fix(iam): review cyril+astrid

Author: ldecarvalho-doc

macros/iam/login-member.mdx

@@ -4,6 +4,10 @@ macro: login-member
 
 If you were added to a Scaleway Organization as an [IAM member](/iam/concepts#members), the login process is different.
 
+<Message type="important">
+  Login via [Single Sign-On (SSO)](/account/concepts/#single-sign-on-sso) is currently not available for members.
+</Message>
+
 1. Open your web browser and go to the [Scaleway console](https://console.scaleway.com).
 2. Click the **Log in as an IAM Member**.
 3. Enter the Organization ID and click **Continue**.

pages/account/concepts.mdx

@@ -50,6 +50,10 @@ Multifactor authentication (MFA) is any form of verification that requires two f
 
 A password is a string of characters associated to your account's email address that allows you to access the [Scaleway console](https://console.scaleway.com/). It is personal and must not be shared with anyone. Alternatively, you can use a [magic link](#magic-link) to authenticate yourself.
 
+## Single Sign-on (SSO)
+
+Single Sign-On (SSO) allows you to use your Google or Microsoft account to log in to the console. To do so, make sure the email address associated with your Scaleway account matches the email address of your Google or Microsoft account.
+
 ## Support plan
 
 Scaleway provides four different types of [support plans](https://console.scaleway.com/support/plans): Basic, Silver, Gold and Platinum. Your support plan determines the level of service and dedicated assistance you have access to, and the guaranteed response time of your support requests. You can [configure your support plan in the console](/account/how-to/configure-support-plans/).

pages/account/how-to/log-in-to-the-console.mdx

@@ -41,7 +41,7 @@ A confirmation email is sent to your inbox, confirming that you have authenticat
 Scaleway provides Single Sign-On (SSO) options for a seamless login experience. You can use your Google or Microsoft account to log in to the console. To do so, make sure the email address associated with your Scaleway account matches the email address of your Google or Microsoft account.
 
 1. Open your web browser and go to the [Scaleway console](https://console.scaleway.com).
-2. Click the **Log in with Google** , **Log in with Microsoft**, or **Log in with GitHub** button, depending on the account you want to use.
+2. Click the **Log in with Google**, **Log in with Microsoft**, or **Log in with GitHub** button, depending on the account you want to use.
 3. You will be redirected to the respective login page of Google, Microsoft or GitHub.
 4. If multifactor authentication (MFA) is activated, enter the authentication code.
 

pages/account/how-to/use-2fa.mdx

@@ -34,7 +34,7 @@ Download the app of your choice and install it onto your smartphone.
 
 1. Click your Organization name on the top-right corner of the console navigation menu, click **Profile**, then **Security**.
     <Message type="important">
-      If you are logged in as an [IAM member](/iam/concepts/#member), Click **Profile**, then **Credentials** and scroll down to the **Multifactor authentication** section.
+      If you are logged in as an [IAM Member](/iam/concepts/#member), Click **Profile**, then **Credentials** and scroll down to the **Multifactor authentication** section.
     </Message>
 2. Click **Enable MFA**, in the **Multifactor authentication** section. A pop-up displays.
 3. Enter the code shown on the pop-up into your MFA app, or scan the QR code into your app.
@@ -71,7 +71,7 @@ If you no longer have access to the device in which you set up your MFA, you can
 ## How to disable MFA
 
 <Message type="important">
-  You cannot disable MFA if you are a member of one or more Organizations where MFA is enforced. If you wish to disable MFA, you must first leave these Organizations. If you do not know which of your Organizations enforce MFA, follow the procedure below until step 2. The Organizations will be listed in the **Disable MFA** pop-up.
+  You cannot disable MFA if you are a Member of one or more Organizations where MFA is enforced. If you wish to disable MFA, you must first leave these Organizations. If you do not know which of your Organizations enforce MFA, follow the procedure below until step 2. The Organizations will be listed in the **Disable MFA** pop-up.
 </Message>
 
 1. Access the [Security](https://console.scaleway.com/account/security) tab of your **User Account** page.

pages/iam/concepts.mdx

@@ -68,7 +68,9 @@ You can also create non-human users in your Organization, called [IAM applicatio
 
 ## Member
 
-You are a Member when you are added to an Organization by an Owner or user with IAM Manager permissions. Members exist only within the specific Organizations in which they are created. As a Member you are subject to [complying with the security requirements](/iam/how-to/log-in-as-a-member#how-to-comply-with-security-requirements) in effect in your Organization.
+You are a Member when you are added to an Organization by an Owner or user with IAM Manager permissions. Members exist only within the specific Organizations in which they are created. This is one of the methods employed at Scaleway to allow Organizations to have multi-users. Members fufill the same purpose as Guest, while ensuring the security of the Organization.
+
+As a Member you are subject to [complying with the security requirements](/iam/how-to/log-in-as-a-member#how-to-comply-with-security-requirements) in effect in your Organization.
 
 ## Organization
 

pages/iam/how-to/accept-invitation-to-orga.mdx

@@ -22,7 +22,9 @@ When you [create a Scaleway account](/account/how-to/create-an-account/), an Org
 When someone invites you to join their Organization, you receive an email to inform you.
 
