Final rounds of comments addressed

balena-io · Jul 10, 2024 · dd2aa45 · dd2aa45
1 parent c605e0e
commit dd2aa45
Show file tree

Hide file tree

Showing 2 changed files with 13 additions and 12 deletions.
diff --git a/pages/learn/accounts/enterprise-sso.md b/pages/learn/accounts/enterprise-sso.md
@@ -13,7 +13,7 @@ Configuring an Identity Provider (IdP) as a login method requires a one-time set
 
 ## Link a SAML Identity Provider
 
-To enable Single Sign-On (SSO) for balenaCloud organizations, you must establish a connection with your external Identity Provider (IdP). This process assumes that you have already configured a [SAML 2.0 IdP and possess an XML certificate][ms-saml] ready for upload.
+To enable Single Sign-On (SSO) for balenaCloud organizations, you must establish a connection with your external Identity Provider (IdP). BalenaCloud supports all SAML 2.0 Identity Providers, we have provided examples for Microsoft Entra ID (formerly Azure AD) and Google Workspace. This process assumes that you have already configured a [SAML 2.0 IdP and possess an XML certificate][ms-saml] ready for upload.
 
 1. To configure an Identity Provider, you must be logged in as the `Administrator` of an organization subscribed to an [Enterprise plan](https://www.balena.io/pricing).
 2. From the balenaCloud dashboard, select the [Identity Provider](https://dashboard.balena-cloud.com/identity-provider) option from the left sidebar.
@@ -53,7 +53,7 @@ Next, provide the company `SSO Identifier` supplied by your balenaCloud organiza
 <!-- TODO: Update to latest screenshot -->
 <img alt="Enable SSO modal with SSO identifier filled in." src="/img/common/saml/add-sso-identifier-merge-modal.png" width="60%">
 
-__Important:__ By activating SAML, you are transferring your personal account to a company account. The following changes will occur:
+__Important:__ By activating SAML, you are transferring your personal account to a company account, and this action is non-reversible. The following changes will occur:
 * **Your API keys will be deleted**
 * **This is a non-reversible action**
 * You will no longer be able to create new API keys
@@ -91,7 +91,7 @@ Currently, SAML authentication users cannot create API keys. If you require API
 
 <!-- NOTE: we link to this FAQ in the dashboard -->
 #### How do I delete a SAML account?
-To delete a SAML account, you must use the `sdk`. This is only necessary if you are looking to [delete your Idp](#how-do-i-delete-an-identity-provider-in-balenacloud). Removing the user from your IdP will block their balenaCloud access. 
+To delete a SAML account, you need to use the `sdk`. This step is only required if you intend to [delete your IdP](#how-do-i-delete-an-identity-provider-in-balenacloud). **Removing the user from your IdP will block their access to balenaCloud**, but their current session will remain active for up to 12 hours after their last login.
 
 __Warning:__ Ensure that there is at least one non-SAML admin user in your organization before deleting all SAML users in the Identity Providers (IdPs). Failure to do so may result in being locked out of your organization.
 

diff --git a/pages/learn/accounts/idp-setup/google-workspace-saml-setup.md b/pages/learn/accounts/idp-setup/google-workspace-saml-setup.md
@@ -1,17 +1,17 @@
 ---
-title: Configure a SAML app for Google Workspace
-excerpt: prepare your Google Workspace organization to integrate with balenaCloud
+title: SAML app for Google Workspace
+excerpt: Configure your Google Workspace organization with balenaCloud to enable SAML
 ---
 
-# Google Workspace SAML
+# Configure a SAML app for Google Workspace
 
-This guide will walk you through the steps to create a SAML Identity Provider (IdP) using Google Workspace to integrate with balenaCloud.
+This guide will walk you through the steps to create a SAML Identity Provider (IdP) using Google Workspace to integrate with balenaCloud. At the end of this guide, you can start using Single Sign-On functionality from your IdP in balenaCloud.
 
-##### Prerequisites
+## Prerequisites
 
-Access to a Google Workspace admin account capable of creating apps and users for the organization.
+1. Access to a Google Workspace admin account capable of creating apps and users for the organization.
 
-##### Steps to Create a SAML Identity Provider in Google Workspace
+## Steps
 
 1.	Access the Google Admin Console
 	* Go to [Google Admin Console Apps](https://admin.google.com/ac/apps/unified) using your Google Workspace admin account.
@@ -38,8 +38,9 @@ Access to a Google Workspace admin account capable of creating apps and users fo
 6.	Enable the SAML App
 	* In the Service Status section, ensure the new SAML app is set to `ON` for everyone or specific groups. This will those users in your organization access to login to balenaCloud via SSO.
 
-##### Final Steps
-Finally, you should a custom SAML app in your Google Workspace that looks similar to this:
+7. Finally, you should a custom SAML app in your Google Workspace that looks similar to this:
 <img alt="Download XML" src="/img/common/saml/google-workspace-saml-app-final.png" width="100%">
 
+## Conclusion
+
 Congratulations! You should now have your Identity Provider (IdP) setup, head over to the balenaCloud dashboard and follow the [instructions to link an IdP](/learn/accounts/enterprise-sso/#link-a-saml-identity-provider) by uploading the XML metadata file. Your team can then start using the Single Sign-On (SSO) functionality, allowing them to securely and seamlessly access the platform using their enterprise credentials.