fix(iam): auth methods (#5827)

ldecarvalho-doc · RoRoJ · bene2k1 · web-flow · commit 360f76435d40 · 2025-11-18T17:13:44.000+01:00
* fix(iam): auth methods

* fix(iam): review cyril

* fix(iam): review ro

Co-authored-by: Rowena Jones &lt;36301604+RoRoJ@users.noreply.github.com&gt;

* fix(iam): review bene

Co-authored-by: Benedikt Rollik &lt;brollik@scaleway.com&gt;

---------

Co-authored-by: Rowena Jones &lt;36301604+RoRoJ@users.noreply.github.com&gt;
Co-authored-by: Benedikt Rollik &lt;brollik@scaleway.com&gt;
diff --git a/macros/iam/login-member.mdx b/macros/iam/login-member.mdx
@@ -12,24 +12,39 @@ macro: login-member
       - When you are added to an Organization as a Member, a Scaleway account is automatically created for you. An Organization administrator must provide a username, email and Organization ID for you to log in.
       - If your Organization admin provided a [link to connect directly](/organizations-and-projects/how-to/set-organization-alias) to your Organization, you can disregard step 3.
     </Message>
-4. Enter the username given to you by your Organization's Owner or administrator.
-5. Select an authentication method between **Send code** and **Enter password**.
+4. Select an authentication method between **Send code**, **Enter password** and **SSO** (Google or Github).
     <Tabs>
       <TabsTab label="Email code">
-      1. Click **Send code** to receive a login code in your email.
-      2. Enter the code you received in your email.
+      1. Enter the username given to you by your Organization's Owner or administrator.
+      2. Click **Send code** to receive a login code in your email.
+      3. Enter the code you received in your email.
           <Message type="tip">
             If you did not receive the email you can follow these steps, in order:
               - Make sure you check your spam folder
               - Click **Resend email**
               - Contact an Organization administrator to make sure your information was correctly registered
               - If none of the actions above work, ask an administrator to [contact the support](/account/how-to/open-a-support-ticket/#writing-an-effective-subject-and-description)
           </Message>
-      3. Click **Continue**.
+      4. Click **Continue**.
       </TabsTab>
       <TabsTab label="Password">
-      1. Click **Enter password**.
-      2. Type your password in the box.
-      3. Click **Continue**.
+      1. Enter the username given to you by your Organization's Owner or administrator.
+      2. Click **Enter password**.
+      3. Type your password in the box.
+      4. Click **Continue**.
       </TabsTab>
-    </Tabs>
+      <TabsTab label="SSO">
+      Scaleway provides Single Sign-On (SSO) options for a seamless login experience. By default, you can use your Google or Github account to log in to the console. To do so, make sure the email address associated with your Scaleway account matches the email address of your Google or Github account.
+
+      <Message type="important">
+       SAML SSO login is in Early Access. This means that currently, only selected Organizations can access and test the feature.
+      </Message>
+
+      1. Click the **Google** or the **GitHub** logo for OAuth2 SSO login. If you are logging in with SAML SSO, click **Sign in with SSO**.
+      2. Follow the steps in the Identity Provider you were redirected to, and log in.
+      </TabsTab>
+    </Tabs>
+
+    <Message type="important">
+      If you are unable to log in, contact an Organization administrator.
+    </Message>
diff --git a/pages/iam/how-to/comply-with-sec-requirements-member.mdx b/pages/iam/how-to/comply-with-sec-requirements-member.mdx
@@ -23,7 +23,7 @@ Organization administrators may require you to perform two different security ac
 - [Updating your password](#how-to-update-a-password)
 - [Setting up MFA](#how-to-set-up-mfa-as-a-member)
 
-If one of these requirements is enforced in your Organization, a security checklist will display in your Scaleway console when you log in for the first time,
+If one of these requirements is enforced in your Organization, a security checklist will display in your Scaleway console when you log in for the first time.
 
 <Lightbox image={image} alt="screenshot of the scaleway console showing a checklist of the few quick steps to follow until you can explore the Scaleway console. 1. Update password - You are required to update your password to stay connected to this Organization. A message box indicates that there is 1 day left to update the password. It warns that once this grace period is up, you will be locked out of the Organization until an administrator unlocks your account. A button prompts to update the password. " />
 
diff --git a/pages/iam/how-to/enforce-security-requirements-members.mdx b/pages/iam/how-to/enforce-security-requirements-members.mdx
@@ -19,6 +19,26 @@ For the increased security of your Organization, you can enforce different secur
 - A Scaleway account logged into the [console](https://console.scaleway.com)
 - [Owner](/iam/concepts/#owner) status or [IAM permissions](/iam/concepts/#permission) allowing you to perform actions in the intended Organization
 
+## How to manage authentication methods
+
+You can define which methods you want IAM Members to use for sign in. The following methods are available:
+
+- Identity federation (SAML SSO)
+- OAuth2 (SSO)
+- Password
+- Authentication code
+
+1. Go to the [Security](https://console.scaleway.com/settings/security) settings of your Organization.
+2. Scroll to the **Organization authentication methods** section.
+3. Click **Manage**. A pop-up appears.
+4. Enable or disable authentication methods as necessary.
+    <Message type="important">
+    Make sure that:
+    - At least one authentication method is enabled for the Organization.
+    - You enable the correct methods. If you disable a Member's only authentication method, they might find themselves locked out of your Organization.
+    </Message>
+5. Click **Confirm**.
+
 ## How to disable a member's MFA
 
 If [Multifactor Authentication (MFA) is enabled](/account/how-to/use-2fa) for a member you can disable it anytime. Disabling MFA is useful if the member needs to reset MFA.
diff --git a/pages/iam/how-to/log-in-as-a-member.mdx b/pages/iam/how-to/log-in-as-a-member.mdx
@@ -13,10 +13,8 @@ When you are added to a Scaleway Organization, you become its Member. To access
 Learn how to do so by following our guided tour or reading the instructions below.
 <GuideFlow src="https://app.guideflow.com/embed/zkjl1jdiwp"/>
 
-
 <LoginMember />
 
-
 <Message type="important">
 Once you have successfully logged in for the first time, you must then comply with your Organization's security requirements to ensure you can log in without issues in the future. Refer to the [How to comply with security requirements as a Member](/iam/how-to/comply-with-sec-requirements-member) documentation page to follow the procedure.
 </Message>
