diff --git a/certificate-manager/README.mdx b/certificate-manager/README.mdx
index 2f4b2dd6..6337e18f 100644
--- a/certificate-manager/README.mdx
+++ b/certificate-manager/README.mdx
@@ -1,11 +1,11 @@
---
-updated_at: September 17, 2025
+updated_at: November 06, 2025
title: Getting Started with Smallstep Certificate Manager
html_title: Certificate Manager Documentation Hub Overview
description: Complete guide to Smallstep Certificate Manager. Simplify enterprise PKI with automated certificate lifecycle management at scale easily.
---
-Smallstep Certificate Manager is a commercial product built on `step-ca` that delivers a highly available hosted certificate authorities, expiry notifications and alerts, a management dashboard, Active Revocation, API, and other features. With Smallstep Certificate Manager, you can easily issue private TLS/SSL certificates to all your things. [Learn more here.](https://smallstep.com/certificate-manager)
+Smallstep Certificate Manager is a commercial product built on `step-ca` that delivers a highly available hosted certificate authorities, expiry notifications and alerts, a management console, Active Revocation, API, and other features. With Smallstep Certificate Manager, you can easily issue private TLS/SSL certificates to all your things. [Learn more here.](https://smallstep.com/certificate-manager)
If you need to manage devices or workloads that are not supported yet, then you can use Certificate Manager to tinker a solution.
diff --git a/certificate-manager/basic-ops.mdx b/certificate-manager/basic-ops.mdx
index b45a0460..5cab1f36 100644
--- a/certificate-manager/basic-ops.mdx
+++ b/certificate-manager/basic-ops.mdx
@@ -1,5 +1,5 @@
---
-updated_at: September 17, 2025
+updated_at: November 06, 2025
title: Smallstep Certificate Manager Basic Certificate Operations
html_title: Basic Certificate Manager Operations Guide
description: Essential Certificate Manager operations for daily use. Learn certificate issuance, renewal, revocation, and monitoring workflows.
@@ -40,7 +40,7 @@ In this command, we are asking the CA to create a certificate with the following
* `--san myservice.internal.mycompany.net` - Add an additional SAN to the certificate, with the specified value
* `--not-after 24h` - Set the certificate to expire after 24 hours
-When you run this command, it will envoke the `authority-admin` provisioner and start a single sign-on flow via the smallstep dashboard.
+When you run this command, it will envoke the `authority-admin` provisioner and start a single sign-on flow via the smallstep console.
After a successful sign-in, the authority will issue the certificate.
### Step 2 - Inspect a test certificate
diff --git a/certificate-manager/getting-started.mdx b/certificate-manager/getting-started.mdx
index 59583c05..5237e24f 100644
--- a/certificate-manager/getting-started.mdx
+++ b/certificate-manager/getting-started.mdx
@@ -1,5 +1,5 @@
---
-updated_at: September 17, 2025
+updated_at: November 06, 2025
title: Smallstep Certificate Manager Getting Started
html_title: Get Started with Certificate Manager Guide
description: Get started with Certificate Manager in minutes. Quick setup guide for enterprise certificate automation and PKI management with best practices.
@@ -30,10 +30,10 @@ Creating a team gives you access to Smallstep's products.
Click [here](https://smallstep.com/signup?product=cm) to create a team.
You will be asked to provide:
* `Team Name` - Usually, this is your company name.
-* `Team URL` - This is where you will access the smallstep dashboard and will also be the base domain for the CA URL for any Authorities you create.
+* `Team URL` - This is where you will access the smallstep console and will also be the base domain for the CA URL for any Authorities you create.
* `First & Last Name` - Smallstep Team administrator's name.
* `E-mail` - Smallstep Team administrator's e-mail address.
-* `password` - This password is used to login into the Smallstep dashboard
+* `password` - This password is used to login into the Smallstep console
Smallstep team admins can subscribe to and manage Smallstep products.
@@ -41,7 +41,7 @@ Smallstep team admins can subscribe to and manage Smallstep products.
A Certificate Manager Authority is an online CA that authenticates and authorizes certificate requests.
It can issue, renew, and revoke your x.509 TLS certificates.
To create an Authority:
-* Log into the smallstep dashboard, select the Certificate Manager tab, and click the "Add Authority" button.
+* Log into the smallstep console, select the Certificate Manager tab, and click the "Add Authority" button.
* Choose "Create a new hosted Authority".
