Entra nameid changes (#14)

* adding entra nameid configuration

* revising okta copy

* tweaking Ping copy

fern/pages/idp-config-tutorials/entra.mdx

@@ -100,7 +100,46 @@ Make sure to hit *Save* toward the top of the page.
   <img src="/docs/assets/idp-assets/entra/entra9.png" />
 </Frame>
 
-Once we've completed this step, Entra knows everything it needs about the SSOReady Connection. Next, we need to supply the SSOReady app with information about Entra.
+Once we've completed this step, Entra knows everything it needs about the SSOReady Connection. Next, we need to tweak an Entra setting.
+
+### Configure SAML Connection | Tweak Entra Unique Identifier
+
+We need to make a small change to Entra's defaults. This change simply assures that SSOReady and Entra use the same unique identifier when describing your users.
+
+We'll start by pressing *Edit* toward the top right corner of the *Attributes & Claims* card. 
+
+<Frame caption="Pressing 'Edit' on Entra's 'Attributes & Claims' card">
+  <img src="/docs/assets/idp-assets/entra/entra12.png" />
+</Frame>
+
+Entra sends us to a new page that lists a few rows of settings. We're interested in the first row, labeled *Unique User Identifier (Name ID)* in the *Claim name* column. This will usually list `user.userprincipalname` in the *Value* column. 
+
+To edit this, we'll click anywhere on or between the text in this row -- not on the three dots on the right side of the row.
+<Frame caption="Selecting 'Unique User Identifier (Name ID)' as the setting we'd like to change">
+  <img src="/docs/assets/idp-assets/entra/entra13.png" />
+</Frame>
+
+We'll land on a new page with a *Manage claim* header toward the top. We're interested in editing the *Source attribute*, so we'll click the dropdown to see other options.
+
+<Frame caption="Triggering the dropdown for 'Source attribute'">
+  <img src="/docs/assets/idp-assets/entra/entra14.png" />
+</Frame>
+
+From the dropdown menu, we'll select `user.mail`.  
+
+<Frame caption="Selecting `user.mail` from the dropdown menu">
+  <img src="/docs/assets/idp-assets/entra/entra15.png" />
+</Frame>
+
+Once that's done, we'll click the *SAML-based sign-on* link from the page's breadcrumbs, which will return us to the same SAML confuration page from before.
+
+Our next step will have us entering details about Entra into SSOReady.
+
+<Frame caption="Returning to the SAML configuration page">
+  <img src="/docs/assets/idp-assets/entra/entra16.png" />
+</Frame>
+
+
 
 
 ### Configure SAML Connection | Enter Entra details in SSOReady

fern/pages/idp-config-tutorials/okta.mdx

@@ -81,11 +81,11 @@ We'll want to select *I'm an Okta customer adding an internal app*, skip the rem
 
 */}
 
-<Frame caption="This is mildly annoying, but oh well">
+<Frame caption="Selecting 'I'm an Okta customer adding an internal app'">
   <img src="/docs/assets/idp-assets/okta/okta8.png" />
 </Frame>
 
-Okay, **now** we can enter Okta data into SSOReady. The previous step will have routed us to a page with your application's name at the top. 
+Now we can enter Okta data into SSOReady. The previous step will have routed us to a page with your application's name at the top. 
 
 From here, we need to scroll down a bit and hit *More details*. It's not always easy to see. 
 

fern/pages/idp-config-tutorials/ping.mdx

@@ -1,16 +1,16 @@
 ---
 title: 'SSO with Ping Identity'
-description: 'How to set up SSOReady connections with Ping Identity'
+description: 'How to set up SSOReady connections with PingOne'
 --- 
 
 {/* ==================================================== */}
 {/*                       Ping Identity                           */}
 {/* ==================================================== */}
 
 <Steps>
-### Creating an application in Ping Identity
+### Creating an application in PingOne
 
-We'll start our Ping Identity setup from your customer's administrator home page. Exactly how this looks will vary. Our example uses a newly provisioned account and therefore shows an onboarding guide; your customers' admin pages will look different in most cases.
+We'll start our PingOne setup from your customer's administrator home page. Exactly how this looks will vary. Our example uses a newly provisioned account and therefore shows an onboarding guide; your customers' admin pages will look different in most cases.
 
 Nonetheless, we'll always start by hitting *Applications* > *Applications* in the left navigation bar. This will take us to a new page.
 
@@ -32,7 +32,7 @@ Ping wants us to assign the Application an *Application Name*. Our choice of nam
 
 Then we need to tell Ping that our Application uses SAML. Click the card that reads *SAML Application*. You may notice that this changes the text on the blue button below from *Save* to *Configure*.
 
-<Frame caption="Hitting 'Telling Ping we want a SAML Application">
+<Frame caption="Telling Ping we want a SAML Application">
   <img src="/docs/assets/idp-assets/ping/ping3.png" />
 </Frame>
 
@@ -94,7 +94,7 @@ SSOReady requires a *Certificate* from Ping. You'll find the appropriate uploade
 
 We'll find this by clicking the *Download Signing Certificate* button and selecting *X509 PEM (.crt)* from the menu. 
 
-We'll see a `.crt` file begin to download. If the file has a long and non-descriptive name, that is normal. 
+We'll see a `.crt` file begin to download. The file may have a long and non-descriptive name; that is normal. 
 
 We'll then upload the file to SSOReady as-is, which allows us to move to the next step.
 
@@ -135,7 +135,7 @@ Here, we'll see three headers: *Attributes*, *PingOne Mappings*, and *Required*.
   <img src="/docs/assets/idp-assets/ping/ping14.png" />
 </Frame>
 
-Finally, we'll hit *Save* and the bottom. 
+Finally, we'll hit *Save* at the bottom of the page. 
 
 <Frame caption="Hitting 'Save' to finish our set-up">
   <img src="/docs/assets/idp-assets/ping/ping15.png" />