization/sso-integration.adoc b/modules/ROOT/pages/authentication-authorization/sso-integration.adoc
@@ -267,13 +267,13 @@ You need to set the `dbms.security.require_local_user` configuration setting to
 The following examples show how you can use Cypher to do this.
 
 
-.Create a user with an Auth Provider who can authenticate and authorize using `oidc-mysso`.
+.Create a user with an Auth Provider who can authenticate and authorize using `mysso`.
 ======
 ----
 CREATE USER jake
-SET AUTH 'oidc-mysso' {SET ID 'jakesUniqueMySso1Id'} // the id must match the claim that you configured via dbms.security.oidc.mysso.claims.username
+SET AUTH 'oidc-mysso' {SET ID 'jakesUniqueMySsoId'} // the id must match the claim that you configured via dbms.security.oidc.mysso.claims.username
 ----
-This will create a user who can authenticate and authorize using `mysso` if they present a valid token with a `sub` claim of `jakesUniqueMySso1Id`.
+This will create a user who can authenticate and authorize using `mysso` if they present a valid token with a `sub` claim of `jakesUniqueMySsoId`.
 The claim used for authentication is determined by the xref:configuration/configuration-settings.adoc#config_dbms.security.oidc.-provider-.claims.username[`dbms.security.oidc.mysso.claims.username`] config setting (default the default is the `sub` claim).
 
 When the `dbms.security.require_local_user` configuration setting is set to `true`, users can *only* authenticate when there is a user in the database with an Auth Provider which links to the provider that the user is trying to authenticate with.
@@ -289,10 +289,10 @@ Conversely, when `internal.dbms.security.require_local_user` is set to `true`, u
 ----
 CREATE USER jake
 SET HOME DATABASE anotherDb
-SET AUTH 'oidc-mysso1' {SET ID 'jakesUniqueMySso1Id'} // this must match the claim that you configured via dbms.security.oidc.mysso1.claims.username
-SET AUTH 'oidc-mysso2' {SET ID 'jakesUniqueMySso2Id'} // this must match the claim that you configured via dbms.security.oidc.mysso2.claims.username
+SET AUTH 'oidc-mysso1' {SET ID 'jakesUniqueMySso1Id'} // `jakesUniqueMySso1Id` must match the value of the claim that you configured via dbms.security.oidc.mysso1.claims.username
+SET AUTH 'oidc-mysso2' {SET ID 'jakesUniqueMySso2Id'} // `jakesUniqueMySso2Id` must match the value of the claim that you configured via dbms.security.oidc.mysso2.claims.username
 ----
-This will create a user who can authenticate and authorize using `oidc-mysso1` or `oidc-mysso2`.
+This will create a user who can authenticate and authorize using `mysso1` or `mysso2`.
 This example also illustrates that the user can have their home database set even when using only external auth providers.
 ======
 
@@ -303,7 +303,7 @@ This example also illustrates that the user can have their home database set eve
 ALTER USER jake
 REMOVE AUTH 'oidc-mysso2'
 ----
-This will prevent the user from being able to authenticate and authorize with the `oidc-mysso2` provider.
+This will prevent the user from being able to authenticate and authorize with the `mysso2` provider.
 ======
 
 .Alter a user to allow them to authenticate and authorize using username and password
@@ -316,7 +316,7 @@ This will allow the user to authenticate and authorize using the specified usern
 ======
 
 
-.Configure the database to allow authentication via `oidc-mysso` and authorization via the `native` provider.
+.Configure the database to allow authentication via `mysso` and authorization via the `native` provider.
 ======
 
 Set the following database config:
@@ -326,20 +326,20 @@ dbms.security.authentication_providers=oidc-mysso
 dbms.security.authorization_providers=native
 ----
 
-Then create a user with a `oidc-mysso` Auth Provider:
+Then create a user with a `mysso` Auth Provider:
 ----
 CREATE USER jake
 SET AUTH 'oidc-mysso' {SET ID 'jakesUniqueMySsoId'} // this must match the claim that you configured via dbms.security.oidc.mysso.claims.username
 ----
 
-Then natively grant the `ANALYST` role to the user:
+Then natively grant the `READER` role to the user:
 ----
-GRANT ROLE ANALYST TO alice
+GRANT ROLE READER TO alice
 ----
 
-This will allow the user to authenticate using `oidc-mysso` and receive the `ANALYST` role from the `native` provider.
+This will allow the user to authenticate using `mysso` and receive the `READER` role from the `native` provider.
 
-It would also be possible to give the user the union of roles from `oidc-mysso` *and* `native` by setting `oidc-mysso` as an authorization provider too:
+It would also be possible to give the user the union of roles from `mysso` *and* `native` by setting `mysso` as an authorization provider too:
 
 ----
 dbms.security.authentication_providers=oidc-mysso