* Give your Authority a name and subdomain value (the URL path you wish to use for your online CA).
* Choose "Create"
diff --git a/certificate-manager/how-it-works.mdx b/certificate-manager/how-it-works.mdx
index e7b4653f..771f3588 100644
--- a/certificate-manager/how-it-works.mdx
+++ b/certificate-manager/how-it-works.mdx
@@ -1,5 +1,5 @@
---
-updated_at: September 17, 2025
+updated_at: November 06, 2025
title: Smallstep Certificate Manager How It Works
html_title: Certificate Manager Architecture Guide
description: Technical architecture of Certificate Manager. Understand components, workflows, and security model for enterprise PKI deployment planning.
@@ -41,7 +41,7 @@ configuration management, or use
or [`step ca root`](https://smallstep.com/docs/step-cli/reference/ca/root) to
securely download your root certificate from an issuing authority. You can also
download the root certificate for your authorities from the Certificate Manager
-dashboard.
+console.
- [`step ca bootstrap`](https://smallstep.com/docs/step-cli/reference/ca/bootstrap)
configures `step` to trust your root CA and use a particular issuing
@@ -159,7 +159,7 @@ default for the `OIDC` provisioner).
Some use cases demand an option to renew expired certificates.
For example, intermittently-connected devices may not be able to reach the CA in time for a renewal.
The ability to renew expired certificates can be enabled on a per-provisioner basis.
-Enable it in the Smallstep dashboard when you create a new provisioner,
+Enable it in the Smallstep console when you create a new provisioner,
or on the command line for an existing provisioner.
While sometimes necessary, this feature comes with risks and is disabled by default.
diff --git a/certificate-manager/oidc.mdx b/certificate-manager/oidc.mdx
index 3b1c4730..5e977156 100644
--- a/certificate-manager/oidc.mdx
+++ b/certificate-manager/oidc.mdx
@@ -1,4 +1,5 @@
---
+updated_at: November 06, 2025
title: Smallstep Certificate Manager Single Sign-on Certificates
html_title: Smallstep Certificate Manager single sign-on certificates for humans
description: Connect your IDP to Smallstep Certificate Manager and issue certificates to your developers.
@@ -76,7 +77,7 @@ Use the following command as a template for adding an OIDC provisioner.
-This command requires Administrator privileges on the Authority. The terminal will prompt you to enter your email and perform a single sign-on flow via the smallstep dashboard.
+This command requires Administrator privileges on the Authority. The terminal will prompt you to enter your email and perform a single sign-on flow via the smallstep console.
{`No admin credentials found. You must login to execute admin commands.
@@ -86,7 +87,7 @@ Your default web browser has been opened to visit:`}
Upon completion, your OIDC provisioner will be created.
-It will appear on your smallstep dashboard authority detail page.
+It will appear on your smallstep console authority detail page.
### Step 3 - Enable self-service single sign-on certificates.
From the user's perspective, when requesting a certificate, `step` detects the OIDC provisioner and initiates the OAuth login flow automatically:
diff --git a/platform/enrollment-guide.mdx b/platform/enrollment-guide.mdx
index 314c354c..213bb674 100644
--- a/platform/enrollment-guide.mdx
+++ b/platform/enrollment-guide.mdx
@@ -1,5 +1,5 @@
---
-updated_at: September 17, 2025
+updated_at: November 06, 2025
title: Device Enrollment Guide
html_title: Device Enrollment Implementation Guide
description: Step-by-step guide for device enrollment and inventory management. Set up secure certificate enrollment for all enterprise devices.
@@ -94,6 +94,6 @@ create a user using the following value
```
Once added,
-you'll see the device in your Smallstep dashboard,
+you'll see the device in your Smallstep console,
under Recent Devices,
and it will be automatically approved.
diff --git a/platform/smallstep-agent.mdx b/platform/smallstep-agent.mdx
index 4811e828..c89047b8 100644
--- a/platform/smallstep-agent.mdx
+++ b/platform/smallstep-agent.mdx
@@ -1,5 +1,5 @@
---
-updated_at: October 20, 2025
+updated_at: November 06, 2025
title: Smallstep Agent for Linux
html_title: Smallstep Agent for Device Management Guide
description: Deploy and configure Smallstep Agent on Linux. Automated device identity management and certificate renewal for enterprise Linux fleets.
