[v13] update saml IdP troubleshooting section with required permissio…

…ns (#39706) * update saml IdP reference troubleshooting section with required permissions based on customer feedback, added required permissions to view SAML apps to the troubleshooting guide * Update docs/pages/access-controls/idps/saml-reference.mdx Co-authored-by: Sakshyam Shah <[email protected]> --------- Co-authored-by: Sakshyam Shah <[email protected]>
gravitational · Mar 22, 2024 · 584cede · 584cede
1 parent 8b09380
commit 584cede
Showing 1 changed file with 13 additions and 1 deletion.
diff --git a/docs/pages/access-controls/idps/saml-reference.mdx b/docs/pages/access-controls/idps/saml-reference.mdx
@@ -159,10 +159,22 @@ service provider. You can verify this by looking for a log entry in Teleport's l
 
 If the Teleport server returns a `Not Found`, make sure that none of the roles belonging
 to your user have SAML IdP access explicitly disabled. In the `options` section of each
-of the user roles, look for the `idp` section for the `saml` access to be disabled.
+of the user roles, look for the `idp` section for the `saml` access to be disabled. Also,
+ensure the user's role allows the `list` and `read` action for the `saml_idp_service_provider`
+resource.
 
 ```yaml
 ...
+spec:
+  allow:
+    ...
+    rules:
+    - resources:
+      - saml_idp_service_provider
+      verbs:
+      - list
+      - read
+...
 options:
     ...
     idp: