From 26df59af02ad810d12e4ffabcc7ee254c43ea760 Mon Sep 17 00:00:00 2001
From: Anamika Aggarwal <anamikaagg18@gmail.com>
Date: Tue, 22 Jul 2025 16:30:19 +0000
Subject: [PATCH] Add SAML Integration doc to setup secrets file

---
 docs/en/SUMMARY.md        |  2 +-
 docs/en/features/oauth.md | 11 ++++++++---
 docs/es/SUMMARY.md        |  2 +-
 docs/es/features/oauth.md | 11 ++++++++---
 4 files changed, 18 insertions(+), 8 deletions(-)

diff --git a/docs/en/SUMMARY.md b/docs/en/SUMMARY.md
index 93217e4ab..244fcf54c 100644
--- a/docs/en/SUMMARY.md
+++ b/docs/en/SUMMARY.md
@@ -44,7 +44,7 @@
   * [Tests](customization/tests.md)
 
 * [Technical Features](features/features.md)
-  * [OAuth](features/oauth.md)
+  * [Authentication with external services (OAuth)](features/oauth.md)
   * [GraphQL](features/graphql.md)
   * [Debates and proposals recommendations](features/recommendations.md)
   * [Configure Census Connection](features/census_configuration.md)
diff --git a/docs/en/features/oauth.md b/docs/en/features/oauth.md
index af5a3617f..9aa6593e1 100644
--- a/docs/en/features/oauth.md
+++ b/docs/en/features/oauth.md
@@ -1,10 +1,10 @@
-# OAuth
+# Authentication with external services (OAuth)
 
-You can configure authentication services with external OAuth providers, right now Twitter, Facebook, Google and Wordpress are supported.
+You can configure authentication services with external OAuth providers. Right now, Twitter, Facebook, Google, Wordpress and SAML are supported.
 
 ## 1. Create an App on the platform
 
-For each platform, go to their developers section and follow their guides to create an app.
+For Twitter, Facebook, Google and Wordpress, go to their developers section and follow their guides to create an app. For SAML, you'll have to configure an Identity Provider (IdP).
 
 ## 2. Set the authentication URL of your Consul Democracy installation
 
@@ -19,6 +19,8 @@ user_google_oauth2_omniauth_authorize GET|POST /users/auth/google_oauth2(.:forma
 user_google_oauth2_omniauth_callback GET|POST /users/auth/google_oauth2/callback(.:format) users/omniauth_callbacks#google_oauth2
 user_wordpress_oauth2_omniauth_authorize GET|POST /users/auth/wordpress_oauth2(.:format) users/omniauth_callbacks#passthru
 user_wordpress_oauth2_omniauth_callback GET|POST /users/auth/wordpress_oauth2/callback(.:format) users/omniauth_callbacks#wordpress_oauth2
+user_saml_omniauth_authorize GET|POST /users/auth/saml(.:format) users/omniauth_callbacks#passthru
+user_saml_omniauth_callback GET|POST /users/auth/saml/callback(.:format) users/omniauth_callbacks#saml
 ```
 
 So for example the URL for Facebook application would be `yourdomain.com/users/auth/facebook/callback`.
@@ -37,4 +39,7 @@ When you complete the application registration you'll get a *key* and *secret* v
   wordpress_oauth2_key: ""
   wordpress_oauth2_secret: ""
   wordpress_oauth2_site: ""
+  saml_sp_entity_id: "https://yoursp.org/entityid"
+  saml_idp_metadata_url: "https://youridp.org/api/saml/metadata"
+  saml_idp_sso_service_url: "https://youridp.org/api/saml/sso"
 ```
diff --git a/docs/es/SUMMARY.md b/docs/es/SUMMARY.md
index 16eb41c87..18ef06383 100644
--- a/docs/es/SUMMARY.md
+++ b/docs/es/SUMMARY.md
@@ -44,7 +44,7 @@
   * [Tests](customization/tests.md)
 
 * [Funcionalidades Técnicas](features/features.md)
-  * [OAuth](features/oauth.md)
+  * [Autenticación con servicios externos (OAuth)](features/oauth.md)
   * [GraphQL](features/graphql.md)
   * [Recomendaciones de debates y propuestas](features/recommendations.md)
   * [Configurar conexión con el Censo](features/census_configuration.md)
diff --git a/docs/es/features/oauth.md b/docs/es/features/oauth.md
index 1c6056dd5..62debfb90 100644
--- a/docs/es/features/oauth.md
+++ b/docs/es/features/oauth.md
@@ -1,10 +1,10 @@
-# OAuth
+# Autenticación con servicios externos (OAuth)
 
-Puedes configurar la autenticación con servicios externos usando OAuth, actualmente se pueden utilizar Twitter, Facebook, Google y Wordpress.
+Puedes configurar la autenticación con servicios externos usando OAuth. Actualmente, se pueden utilizar Twitter, Facebook, Google, Wordpress y SAML.
 
 ## 1. Crea una aplicación en la plataforma
 
-Para cada plataforma, sigue las instrucciones en la sección de desarrolladores de su página web.
+Para Twitter, Facebook, Google y Wordpress, sigue las instrucciones en la sección de desarrolladores de su página web. Para SAML, tendrás que configurar tu propio proveedor de identidad (IdP).
 
 ## 2. Establece la URL de autenticación de tu instalación de Consul Democracy
 
@@ -19,6 +19,8 @@ user_google_oauth2_omniauth_authorize GET|POST /users/auth/google_oauth2(.:forma
 user_google_oauth2_omniauth_callback GET|POST /users/auth/google_oauth2/callback(.:format) users/omniauth_callbacks#google_oauth2
 user_wordpress_oauth2_omniauth_authorize GET|POST /users/auth/wordpress_oauth2(.:format) users/omniauth_callbacks#passthru
 user_wordpress_oauth2_omniauth_callback GET|POST /users/auth/wordpress_oauth2/callback(.:format) users/omniauth_callbacks#wordpress_oauth2
+user_saml_omniauth_authorize GET|POST /users/auth/saml(.:format) users/omniauth_callbacks#passthru
+user_saml_omniauth_callback GET|POST /users/auth/saml/callback(.:format) users/omniauth_callbacks#saml
 ```
 
 Por ejemplo para Facebook la URL sería `yourdomain.com/users/auth/facebook/callback`.
@@ -37,4 +39,7 @@ Cuando completes el registro de la aplicación en su plataforma te darán un *ke
   wordpress_oauth2_key: ""
   wordpress_oauth2_secret: ""
   wordpress_oauth2_site: ""
+  saml_sp_entity_id: "https://tusp.org/entityid"
+  saml_idp_metadata_url: "https://tuidp.org/api/saml/metadata"
+  saml_idp_sso_service_url: "https://tuidp.org/api/saml/sso"
 ```