@@ -214,9 +214,9 @@ Alternatively, you can pre-register all of your team's devices:
fingerprint: "40523785c1d1d11EXAMPLE017b660d52a5fa5f2cb94cf0e1a9e9209dbea0826"
```
- - Your `team` ID (team slug). This is the value after `/app/` in your Smallstep dashboard URL.
- - Your agent CA `fingerprint`. Find this value in your dashboard:
- - In the Smallstep dashboard, select Authorities
+ - Your `team` ID (team slug). This is the value after `/app/` in your Smallstep console URL.
+ - Your agent CA `fingerprint`. Find this value in your console:
+ - In the Smallstep console, select Authorities
- Select the Smallstep Agents authority
- Use the sha256 Root fingerprint displayed on this page
diff --git a/platform/smallstep-api.mdx b/platform/smallstep-api.mdx
index ff3f4f10..ecdc0cc2 100644
--- a/platform/smallstep-api.mdx
+++ b/platform/smallstep-api.mdx
@@ -1,5 +1,5 @@
---
-updated_at: September 17, 2025
+updated_at: November 06, 2025
title: Smallstep API
html_title: Platform API Reference Documentation Guide
description: Complete API reference for managing devices, certificates, and PKI programmatically. Integrate Smallstep into your security workflows.
@@ -57,6 +57,6 @@ curl -sH @api_headers --request GET \
--header 'x-smallstep-api-version: 2025-01-01' | jq
```
-Or, in your Smallstep dashboard,
+Or, in your Smallstep console,
you'll see the device listed under Recent Devices.
diff --git a/registration-authorities/acme-for-certificate-manager.mdx b/registration-authorities/acme-for-certificate-manager.mdx
index 2f104520..0f966475 100644
--- a/registration-authorities/acme-for-certificate-manager.mdx
+++ b/registration-authorities/acme-for-certificate-manager.mdx
@@ -1,5 +1,5 @@
---
-updated_at: September 17, 2025
+updated_at: November 06, 2025
title: ACME Registration Authority for Smallstep Certificate Manager
html_title: Deploy ACME RA with Certificate Manager
description: Deploy ACME Registration Authority with Certificate Manager. Enable distributed ACME certificate issuance at enterprise scale.
@@ -166,7 +166,7 @@ Setting up an RA manually involves the following steps:
1. Create an Authority in Certificate Manager with a JWK provisioner
- First, create a hosted Authority in the Certificate Manager dashboard if you haven't already, and configure your local `step` CLI to access this Authority, using `step ca bootstrap`.
+ First, create a hosted Authority in the Certificate Manager console if you haven't already, and configure your local `step` CLI to access this Authority, using `step ca bootstrap`.
Now, as a Super Administrator, add a JWK provisioner to the Authority, and give it a name (eg. `acme-ra-jwk`):
@@ -266,7 +266,7 @@ If you're running Kubernetes, you can run an ACME Registration Authority in your
1. Create an Authority in Certificate Manager with a JWK provisioner
- First, create a hosted Authority in the Certificate Manager dashboard if you haven't already, install the `step` CLI locally (`brew install step`), and configure `step` to access your Authority, using `step ca bootstrap`.
+ First, create a hosted Authority in the Certificate Manager console if you haven't already, install the `step` CLI locally (`brew install step`), and configure `step` to access your Authority, using `step ca bootstrap`.
Now, as a Super Administrator, add a JWK provisioner to the Authority, and give it a name (eg. `registration-authority`):
diff --git a/ssh/acls.mdx b/ssh/acls.mdx
index cc25a4e6..8a61eb42 100644
--- a/ssh/acls.mdx
+++ b/ssh/acls.mdx
@@ -1,5 +1,5 @@
---
-updated_at: September 17, 2025
+updated_at: November 06, 2025
title: Access Control Guide
description: Implement fine-grained SSH access controls with certificates. Define who can access which servers using certificate-based policies.
html_title: SSH Access Control Lists Configuration
@@ -48,7 +48,7 @@ Sign in at `https://smallstep.com/app/[Team ID]`
### Step 2: Grant User Group Access to Host(s)
-On your Smallstep Dashboard.
+On your Smallstep console.
* Select the "Users" tab on the right hand navigation bar.
* Choose the "GROUPS" tab
diff --git a/ssh/azure-ad.mdx b/ssh/azure-ad.mdx
index 09fed85a..265ce73e 100644
--- a/ssh/azure-ad.mdx
+++ b/ssh/azure-ad.mdx
@@ -1,5 +1,5 @@
---
-updated_at: September 17, 2025
+updated_at: November 06, 2025
title: Microsoft Entra ID Quickstart
html_title: SSH with Microsoft Entra ID (Azure AD)
description: Integrate SSH certificates with Microsoft Entra ID. Enable single sign-on for SSH using enterprise identity providers for unified access.
