update saml IdP reference troubleshooting section with required permi…

…ssions based on customer feedback, added required permissions to view SAML apps to the troubleshooting guide
gravitational · Mar 21, 2024 · b102ca2 · b102ca2
1 parent 8b09380
commit b102ca2
Showing 1 changed file with 13 additions and 1 deletion.
diff --git a/docs/pages/access-controls/idps/saml-reference.mdx b/docs/pages/access-controls/idps/saml-reference.mdx
@@ -159,10 +159,22 @@ service provider. You can verify this by looking for a log entry in Teleport's l
 
 If the Teleport server returns a `Not Found`, make sure that none of the roles belonging
 to your user have SAML IdP access explicitly disabled. In the `options` section of each
-of the user roles, look for the `idp` section for the `saml` access to be disabled.
+of the user roles, look for the `idp` section for the `saml` access to be disabled.  Also,
+ensure the user's role allows the `list` and `read` action for the `saml_idp_service_provider`
+resource.
 
 ```yaml
 ...
+spec:
+  allow:
+    ...
+    rules:
+    - resources:
+      - saml_idp_service_provider
+      verbs:
+      - list
+      - read
+...
 options:
     ...
     idp: