Added SiteMinder docs. Initial commit

Author: eugeniop

docs/siteminder.md

@@ -0,0 +1,67 @@
+---
+title: SiteMinder
+layout: doc.nosidebar
+---
+# Configuring SiteMinder as an Identity Provider
+
+Most options are the default values. These are the most important configuration parameters you will need:
+
+* __EntityID:__ `urn:auth0:@@account.tenant@@`
+* __Assertion Consumer Service URL:__ `https://@@account.namespace@@/login/callback`
+* __Logout URL:__ `https://@@account.namespace@@/logout`
+* __HTTP-Redirect__ binding for SAML Request
+* __HTTP-POST__ binding for SAML Response
+
+The instructions below will guide you into where these values need to be entered in SiteMinder.
+
+###1. Open the SAML Service Provider Dialog 
+
+Provide an appropriate name for the Auth0 connection:
+
+![](img/siteminder-users.png)
+
+We suggest using:
+
+* __Name:__ `@@account.tenant@@`
+
+###2. Defining NameID
+
+You can define many ways of generating a `NameIdentifier` for users authenticating with SiteMinder. Typically you will map this value to one of the user properties in the User Directory as `uid` in the example blow:
+
+![](img/siteminder-nameids.png)
+
+###3. Configure the Service Provider General SAML properties
+
+Use the following values for this configuration screen:
+
+* __SP ID:__ `urn:auth0:@@account.tenant@@`
+* __SAML Version:__ `2.0`
+* __Skew Time:__ `30 seconds`
+
+![](img/siteminder-general.png)
+
+###4. Configure the Assertion Consumer Service URL
+
+The __Assertion Consumer Service URL__ is the location where SiteMinder will POST back the SAML Token. This Service Provider (@@account.tenant@@) only supports the `HTTP-POST` binding for SAML Responses. Use these values:
+
+* __Assertion Consumer Service:__ `https://@@account.namespace@@/login/callback`
+* __HTTP-Post__: `checked`
+
+###5. Configure additional user properties to send in the token
+
+Add any other properties you wish to share about the authenticated user to this Service Provider. Common values are: `name`, `lastname`, `e-mail address`, etc. This Service Provider will use the `NameIdentifier` defined in step 2 as a unique handle of the user. These attributes will be treated as reference information:
+
+![](img/siteminder-attributes.png)
+
+###6. Enter the Single Sign Out URL
+
+* __SLO Location URL:__ `https://@@account.namespace@@/logout`
+
+![](img/siteminder-slo.png)
+
+###7. Optional Assertion Encryption
+
+The Service Provider supports encryption of Assertions. If this option is used, __[download the SP public key certificate]()__ and add it to the __Policy Server Keystore__.
+
+![](img/siteminder-encryption.png)
+

docs/yandex-clientid.md

@@ -14,12 +14,15 @@ Log in into Yandex and [create a new app](https://oauth.yandex.ru/client/new):
 
 Complete the form:
 
-![](img/yandex-register-app.png)
+![](img/yandex-create-app.png)
 
 The callback address for your app should be:
 
 	https://@@account.namespace@@/login/callback
 
+
+Notice that `scopes` in Yandex are defined in this screen. Select what kind of information you are requesting for your app.
+
 ---
 
 ##3. Get your Application ID and Application Password