Add latest changes from gitlab-org/gitlab@master

3 files changed, 15 insertions, 5 deletions

diff --git a/doc/user/application_security/vulnerability_report/index.md b/doc/user/application_security/vulnerability_report/index.md
index 7493eb0e891..4ae8f239f9b 100644
--- a/doc/user/application_security/vulnerability_report/index.md
+++ b/doc/user/application_security/vulnerability_report/index.md
@@ -202,11 +202,11 @@ apply to the export.
 
 Fields included are:
 
+- Status (See the following table for details of how the status value is exported.)
 - Group name
 - Project name
 - Tool
 - Scanner name
-- Status
 - Vulnerability
 - Basic details
 - Additional information
@@ -227,6 +227,16 @@ Full details are available through our
 Use one of the `gl-*-report.json` report filenames in place of `*artifact_path`
 to obtain, for example, the path of files in which vulnerabilities were detected.
 
+The Status field's values shown in the vulnerability report are different to those contained
+in the vulnerability export. Use the following reference table to match them.
+
+| Vulnerability report | Vulnerability export |
+|:---------------------|:---------------------|
+| Needs triage         | detected             |
+| Dismissed            | dismissed            |
+| Resolved             | resolved             |
+| Confirmed            | confirmed            |
+
 ### Export details in CSV format
 
 To export details of all vulnerabilities listed in the Vulnerability Report, select **Export**.
diff --git a/doc/user/group/saml_sso/troubleshooting.md b/doc/user/group/saml_sso/troubleshooting.md
index 8fc0c48a78c..1e7de8143e9 100644
--- a/doc/user/group/saml_sso/troubleshooting.md
+++ b/doc/user/group/saml_sso/troubleshooting.md
@@ -366,10 +366,10 @@ This error appears when the SAML response does not contain the user's email addr
 </Attribute>
 ```
 
-Attribute names starting with phrases such as `http://schemas.microsoft.com/ws/2008/06/identity/claims/` like in the following example are not supported. Remove this type of attribute name from the SAML response on the IDP side.
+Attribute names starting with phrases such as `http://schemas.xmlsoap.org/ws/2005/05/identity/claims` and `http://schemas.microsoft.com/ws/2008/06/identity/claims/` are supported.
 
 ```xml
-<Attribute Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/email">
+<Attribute Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/emailaddress">
   <AttributeValue>user@domain.com‹/AttributeValue>
 </Attribute>
 ```
diff --git a/doc/user/profile/personal_access_tokens.md b/doc/user/profile/personal_access_tokens.md
index 4684cbd070b..7a616bc7ec9 100644
--- a/doc/user/profile/personal_access_tokens.md
+++ b/doc/user/profile/personal_access_tokens.md
@@ -143,9 +143,9 @@ Personal access tokens expire on the date you define, at midnight, 00:00 AM UTC.
   [maximum allowed lifetime for the token](../../administration/settings/account_and_limit_settings.md#limit-the-lifetime-of-access-tokens).
   If the maximum allowed lifetime is not set, the default expiry date is 365 days from the date of creation.
 
-### Service Accounts
+### Create a service account personal access token with no expiry date
 
-You can [create a personal access token for a service account](../../api/groups.md#create-personal-access-token-for-service-account-user) with no expiry date.
+You can [create a personal access token for a service account](../../api/groups.md#create-personal-access-token-for-service-account-user) with no expiry date. These personal access tokens never expire, unlike non-service account personal access tokens.
 
 NOTE:
 Allowing personal access tokens for service accounts to be created with no expiry date only affects tokens created after you change this setting. It does not affect existing tokens.