From f7ee6d831876937a3541cd6342fae688355ffaaf Mon Sep 17 00:00:00 2001
From: Blair Lunceford <blunceford@gitlab.com>
Date: Tue, 9 Apr 2019 02:59:32 +0000
Subject: [PATCH] Update Okta configuration notes

---
 doc/administration/auth/okta.md | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/doc/administration/auth/okta.md b/doc/administration/auth/okta.md
index 638405126a5..aa4e1b0d2e0 100644
--- a/doc/administration/auth/okta.md
+++ b/doc/administration/auth/okta.md
@@ -92,18 +92,23 @@ Now that the Okta app is configured, it's time to enable it in GitLab.
 1.  Add the provider configuration.
 
       >**Notes:**
+      >
       >- Change the value for `assertion_consumer_service_url` to match the HTTPS endpoint
          of GitLab (append `users/auth/saml/callback` to the HTTPS URL of your GitLab
          installation to generate the correct value).
+      >   
       >- To get the `idp_cert_fingerprint` fingerprint, first download the
          certificate from the Okta app you registered and then run:
          `openssl x509 -in okta.cert -noout -fingerprint`. Substitute `okta.cert`
          with the location of your certificate.
+      >
       >- Change the value of `idp_sso_target_url`, with the value of the
          **Identity Provider Single Sign-On URL** from the step when you
          configured the Okta app.
-      >- Change the value of `issuer` to a unique name, which will identify the application
+      >     
+      >- Change the value of `issuer` to the value of the **Audience Restriction** from your Okta app configuration. This will identify GitLab
          to the IdP.
+      >     
       >- Leave `name_identifier_format` as-is.
 
     **For Omnibus GitLab installations**