From 4519d6323e8d2831b1e96906ff883a28a150867c Mon Sep 17 00:00:00 2001
From: Rounak Dhillon <162090200+RounakDhillon@users.noreply.github.com>
Date: Mon, 31 Mar 2025 18:28:43 +0530
Subject: [PATCH] Docs: Principal Domain Pointer Updation (#20516)

Co-authored-by: Rounak Dhillon <rounakdhillon@Rounaks-MacBook-Air.local>
Co-authored-by: Prajwal214 <167504578+Prajwal214@users.noreply.github.com>
---
 .../content/v1.6.x/deployment/security/basic-auth/index.md      | 2 +-
 .../v1.7.x-SNAPSHOT/deployment/security/basic-auth/index.md     | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/openmetadata-docs/content/v1.6.x/deployment/security/basic-auth/index.md b/openmetadata-docs/content/v1.6.x/deployment/security/basic-auth/index.md
index 8139d8ca369..e756e853ab3 100644
--- a/openmetadata-docs/content/v1.6.x/deployment/security/basic-auth/index.md
+++ b/openmetadata-docs/content/v1.6.x/deployment/security/basic-auth/index.md
@@ -73,7 +73,7 @@ For the Basic auth we need to set:
 
 - `adminPrincipals`: admin usernames to bootstrap the server with, comma-separated values.
 - `allowedEmailRegistrationDomains`: This controls what all domain are allowed for email registration can be your {principalDomain} as well, for example gmail.com, outlook.comm etc.
-- `principalDomain`: This controls what all domain are allowed for email registration, for example gmail.com, outlook.comm etc.
+- `principalDomain`: This controls what all domain are allowed for email registration, for example gmail.com, outlook.comm etc. When `AUTHORIZER_ENFORCE_PRINCIPAL_DOMAIN` is set to `true`, only users with email addresses from the `AUTHORIZER_PRINCIPAL_DOMAIN` can log in.
 
 {%note%}
 
diff --git a/openmetadata-docs/content/v1.7.x-SNAPSHOT/deployment/security/basic-auth/index.md b/openmetadata-docs/content/v1.7.x-SNAPSHOT/deployment/security/basic-auth/index.md
index 1e65e1fed99..14fa11930c3 100644
--- a/openmetadata-docs/content/v1.7.x-SNAPSHOT/deployment/security/basic-auth/index.md
+++ b/openmetadata-docs/content/v1.7.x-SNAPSHOT/deployment/security/basic-auth/index.md
@@ -73,7 +73,7 @@ For the Basic auth we need to set:
 
 - `adminPrincipals`: admin usernames to bootstrap the server with, comma-separated values.
 - `allowedEmailRegistrationDomains`: This controls what all domain are allowed for email registration can be your {principalDomain} as well, for example gmail.com, outlook.comm etc.
-- `principalDomain`: This controls what all domain are allowed for email registration, for example gmail.com, outlook.comm etc.
+- `principalDomain`: This controls what all domain are allowed for email registration, for example gmail.com, outlook.comm etc. When `AUTHORIZER_ENFORCE_PRINCIPAL_DOMAIN` is set to `true`, only users with email addresses from the `AUTHORIZER_PRINCIPAL_DOMAIN` can log in.
 
 {%note%}