Better error message and documentation for persistant NameID requirement with SAML on .com
What
-
When NameID is missing or changes there should be a sensible error -
We should clearly document the need for a persistent NameID -
When an account is already linked to a different identity we should have a sensible flow to allow unlinking/re-linking. -
We should have troubleshooting documentation for unlinking account.
Why
Without this Group SAML on GitLab.com is hard to set up and hard to troubleshoot in cases where NameID is initially misconfigured.
Edited by James Edwards-Jones