Change SAML instructions to not use email for NameID

[asmclean]

What are you changing in this pull request and why?

This updates the documentation to no longer instruct admins to configure email addresses as the SAML name identifier (NameID) for users. Instead, they are encouraged to pick a value that is stable across email address changes. Specific recommendations are made for Okta, OneLogin, and Entra ID. Google Workspace does not, as best I can find, offer a value as part of the default user profile that is suitable.

This will allow admins to change users' email addresses in the IdP, and dbt Cloud will no longer see the user as a new user on the next login. That is currently what happens, it requires manual effort from CSEs and engineers to get users access to the proper user in dbt Cloud again.

Checklist

• I have reviewed the Content style guide so my content adheres to these guidelines.
• The topic I'm writing about is for specific dbt version(s) and I have versioned it according to the version a whole page and/or version a block of content guidelines.
• I have added checklist item(s) to this list for anything anything that needs to happen before this PR is merged, such as "needs technical review" or "change base branch."
• The content in this PR requires a dbt release note, so I added one to the release notes page.

[vercel]

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name	Status	Preview	Updated (UTC)
docs-getdbt-com	✅ Ready (Inspect)	Visit Preview	Dec 12, 2024 11:28pm