@@ -43,7 +43,7 @@ When creating your groups, give them names and accept the defaults on all other
### Step 2. Tell us your directory's Tenant ID
-1. In the Smallstep SSH dashboard, under the Users tab, choose Azure.
+1. In the Smallstep SSH console, under the Users tab, choose Azure.
2. Paste your Tenant ID from the [Active Directory Overview](https://portal.azure.com/#blade/Microsoft_AAD_IAM/ActiveDirectoryMenuBlade/Overview) blade into the "Add Your Team" dialog:
@@ -89,7 +89,7 @@ Your Users and Groups list should now look something like this:
1. Choose **Provisioning** on the left and choose **Get Started**.
2. Set the provisioning mode to **Automatic**.
4. Expand **Admin Credentials:**
- * Supply the SCIM **Tenant URL** and **Secret Token** from the Smallstep dashboard.
+ * Supply the SCIM **Tenant URL** and **Secret Token** from the Smallstep console.
* Choose **Test Connection** and make sure that it works.
* Save.
@@ -131,7 +131,7 @@ Your Users and Groups list should now look something like this:
### Step 5. Confirm the directory connection
-Return to the Smallstep dashboard.
+Return to the Smallstep console.
* Navigate to the LOGS menu. You should see a list of success messages assocated with `SCIM-SYNC` catagory items.
diff --git a/ssh/hosts.mdx b/ssh/hosts.mdx
index 1f5c8e8a..f5d24a88 100644
--- a/ssh/hosts.mdx
+++ b/ssh/hosts.mdx
@@ -1,5 +1,5 @@
---
-updated_at: September 17, 2025
+updated_at: November 06, 2025
title: Smallstep SSH Host Quickstart
description: Configure SSH host certificates for server authentication. Eliminate TOFU (Trust On First Use) and secure SSH infrastructure.
html_title: SSH Host Certificate Quick Setup Tutorial
@@ -216,6 +216,6 @@ Match User *,!ubuntu
* `ssh-test.app.smallstep.com` — For SSH test sessions
* `https://ssh..ca.smallstep.com` — The CA internal PKI APIs (protected by mTLS)
* `https://smallstep.com/app/teams/sso/success` — Single sign-on success page
- * `https://smallstep.com/app/` — Admin Dashboard
+ * `https://smallstep.com/app/` — Admin console
* `https://api.smallstep.com` — APIs to fetch team information
* `https://auth.smallstep.com` — OpenID Connect flow, if you have no identity provider configured
diff --git a/ssh/how-it-works.mdx b/ssh/how-it-works.mdx
index 44e6a607..b8993b7c 100644
--- a/ssh/how-it-works.mdx
+++ b/ssh/how-it-works.mdx
@@ -1,5 +1,5 @@
---
-updated_at: September 17, 2025
+updated_at: November 06, 2025
title: Smallstep SSH How It Works
html_title: How SSH Certificates Work - Technical Guide
description: Technical overview of SSH certificate authentication. Learn how certificates replace keys for better security and management in modern SSH.
@@ -31,11 +31,11 @@ From here, the ssh handshake continues seamlessly.
-If Alice wants to connect from a different device, it's easier for her to run `step ssh login` (or let `step ssh proxycommand` run it for her transparently) than it is to extract her certificate from `ssh-agent` and copy it over. Bastion hosts are supported, too! You can ssh to the server using its internal DNS name, and the connection will flow through your bastion. All connection requests to the host are logged and reported in the smallstep dashboard.
+If Alice wants to connect from a different device, it's easier for her to run `step ssh login` (or let `step ssh proxycommand` run it for her transparently) than it is to extract her certificate from `ssh-agent` and copy it over. Bastion hosts are supported, too! You can ssh to the server using its internal DNS name, and the connection will flow through your bastion. All connection requests to the host are logged and reported in the smallstep console.
### Manage SSH Access From Your Identity Provider
-All user and group information is maintained in your existing identity provider. We pull basic information from your IdP using the SCIM protocol or native APIs. In the smallstep dashboard, you'll tag groups that need SSH access. When you add or remove users in one of these groups in your IdP, it will automatically flow to your entire managed fleet of hosts. No need to kick off automation flows to push key changes. Access is instantly added, changed, or revoked.
