diff --git a/doc/administration/audit_event_types.md b/doc/administration/audit_event_types.md
index 86d8e9e170611739c52de8f84059e28435b8f285..ca2b7271d62e8e84b051e6abae63cc1f43c9845d 100644
--- a/doc/administration/audit_event_types.md
+++ b/doc/administration/audit_event_types.md
@@ -156,7 +156,7 @@ Audit event types belong to the following product categories.
| [`retain_approvals_on_push_updated`](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/102256) | Event triggered on updating require new approvals when new commits are added to an MR from group merge request setting| **{check-circle}** Yes | **{check-circle}** Yes | GitLab [15.6](https://gitlab.com/gitlab-org/gitlab/-/issues/373949) |
| [`saml_group_links_created`](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/110525) | Event triggered when a SAML Group Link is created| **{check-circle}** Yes | **{check-circle}** Yes | GitLab [15.9](https://gitlab.com/gitlab-org/gitlab/-/issues/373954) |
| [`saml_group_links_removed`](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/110525) | Event triggered when a SAML Group Link is destroyed| **{check-circle}** Yes | **{check-circle}** Yes | GitLab [15.9](https://gitlab.com/gitlab-org/gitlab/-/issues/373954) |
-| [`smartcard_authentication_created`](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/8120) | Event triggered when a user authenticates with smartcard| **{check-circle}** Yes | **{check-circle}** Yes | GitLab [16.0](https://gitlab.com/gitlab-org/gitlab/-/issues/726) |
+| [`smartcard_authentication_created`](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/8120) | Event triggered when a user authenticates with a smart card| **{check-circle}** Yes | **{check-circle}** Yes | GitLab [16.0](https://gitlab.com/gitlab-org/gitlab/-/issues/726) |
| [`update_approval_rules`](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/89939) | Event triggered on updating a merge approval rule| **{check-circle}** Yes | **{check-circle}** Yes | GitLab [15.2](https://gitlab.com/gitlab-org/gitlab/-/issues/363092) |
| [`update_compliance_framework`](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/74292) | Triggered when a compliance framework is updated| **{check-circle}** Yes | **{check-circle}** Yes | GitLab [14.6](https://gitlab.com/gitlab-org/gitlab/-/issues/340649) |
| [`update_status_check`](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/84624) | Event triggered when an external status check is updated| **{check-circle}** Yes | **{check-circle}** Yes | GitLab [15.9](https://gitlab.com/gitlab-org/gitlab/-/issues/355805) |
diff --git a/doc/administration/auth/index.md b/doc/administration/auth/index.md
index ea8b420c26b20c318602af157712276005560c0a..f95f836062910927531158ed27eaa7de2cfdc5ee 100644
--- a/doc/administration/auth/index.md
+++ b/doc/administration/auth/index.md
@@ -18,7 +18,7 @@ and the following external authentication and authorization providers:
and 389 Server.
- [Google Secure LDAP](ldap/google_secure_ldap.md)
- [SAML for GitLab.com groups](../../user/group/saml_sso/index.md)
-- [Smartcard](smartcard.md)
+- [Smart card](smartcard.md)
NOTE:
UltraAuth has removed their software which supports OmniAuth integration. We have therefore removed all references to UltraAuth integration.