 <Message type="important">
-  If the Organization you were invited to [enforces MFA](/organizations-and-projects/how-to/enforce-mfa/), make sure you have [activated MFA](/account/how-to/use-2fa/) before accepting the invitation.
+  Keep in mind that:
+  - The procedure described on this page applies only to [IAM Guests](/iam/concepts/#guest)
+  - If the Organization you were invited to [enforces MFA](/organizations-and-projects/how-to/enforce-mfa/), make sure you have [activated MFA](/account/how-to/use-2fa/) before accepting the invitation.
 </Message>
 
 ## If you already have a Scaleway account

pages/iam/how-to/comply-with-sec-requirements-member.mdx

@@ -40,12 +40,6 @@ Once the grace period is over, your Member account is automatically locked and y
 
 For example, if your Organization's grace period is set to default, you have 7 days, starting from your first login, to renew your password or define a new one, and to set up MFA. If you fail to comply until the 11:59 p.m. of the 7th day, you will get locked out of the Organization at 00:00 a.m. of the 8th day.
 
-### Maximum login attempts
-
-Currently, a default number of a maximum 5 login attempts is set up for all Scaleway Organizations.
-
-This means that if you fail to login five times, you will be blocked from your Organization and you must contact your administrator.
-
 ## How to update a password
 
 Passwords are not required for a first Member login.

pages/iam/how-to/enforce-security-requirements-members.mdx

@@ -1,10 +1,10 @@
 ---
 meta:
   title: How to enforce security requirements for IAM members in your Organization
-  description: This page shows you how to edit the grace period IAM members have to comply with security requirements, enforce password renewal and define a maximum number of login attempts.
+  description: This page shows you how to edit the grace period IAM members have to comply with security requirements and enforce password renewal.
 content:
   h1: How to enforce security requirements for IAM members
-  paragraph: This page shows you how to edit the grace period IAM members have to comply with security requirements, enforce password renewal and define a maximum number of login attempts.
+  paragraph: This page shows you how to edit the grace period IAM members have to comply with security requirements and enforce password renewal.
 dates:
   validation: 2025-02-11
   posted: 2025-02-11
@@ -77,8 +77,5 @@ From their first login, members have a default grace period of seven days to com
 4. Define the grace period in hours or days.
 5. Click **Define grace period** to confirm.
 
-## How to set a maximum number of login attempts
-
-Currently, a default number of a maximum 5 login attempts is set up for your Organization automatically.
 
 

pages/iam/how-to/manage-members.mdx

@@ -26,19 +26,21 @@ dates:
 4. (Optional) Check the box if you want to send a welcome email to the Member.
 5. Add a password.
     <Message type="note">
-      This step is optional. If you set a password, make sure you keep note of it to share it with the Member later. The password will only be shown once. From their first login, the Member has up to seven days to update their password and comply with this security requirement.
+      This step is optional. If you set a password, make sure you keep note of it to share it with the Member later. The password will only be shown once. If password renewal is enforced in the Organization, from their first login, the Member has up to 7 days to update their password and comply with this security requirement.
     </Message>
 6. (Optional) Check the box if you want to send the password to the Member via email.
 7. Click **Create Member**.
 
-If you did not send an invitation email to the Member, make sure you give them their login information.
+If you did not send an welcome email to the Member, make sure you give them their login information.
 
 ## How to lock a Member
 
 As an Owner or user with IAM Manager permissions, you can lock a Member anytime.
 
 <Message type="important">
-  Locking is an action that only applies to IAM Members. Once a Member is locked, they cannot log into the Organization, but are not removed from it.
+  Locking is an action that only applies to IAM Members. Keep in mind that:
+      - Once a Member is locked, they cannot log into the Organization, but are not removed from it.
+      - Any API keys attached to a Member lose their permissions when the Member is locked.
 </Message>
 
 1. Click **Identity and Access Management (IAM)** on the top-right corner of your [Organization Dashboard](https://console.scaleway.com/organization) in the Scaleway console. The **Users** tab of the [Identity and Access Management dashboard](https://console.scaleway.com/iam/users) displays.
@@ -99,7 +101,6 @@ Refer to the dedicated [How to enforce security for Members](/iam/how-to/enforce
 - [How to enforce password renewal](/iam/how-to/enforce-security-requirements-members/#how-to-enforce-password-renewal)
 - [How to stop enforcing password renewal](/iam/how-to/enforce-security-requirements-members/#how-to-stop-enforcing-password-renewal)
 - [How to edit the grace period of your Organization](/iam/how-to/enforce-security-requirements-members/#how-to-edit-the-grace-period-of-your-organization)
-- [How to set a maximum number of login attempts](/iam/how-to/enforce-security-requirements-members/#how-to-set-a-maximum-number-of-login-attempts)
 
 
 ## How to delete a Member

pages/iam/quickstart.mdx

@@ -51,7 +51,7 @@ IAM applications are non-human users in an Organization, enabling you to give pr
 
 ## How to give permissions to users and applications via policies
 
-Users you have invited to your Organization, and applications you have created, have no rights or permissions until you attach [policies](/iam/reference-content/policy/) to them, as described below.
+Users you have added to your Organization, and applications you have created, have no rights or permissions until you attach [policies](/iam/reference-content/policy/) to them, as described below.
 1. Click **Identity and Access Management (IAM)** from the top-right of your [**Organization Dashboard**](https://console.scaleway.com/organization) in the Scaleway console. The **Users** tab of the [Identity and Access Management dashboard](https://console.scaleway.com/iam/users) displays.
 2. Click the **Policies** tab. A list of the Organization's existing policies displays.
 3. Click **Create policy**. The creation wizard displays.