+All user and group information is maintained in your existing identity provider. We pull basic information from your IdP using the SCIM protocol or native APIs. In the smallstep console, you'll tag groups that need SSH access. When you add or remove users in one of these groups in your IdP, it will automatically flow to your entire managed fleet of hosts. No need to kick off automation flows to push key changes. Access is instantly added, changed, or revoked.
### Standard, Secure Connections
diff --git a/ssh/okta-gid-uid.mdx b/ssh/okta-gid-uid.mdx
index c7159cb7..bd906777 100644
--- a/ssh/okta-gid-uid.mdx
+++ b/ssh/okta-gid-uid.mdx
@@ -1,5 +1,5 @@
---
-updated_at: September 17, 2025
+updated_at: November 06, 2025
title: Okta UID GID Sync Guide
description: Synchronize Unix user and group IDs with Okta for SSH access. Maintain consistent identity across SSH infrastructure for unified management.
html_title: Okta UID/GID Sync for SSH Access Control
@@ -92,12 +92,12 @@ Already have UID and GID fields for your users? Skip to Step 2.
### Step 4. Verify syncing with smallstep before going into production
-* These changes should trigger a sync of the UID and GID values to the smallstep dashboard.
+* These changes should trigger a sync of the UID and GID values to the smallstep console.
* If the values do not show up, try removing and re-adding the group assignments:
* Open the **smallstep provisioning app integration** application within OKTA.
* Go to the **Assignments** tab, select **groups**, and **remove all the groups** (remember these group names).
- * Wait until the users are removed from the smallstep dashboard (a few seconds).
+ * Wait until the users are removed from the smallstep console (a few seconds).
* Then re-add the groups using the **assign** button.
- * This will trigger a push, and you will see the new uid and gid values in the smallstep dashboard.
+ * This will trigger a push, and you will see the new uid and gid values in the smallstep console.
Send an email to [support@smallstep.com.](mailto:support@smallstep.com)
diff --git a/ssh/okta.mdx b/ssh/okta.mdx
index f1b1e5ab..e46d9fa9 100644
--- a/ssh/okta.mdx
+++ b/ssh/okta.mdx
@@ -1,4 +1,5 @@
---
+updated_at: November 06, 2025
title: Okta Quickstart
description: SSH Okta Quickstart | Smallstep Documentation
---
@@ -45,7 +46,7 @@ In this quickstart, we will:
### **Step 1. Create Okta OIDC Application**
-1. Start at your Okta admin dashboard (access via "Admin" button next to "+ Add Apps" after successful log in)
+1. Start at your Okta admin console (access via "Admin" button next to "+ Add Apps" after successful log in)
2. Go to Applications → Create App Integration
3. In the pop up select "OIDC - OpenID Connect" as the sign-in method and specify "Native Application" for the Application type.
@@ -73,7 +74,7 @@ In this quickstart, we will:
* Repeat this process for any other groups you created for controlling SSH/sudo access
7. Go back to **General** tab and scroll down to "Client Credentials." You'll refer to these values in the next step.
-### Step 2. Enter your OIDC Details into the Smallstep dashboard
+### Step 2. Enter your OIDC Details into the Smallstep console
1. Open a new browser tab and log in to Smallstep: `https://smallstep.com/app/[TEAM-NAME]`
2. Navigate the Onboarding Dialog. If the dialog is not open, you can relaunch it by visiting the **Users** tab.
@@ -127,9 +128,9 @@ In this quickstart, we will:
-* Return to the Smallstep dashboard, or open a new browser tab and sign into the Smallstep dashboard: `https://smallstep.com/app/[TEAM-NAME]`
+* Return to the Smallstep console, or open a new browser tab and sign into the Smallstep console: `https://smallstep.com/app/[TEAM-NAME]`
* Navigate to the Onboarding UI → Add Your Team → SCIM Details
-* Copy **Base URL,** and **API Token** from Smallstep dashboard, and paste into Okta Provisioning form.
+* Copy **Base URL,** and **API Token** from Smallstep console, and paste into Okta Provisioning form.
