From a8522c60c411108958321f28ef0692dde395718d Mon Sep 17 00:00:00 2001
From: Isabel Suchanek <isabel@pulumi.com>
Date: Thu, 2 Jan 2025 16:23:34 -0800
Subject: [PATCH] Add docs on SAML admin

---
 .../pulumi-cloud/access-management/saml/sso.md   | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)

diff --git a/content/docs/pulumi-cloud/access-management/saml/sso.md b/content/docs/pulumi-cloud/access-management/saml/sso.md
index aee93fba3825..d7f39f5d1aec 100644
--- a/content/docs/pulumi-cloud/access-management/saml/sso.md
+++ b/content/docs/pulumi-cloud/access-management/saml/sso.md
@@ -89,6 +89,22 @@ Example of the `AuthnStatement` element with session lifetime configured:
 
 If `SessionNotOnAfter` isn't specified, then the Pulumi Cloud will use the default session lifetime of 12 hours.
 
+## SAML Admin
+
+A SAML admin can log in to your Pulumi organization using an alternative login method. This ensures someone can always log in to your organization to help resolve errors with the SAML configuration.
+
+Whoever configures SAML for your organization is automatically made the SAML admin. To change the SAML admin:
+
+1. Navigate to **Settings** > **Access Management**.
+1. In the **SAML SSO** section, select the **SAML Admin** button.
+1. Select a new SAML admin from the list.
+
+{{% notes type="info" %}}
+Only organization admins can be SAML admins. If you want to designate a member or billing manager as the SAML admin, you will first need to change their role to admin, then make them a SAML admin.
+{{% /notes %}}
+
+Only one SAML admin per organization is supported at this time.
+
 ## Troubleshooting
 
 ### Validation error while trying to save an IdP-provided metadata XML in the Pulumi Cloud