From 19f9221707bb246b0bddf0cd8786c6f81ac6869d Mon Sep 17 00:00:00 2001
From: Maxime Besson <maxime.besson@worteks.com>
Date: Wed, 17 Mar 2021 11:51:32 +0100
Subject: [PATCH] Documentation for #2488

---
 doc/sources/admin/idpsaml.rst | 14 ++++++++++----
 1 file changed, 10 insertions(+), 4 deletions(-)

diff --git a/doc/sources/admin/idpsaml.rst b/doc/sources/admin/idpsaml.rst
index 88ea1876d..5cb683011 100644
--- a/doc/sources/admin/idpsaml.rst
+++ b/doc/sources/admin/idpsaml.rst
@@ -190,15 +190,21 @@ IDP Initiated mode
 The IDP Initiated URL is the SSO SAML URL with GET
 parameters:
 
--  IDPInitiated: 1
--  One of:
+- ``IDPInitiated``: ``1``
+- One of:
 
-   -  sp: SP entity ID
-   -  spConfKey: SP configuration key
+  - ``sp``: Service Provider entity ID
+  - ``spConfKey``: Service Provider configuration key
 
 For example:
 http://auth.example.com/saml/singleSignOn?IDPInitiated=1&spConfKey=simplesamlphp
 
+- Optionally, if you may also specify, in addition to ``sp`` or ``spConfKey``:
+
+  - ``spDest``: URL of Service Provider's AssertionConsumerService
+
+The URL specified in ``spDest`` *must* be present in the Service Provider metadata registered in LemonLDAP::NG. This is only useful if your Service Provider is reachable over multiple URLs.
+
 Macros
 ^^^^^^