* In Okta, choose **Test API Credentials**. After successful verification, choose **Save**.
diff --git a/tutorials/apple-mdm-jamf-setup-guide.mdx b/tutorials/apple-mdm-jamf-setup-guide.mdx
index 7c3fb045..a34c416c 100644
--- a/tutorials/apple-mdm-jamf-setup-guide.mdx
+++ b/tutorials/apple-mdm-jamf-setup-guide.mdx
@@ -1,5 +1,5 @@
---
-updated_at: September 17, 2025
+updated_at: November 06, 2025
title: Deploy EAP-TLS Wi-Fi certificates to Apple devices with Smallstep and Jamf Pro
html_title: Deploy EAP-TLS to Apple Devices via Jamf
description: Configure EAP-TLS Wi-Fi certificates for Apple devices using Jamf MDM. Complete guide for iOS and macOS wireless security deployment at scale.
@@ -71,7 +71,7 @@ These include a webhook URL, username and password to be used when configuring a
First, you'll need to add a SCEP Challenge webhook to your Jamf tenant configuration.
You'll only need to do this once.
-1. In the Jamf dashboard, go to `Settings` and search for `Webhooks`
+1. In the Jamf console, go to `Settings` and search for `Webhooks`
2. Click **+ New**
3. Fill out the form as follows:
- Set a descriptive name, e.g. `SCEP Challenge`
@@ -90,7 +90,7 @@ You'll only need to do this once.
Next, upload the Configuration Profile you downloaded from Smallstep, and map it to a test device.
-1. In the Jamf Dashboard, go to Configuration Profiles (for Computers or Devices)
+1. In the Jamf console, go to Configuration Profiles (for Computers or Devices)
2. Choose **Upload**.
3. **Choose File** and select the `.mobileconfig` template you downloaded from Smallstep
4. Choose the Scope tab, and select a device or user for testing. For the device to appear, the device should already be enrolled with a basic Jamf MDM profile.
@@ -126,7 +126,7 @@ Link the Certificate Trust settings for your `Wi-Fi` Payload to your RADIUS serv
### Troubleshooting
- Check the expected certificates have been deployed to the right stores on macOS: user vs. device; trusted roots; personal certificates.
- - Jamf does show some states in the dashboard and there’s a bit of logging available, but they don’t provide many details, and sometimes they’re not up-to-date.
+ - Jamf does show some states in the console and there’s a bit of logging available, but they don’t provide many details, and sometimes they’re not up-to-date.
- Logging can be found by navigating to the Configuration Profile and looking for the `Logs` option in the bottom right. You can then navigate to the right device. Check out the `History` → `Management History` tab for the device.
- Use the macOS Console application to diagnose issues. SCEP related (error) logs can be found by searching for “scep” (won’t catch all related log entries, but usually does the job). It’s also possible to follow these logs in realtime.
- The `.mobileconfig` file is a text file and sometimes it can be useful to inspect it for debugging purposes.
diff --git a/tutorials/connect-intune-to-smallstep.mdx b/tutorials/connect-intune-to-smallstep.mdx
index 74dc27e0..3e9626ec 100644
--- a/tutorials/connect-intune-to-smallstep.mdx
+++ b/tutorials/connect-intune-to-smallstep.mdx
@@ -1,5 +1,5 @@
---
-updated_at: October 28, 2025
+updated_at: November 06, 2025
title: Connect Intune to Smallstep
html_title: Connect Microsoft Intune to Smallstep Tutorial
description: Connect Microsoft Intune to Smallstep for Windows device identity. Step-by-step guide for enterprise device trust with MDM integration.
@@ -126,7 +126,7 @@ In this step, we’ll add the Smallstep Agent to Intune for distribution to devi
In this step, we’ll tie everything together by creating Windows policy to enroll devices using the Smallstep Agent.
-1. In the Smallstep dashboard, visit [Device Settings](https://smallstep.com/app/?next=/settings/devices) and choose your Intune connection.
+1. In the Smallstep console, visit [Device Settings](https://smallstep.com/app/?next=/settings/devices) and choose your Intune connection.
1. Select the **Settings** tab from the left-
2. Download the Root Certificate
3. Download the Intermediate Certificate
diff --git a/tutorials/connect-jamf-pro-to-smallstep.mdx b/tutorials/connect-jamf-pro-to-smallstep.mdx
index cd1856f6..c19e36b4 100644
--- a/tutorials/connect-jamf-pro-to-smallstep.mdx
+++ b/tutorials/connect-jamf-pro-to-smallstep.mdx
@@ -1,5 +1,5 @@
---
-updated_at: October 29, 2025
+updated_at: November 06, 2025
title: Connect Jamf Pro to Smallstep
html_title: Integrate Jamf Pro with Smallstep Tutorial
description: Integrate Jamf Pro with Smallstep for Apple device security. Complete guide for enforcing device trust in macOS and iOS environments.