@@ -32,7 +32,7 @@ For more information, see the links shown on this page for each external provide
|-------------------------------------------------|-----------------------------------------|------------------------------------|
| **User Provisioning** | SCIM<br>SAML <sup>1</sup> | LDAP <sup>1</sup><br>SAML <sup>1</sup><br>[OmniAuth Providers](../../integration/omniauth.md#supported-providers) <sup>1</sup><br>SCIM |
| **User Detail Updating** (not group management) | Not Available | LDAP Sync |
-| **Authentication** | SAML at top-level group (1 provider) | LDAP (multiple providers)<br>Generic OAuth 2.0<br>SAML (only 1 permitted per unique provider)<br>Kerberos<br>JWT<br>Smartcard<br>[OmniAuth Providers](../../integration/omniauth.md#supported-providers) (only 1 permitted per unique provider) |
+| **Authentication** | SAML at top-level group (1 provider) | LDAP (multiple providers)<br>Generic OAuth 2.0<br>SAML (only 1 permitted per unique provider)<br>Kerberos<br>JWT<br>Smart card<br>[OmniAuth Providers](../../integration/omniauth.md#supported-providers) (only 1 permitted per unique provider) |
| **Provider-to-GitLab Role Sync** | SAML Group Sync | LDAP Group Sync<br>SAML Group Sync ([GitLab 15.1](https://gitlab.com/gitlab-org/gitlab/-/issues/285150) and later) |
| **User Removal** | SCIM (remove user from top-level group) | LDAP (remove user from groups and block from the instance)<br>SCIM |
diff --git a/doc/administration/auth/smartcard.md b/doc/administration/auth/smartcard.md
index 7bf28758fa6aaff96ee06f1f2ad08eca181851e6..7c17953bb02295c892b7863f091e45b2736053ba 100644
--- a/doc/administration/auth/smartcard.md
+++ b/doc/administration/auth/smartcard.md
@@ -4,22 +4,22 @@ group: Authentication
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://handbook.gitlab.com/handbook/product/ux/technical-writing/#assignments
---
-# Smartcard authentication
+# Smart card authentication
DETAILS:
**Tier:** Premium, Ultimate
**Offering:** Self-managed
-GitLab supports authentication using smartcards.
+GitLab supports authentication using smart cards.
## Existing password authentication
> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/33669) in GitLab 12.6.
-By default, existing users can continue to sign in with a username and password when smartcard
+By default, existing users can continue to sign in with a username and password when smart card
authentication is enabled.
-To force existing users to use only smartcard authentication,
+To force existing users to use only smart card authentication,
[disable username and password authentication](../settings/sign_in_restrictions.md#password-authentication-enabled).
## Authentication methods
@@ -34,12 +34,11 @@ GitLab supports two authentication methods:
> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/726) in GitLab 11.6 as an experimental feature.
WARNING:
-Smartcard authentication against local databases may change or be removed completely in future
-releases.
+Smart card authentication against local databases may change or be removed completely in future releases.
-Smartcards with X.509 certificates can be used to authenticate with GitLab.
+Smart cards with X.509 certificates can be used to authenticate with GitLab.
-To use a smartcard with an X.509 certificate to authenticate against a local
+To use a smart card with an X.509 certificate to authenticate against a local
database with GitLab, `CN` and `emailAddress` must be defined in the
certificate. For example:
@@ -60,14 +59,14 @@ Certificate:
> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/8605) in GitLab 12.3.
-Smartcards with X.509 certificates using SAN extensions can be used to authenticate
+Smart cards with X.509 certificates using SAN extensions can be used to authenticate
with GitLab.
NOTE:
-This is an experimental feature. Smartcard authentication against local databases may
+This is an experimental feature. Smart card authentication against local databases may
change or be removed completely in future releases.
-To use a smartcard with an X.509 certificate to authenticate against a local
+To use a smart card with an X.509 certificate to authenticate against a local
database with GitLab, in:
- GitLab 12.4 and later, at least one of the `subjectAltName` (SAN) extensions
@@ -101,7 +100,7 @@ Certificate:
### Authentication against an LDAP server
-> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/7693) in GitLab 11.8 as an experimental feature. Smartcard authentication against an LDAP server may change or be removed completely in the future.
+> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/7693) in GitLab 11.8 as an experimental feature. Smart card authentication against an LDAP server may change or be removed completely in the future.
