Update documentation and release notes for GitHub Enterprise Server's private beta of SCIM (#33986)

Co-authored-by: Hirsch Singhal <1666363+hpsin@users.noreply.github.com>

Author: mattpollard

content/admin/identity-and-access-management/using-saml-for-enterprise-iam/configuring-user-provisioning-with-scim-for-your-enterprise.md

@@ -53,11 +53,7 @@ If there is no existing account with a matching username on the instance, the us
 
 {% ifversion scim-for-ghes %}
 
-{% note %}
-
-**Note**: During SAML authentication, some environments may use a value other than `NameID` as the unique identifying claim. Currently, if you use SCIM provisioning, custom mappings for SAML user attributes are not supported.
-
-{% endnote %}
+During SAML authentication, some environments may use a value other than `NameID` as the unique identifying claim. If your environment does not use `NameID` to identify users, a site administrator can configure custom user attributes for the instance. {% data variables.product.product_name %} will respect this mapping when SCIM is configured. {% ifversion ghes = 3.6 or ghes = 3.7 %} Custom mappings are supported in {% data variables.product.product_name %} 3.6.5 or 3.7.2 and later.{% endif %} For more information about mapping user attributes, see "[Configuring SAML single sign-on for your enterprise](/admin/identity-and-access-management/using-saml-for-enterprise-iam/configuring-saml-single-sign-on-for-your-enterprise#configuring-saml-sso)."
 
 {% endif %}
 

data/release-notes/enterprise-server/3-6/0.yml

@@ -309,6 +309,7 @@ sections:
     - |
       GitHub Pages builds may time out on instances in AWS that are configured for high availability. [Updated: 2022-11-28]
     - '{% data reusables.release-notes.babeld-max-threads-performance-issue %}'
+    - '{% data reusables.release-notes.scim-custom-mappings-known-issue %}'
 
   deprecations:
     - heading: Changes to supported SSH algorithms

data/release-notes/enterprise-server/3-6/1.yml

@@ -36,3 +36,4 @@ sections:
     - |
       GitHub Pages builds may time out on instances in AWS that are configured for high availability. [Updated: 2022-11-28]
     - '{% data reusables.release-notes.babeld-max-threads-performance-issue %}'
+    - '{% data reusables.release-notes.scim-custom-mappings-known-issue %}'

data/release-notes/enterprise-server/3-6/2.yml

@@ -45,4 +45,5 @@ sections:
     - '{% data reusables.release-notes.2022-09-hotpatch-issue %}'
     - |
       GitHub Pages builds may time out on instances in AWS that are configured for high availability. [Updated: 2022-11-28]
-    - '{% data reusables.release-notes.babeld-max-threads-performance-issue %}'
+    - '{% data reusables.release-notes.babeld-max-threads-performance-issue %}'
+    - '{% data reusables.release-notes.scim-custom-mappings-known-issue %}'

data/release-notes/enterprise-server/3-6/3.yml

@@ -55,3 +55,4 @@ sections:
     - |
       GitHub Pages builds may time out on instances in AWS that are configured for high availability. [Updated: 2022-11-28]
     - '{% data reusables.release-notes.babeld-max-threads-performance-issue %}'
+    - '{% data reusables.release-notes.scim-custom-mappings-known-issue %}'

data/release-notes/enterprise-server/3-6/4.yml

@@ -40,3 +40,4 @@ sections:
 
       If you suspect a problem like this exists in one of your repositories, [contact GitHub Enterprise Support](/support/contacting-github-support/creating-a-support-ticket) for assistance.
     - '{% data reusables.release-notes.babeld-max-threads-performance-issue %}'
+    - '{% data reusables.release-notes.scim-custom-mappings-known-issue %}'

data/release-notes/enterprise-server/3-6/5.yml

@@ -24,7 +24,8 @@ sections:
   changes:
     - To avoid failing domain verification due to the 63-character limit enforced by DNS providers for DNS records, the GitHub-generated `TXT` record to verify domain ownership is now limited to 63 characters. 
     - After an enterprise owner enables Dependabot alerts, GitHub Enterprise Server enqueues the synchronization of advisory data to ensure hourly updates from GitHub.com. 
-    - A user's list of recently accessed repositories no longer includes deleted repositories. 
+    - A user's list of recently accessed repositories no longer includes deleted repositories.
+    - '{% data reusables.release-notes.scim-custom-mappings-supported-change %}'
   known_issues:
     - On a freshly set up {% data variables.product.prodname_ghe_server %} instance without any users, an attacker could create the first admin user.
     - Custom firewall rules are removed during the upgrade process.
@@ -42,3 +43,4 @@ sections:
 
       If you suspect a problem like this exists in one of your repositories, [contact GitHub Enterprise Support](/support/contacting-github-support/creating-a-support-ticket) for assistance.
     - '{% data reusables.release-notes.babeld-max-threads-performance-issue %}'
+    - '{% data reusables.release-notes.scim-saml-tokens-known-issue %}'

data/release-notes/enterprise-server/3-7/2.yml

@@ -22,8 +22,9 @@ sections:
     - Fixes a bug in which a GHES log file could get filled very quickly and cause the root drive to run out of free space.
     - When viewing code scanning results for Ruby, an erroneous beta label appeared.
   changes:
-    - After an enterprise owner enables Dependabot alerts, GitHub Enterprise Server enqueues the synchronization of advisory data to ensure hourly updates from GitHub.com.
+    - After an enterprise owner enables Dependabot alerts, GitHub Enterprise Server enqueues the synchronization of advisory data to ensure hourly updates from GitHub.com. 
     - A user's list of recently accessed repositories no longer includes deleted repositories.
+    - '{% data reusables.release-notes.scim-custom-mappings-supported-change %}'
   known_issues:
     - On a freshly set up {% data variables.product.prodname_ghe_server %} instance without any users, an attacker could create the first admin user.
     - Custom firewall rules are removed during the upgrade process.
@@ -42,6 +43,7 @@ sections:
       If you suspect a problem like this exists in one of your repositories, [contact GitHub Enterprise Support](/support/contacting-github-support/creating-a-support-ticket) for assistance.
     - '{% data reusables.release-notes.babeld-max-threads-performance-issue %}'
     - '{% data reusables.release-notes.new-subdomains-missing-from-management-console %}'
+    - '{% data reusables.release-notes.scim-saml-tokens-known-issue %}'
   deprecations:
     # https://github.com/github/enterprise-releases/issues/3217
     - |

data/reusables/release-notes/scim-custom-mappings-known-issue.md

@@ -0,0 +1 @@
+For participants in the private beta of SCIM for GitHub Enterprise Server, custom mappings for SAML user attributes are not supported in this release. Custom mappings are supported in GitHub Enterprise Server 3.6.5 or 3.7.5 and later. [Updated: 2023-02-27]

data/reusables/release-notes/scim-custom-mappings-supported-change.md

@@ -0,0 +1 @@
+For participants in the private beta of SCIM for GitHub Enterprise Server, custom mappings for SAML user attributes are now supported. Custom mappings allow the use of a value other than `NameID` as the unique identifying claim during SAML authentication. For more information, see "[Configuring user provisioning with SCIM for your enterprise](/admin/identity-and-access-management/using-saml-for-enterprise-iam/configuring-user-provisioning-with-scim-for-your-enterprise#about-identities-and-claims)." [Updated: 2023-02-27]