@@ -151,13 +151,13 @@ Next, we’ll configure the Script we just created to run on your client devices
In this step, we’ll tie everything together by creating a managed policy to enroll devices using the Smallstep Agent.
-1. In the Smallstep dashboard, choose **Certificate Manager**
+1. In the Smallstep console, choose **Certificate Manager**
1. Select [Authorities](https://smallstep.com/app/?next=/cm/authorities)
2. Select the **Smallstep Agents** authority
3. Download the Root Certificate
4. Under the Provisioners section of the page, choose the provisioner beginning with **`integration-jamf`**
5. Temporarily save the **URL shown on the page, eg.** `https://agents.example.ca.smallstep.com/scep/integration-jamf-b967f507`
-2. In the Smallstep dashboard, choose ⚙️ **Settings**
+2. In the Smallstep console, choose ⚙️ **Settings**
1. Temporarily save the **Team Slug** value
3. In Jamf Pro, choose 🖥️ **Computers**
4. Under the **Content Management** tab, Choose **Configuration Profiles**
@@ -197,7 +197,7 @@ In this step, we’ll tie everything together by creating a managed policy to en
"TeamSlug": {
"type": "string",
"title": "Smallstep Details: Team",
- "description": "The slug for your organization's Smallstep team, available in the Smallstep dashboard under Settings.",
+ "description": "The slug for your organization's Smallstep team, available in the Smallstep console under Settings.",
"property_order": 10
},
"Certificate": {
diff --git a/tutorials/intune-mdm-setup-guide.mdx b/tutorials/intune-mdm-setup-guide.mdx
index 1d1d3cb1..cb5c4396 100644
--- a/tutorials/intune-mdm-setup-guide.mdx
+++ b/tutorials/intune-mdm-setup-guide.mdx
@@ -1,5 +1,5 @@
---
-updated_at: September 17, 2025
+updated_at: November 06, 2025
title: Deploy EAP-TLS Wi-Fi certificates to Windows devices with Smallstep and Intune
html_title: Deploy EAP-TLS Wi-Fi to Windows via Intune
description: Configure EAP-TLS Wi-Fi certificates for Windows devices using Intune MDM. Enterprise guide for secure wireless network access.
@@ -81,7 +81,7 @@ You’ve completed the App Registration setup.
## 3. Configure Smallstep
-In your Smallstep dashboard,
+In your Smallstep console,
visit the **Integrations** tab,
and choose **Intune**.
@@ -211,7 +211,7 @@ Once you've saved your profile, you'll be ready to test and verify your Wi-Fi co
# Troubleshooting
- Check the expected certificates have been deployed to the right stores on Windows: user vs. device; trusted roots; trusted intermediates; personal certificates.
- - Intune does show states in the dashboard, and you can generate reports, but they don’t provide many details, and sometimes they’re not up-to-date.
+ - Intune does show states in the console, and you can generate reports, but they don’t provide many details, and sometimes they’re not up-to-date.
- On the client side, use **Settings → Accounts → Access work or school → Info** to check the last sync status.
- You can also trigger a Sync on this screen
- Sometimes restarting Windows is required to trigger (re-)enrollment / profile deployment. This can happen if the machine has been online for a while, has been suspended for a while, etc. It may have been disconnected from WNS in this case, resulting in no notifications being received.
diff --git a/tutorials/sync-okta-users-to-smallstep.mdx b/tutorials/sync-okta-users-to-smallstep.mdx
index 9c873849..f027068e 100644
--- a/tutorials/sync-okta-users-to-smallstep.mdx
+++ b/tutorials/sync-okta-users-to-smallstep.mdx
@@ -1,5 +1,5 @@
---
-updated_at: October 23, 2025
+updated_at: November 06, 2025
title: Sync Okta Users to Smallstep
description: Smallstep Okta User SCIM synchronization
---
@@ -40,7 +40,7 @@ In this quickstart, we will:
### **Step 1. Create Okta OIDC Application**
-1. Start at your Okta admin dashboard (access via "Admin" button next to "+ Add Apps" after successful log in)
+1. Start at your Okta admin console (access via "Admin" button next to "+ Add Apps" after successful log in)
2. Go to Applications → Create App Integration
3. In the pop up select "OIDC - OpenID Connect" as the sign-in method and specify "Native Application" for the Application type.