GitLab implements a standard way of certificate matching following
[RFC4523](https://www.rfc-editor.org/rfc/rfc4523). It uses the
@@ -116,14 +115,14 @@ Active Directory doesn't support the `certificateExactMatch` matching rule so
[it is not supported at this time](https://gitlab.com/gitlab-org/gitlab/-/issues/327491). For
more information, see [the relevant issue](https://gitlab.com/gitlab-org/gitlab/-/issues/328074).
-## Configure GitLab for smartcard authentication
+## Configure GitLab for smart card authentication
For Linux package installations:
1. Edit `/etc/gitlab/gitlab.rb`:
```ruby
- # Allow smartcard authentication
+ # Allow smart card authentication
gitlab_rails['smartcard_enabled'] = true
# Path to a file containing a CA certificate
@@ -215,9 +214,9 @@ For self-compiled installations:
1. Edit `config/gitlab.yml`:
```yaml
- ## Smartcard authentication settings
+ ## Smart card authentication settings
smartcard:
- # Allow smartcard authentication
+ # Allow smart card authentication
enabled: true
# Path to a file containing a CA certificate
@@ -251,7 +250,7 @@ For Linux package installations:
For self-compiled installations:
-1. Add the `san_extensions` line to `config/gitlab.yml` within the smartcard section:
+1. Add the `san_extensions` line to `config/gitlab.yml` within the smart card section:
```yaml
smartcard:
@@ -276,7 +275,7 @@ For Linux package installations:
gitlab_rails['ldap_servers'] = YAML.load <<-EOS
main:
# snip...
- # Enable smartcard authentication against the LDAP server. Valid values
+ # Enable smart card authentication against the LDAP server. Valid values
# are "false", "optional", and "required".
smartcard_auth: optional
EOS
@@ -295,7 +294,7 @@ For self-compiled installations:
servers:
main:
# snip...
- # Enable smartcard authentication against the LDAP server. Valid values
+ # Enable smart card authentication against the LDAP server. Valid values
# are "false", "optional", and "required".
smartcard_auth: optional
```
@@ -303,7 +302,7 @@ For self-compiled installations:
1. Save the file and [restart](../restart_gitlab.md#self-compiled-installations)
GitLab for the changes to take effect.
-### Require browser session with smartcard sign-in for Git access
+### Require browser session with smart card sign-in for Git access
For Linux package installations:
@@ -321,19 +320,19 @@ For self-compiled installations:
1. Edit `config/gitlab.yml`:
```yaml
- ## Smartcard authentication settings
+ ## Smart card authentication settings
smartcard:
# snip...
- # Browser session with smartcard sign-in is required for Git access
+ # Browser session with smart card sign-in is required for Git access
required_for_git_access: true
```
1. Save the file and [restart](../restart_gitlab.md#self-compiled-installations)
GitLab for the changes to take effect.
-## Passwords for users created via smartcard authentication
+## Passwords for users created via smart card authentication
-The [Generated passwords for users created through integrated authentication](../../security/passwords_for_integrated_authentication_methods.md) guide provides an overview of how GitLab generates and sets passwords for users created via smartcard authentication.
+The [Generated passwords for users created through integrated authentication](../../security/passwords_for_integrated_authentication_methods.md) guide provides an overview of how GitLab generates and sets passwords for users created via smart card authentication.
<!-- ## Troubleshooting
diff --git a/doc/subscriptions/gitlab_dedicated/index.md b/doc/subscriptions/gitlab_dedicated/index.md
index c27f5c0faf020a218b4e66b2ea13e5614d3655ac..d3a9266f3d06807a251523490203d6b8ed8b9d6c 100644
--- a/doc/subscriptions/gitlab_dedicated/index.md
+++ b/doc/subscriptions/gitlab_dedicated/index.md
@@ -141,7 +141,7 @@ To help you migrate your data to GitLab Dedicated, you can choose from the follo
The following GitLab application features are not available:
-- LDAP, Smartcard, or Kerberos authentication
+- LDAP, smart card, or Kerberos authentication
- Multiple login providers
- GitLab Pages
- FortiAuthenticator, or FortiToken 2FA