4. New Native App Integration Page
@@ -56,7 +56,7 @@ In this quickstart, we will:
7. Assign any groups that will need access to Smallstep to the `smallstep-oidc` app
8. Go back to **General** tab and scroll down to "Client Credentials." You'll refer to these values in the next step.
-### Step 2. Enter your OIDC Details into the Smallstep dashboard
+### Step 2. Enter your OIDC Details into the Smallstep console
1. Start at [Connect an Okta IdP](https://smallstep.com/app/?next=/settings/users/identity-providers/okta/connect)
2. Copy and paste your **Client ID** and **Client Secret** from Okta.
diff --git a/tutorials/wifi-setup-guide.mdx b/tutorials/wifi-setup-guide.mdx
index fd713f69..b0b6b110 100644
--- a/tutorials/wifi-setup-guide.mdx
+++ b/tutorials/wifi-setup-guide.mdx
@@ -1,6 +1,6 @@
---
title: Configure 802.1x EAP-TLS WPA-Enterprise Wi-Fi on your Access Point
-updated_at: May 19, 2025
+updated_at: November 06, 2025
html_title: Configure your Wi-Fi Access Point to use Enterprise EAP-TLS certificate-based authentication with Smallstep
description: This tutorial describes how to set up Smallstep's certificate-based Wi-Fi on several popular Access Point models
---
@@ -146,7 +146,7 @@ For more information, see [MicroTik Documentation](https://help.mikrotik.com/doc
First, create a new RADIUS profile:
-1. On the Aerohive dashboard, go to **Configuration**→ **Common Objects**→ **Authentication**→ **External RADIUS Servers,** and click on “**+**” to create a new RADIUS server
+1. On the Aerohive console, go to **Configuration**→ **Common Objects**→ **Authentication**→ **External RADIUS Servers,** and click on “**+**” to create a new RADIUS server
2. Provide a **Name** for the server
3. Enter the RADIUS server IP address, port, and shared secret you received from Smallstep into their respective fields
4. Click **Save**
@@ -184,7 +184,7 @@ First, create a new RADIUS profile:
Next, create a new 802.1x EAP-TLS WPA-Enterprise authenticated Wi-Fi network and link your new Smallstep RADIUS profile to it.
-1. On the dashboard, go to **Configuration** → **WLAN**, then click the **+** icon to add a new WLAN
+1. On the console, go to **Configuration** → **WLAN**, then click the **+** icon to add a new WLAN
2. On the **General** tab:
1. For **Name (SSID),** enter a name for the SSID
2. For **Primary usage**, select the **Employee** option
@@ -205,7 +205,7 @@ Your new 802.1x EAP-TLS WPA-Enterprise Wi-Fi network is ready for use.
## Configure 802.1x EAP-TLS WPA-Enterprise Wi-Fi on **Meraki**
-1. On your Meraki dashboard, navigate to **Wireless** > **Configure** > **SSIDs**
+1. On your Meraki console, navigate to **Wireless** > **Configure** > **SSIDs**
2. Enable an **Unconfigured SSID**
3. Under the newly **Unconfigured SSID**, click on **rename**, name the SSID accordingly, then click **Save Changes**
4. Click on **edit settings**. This will will take you to the Access control tab for the SSID
@@ -239,7 +239,7 @@ Your new 802.1x EAP-TLS WPA-Enterprise Wi-Fi network is ready for use.
First, create a new RADIUS profile:
-1. On your Extreme Networks dashboard, navigate to **ONBOARD** > **AAA**
+1. On your Extreme Networks console, navigate to **ONBOARD** > **AAA**
2. On the Default AAA Configuration page, scroll to **RADIUS Servers**, and click **Add**
3. Provide the **RADIUS Server IP address**, **RADIUS Port**, and **Shared Secret** provided by Smallstep
4. Click **Save**
@@ -313,7 +313,7 @@ These instructions follow setup for RT-AX1800S. However you should find most cur
*Tip: To set up an 802.1x EAP-TLS Enterprise Wi-Fi WLAN on your Asus router, start with a separate dual band setup so that you have a break-glass connection to a WPA2 Password connection in the event that your settings are not allowing access to the configured band.*
-1. On the Asus Router dashboard, navigate to **Advanced Settings > Wireless**
+1. On the Asus Router console, navigate to **Advanced Settings > Wireless**
