inAppSessionAuth
String |
- Use the app's internal browser for SSO instead of an external browser. From Mattermost v10.2 and mobile v2.2.1, deprecated in favor of the mobile external browser server configuration setting. |
+ Use the app's internal browser for SSO instead of an external browser. From Mattermost v10.2 and mobile v2.2.1, deprecated in favor of the mobile external browser server configuration setting. |
Default: false
Valid: true | false |
 |
|
diff --git a/source/deployment-guide/mobile/distribute-custom-mobile-apps.rst b/source/deployment-guide/mobile/distribute-custom-mobile-apps.rst
index 3c82858a549..6f9624d047a 100644
--- a/source/deployment-guide/mobile/distribute-custom-mobile-apps.rst
+++ b/source/deployment-guide/mobile/distribute-custom-mobile-apps.rst
@@ -29,7 +29,7 @@ URL schema limitations
If you are building your own version of Mattermost's mobile client, you need to be aware of the following limitations:
-- To allow users to simultaneously run the App Store versions of Mattermost, in addition to the custom company version, you will need to adapt the URL schemes used for the app in the build, as well as configure those schemes on the server using :ref:`App Custom URL Schemes `
+- To allow users to simultaneously run the App Store versions of Mattermost, in addition to the custom company version, you will need to adapt the URL schemes used for the app in the build, as well as configure those schemes on the server using :ref:`App Custom URL Schemes `
- Be aware that the ``bundleid`` for the application should not include ``rnbeta``.
- The same change would be required in a custom build of the Mattermost desktop app.
- The mobile and desktop custom clients would no longer be able to log into other Mattermost servers (unless they had the same custom app schema configuration change applied).
diff --git a/source/deployment-guide/mobile/mobile-faq.rst b/source/deployment-guide/mobile/mobile-faq.rst
index 8917044fa1c..0582ff0922f 100644
--- a/source/deployment-guide/mobile/mobile-faq.rst
+++ b/source/deployment-guide/mobile/mobile-faq.rst
@@ -77,7 +77,7 @@ This means if you use the Mattermost apps from the `Apple App Store ` documentation for details.
+ The use of push notifications with iOS and Android applications will require a moment where the contents of push notifications are visible and unencrypted by a server controlled by either Apple or Google. This is standard for any iOS or Android app. For this reason, there is an option available in Mattermost Enterprise to omit the contents of Mattermost messages from push notifications, or to configure message contents to be fetched from the server when notifications reach the device. See our :ref:`Configuration Settings ` documentation for details.
Is TLS v1.3 supported?
----------------------
@@ -99,7 +99,7 @@ The following post metadata is sent in all push notifications:
- ``Category`` (iOS only, determines if the notifications can be replied to)
- ``Badge number`` (what the notification badge on the app icon should be set to when the notification is received)
-Additional metadata may be sent depending on the System Console setting for :ref:`Push Notification Contents `:
+Additional metadata may be sent depending on the System Console setting for :ref:`Push Notification Contents `:
- **Generic description with sender and channel names**: ``Channel name`` metadata will be included.
- **Full message content sent in the notification payload**: ``Post content`` and ``Channel name`` metadata will be included.
@@ -112,7 +112,7 @@ When it comes to mobile data privacy, many organizations prioritize secure handl
This poses a potential risk for organizations that operate under strict compliance requirements and cannot expose message data to external entities. To solve this, we offer an option for greater protection for Mattermost push notification message data by only sending a unique message ID in the notification payload rather than the full message data (available in Mattermost Enterprise). Once the device receives the ID, it then fetches the message content directly from the server and displays the notification per usual.
-External entities, such as APNS and FCM, handle only the ID and are unable to read any part of the message itself. If your organization has strict privacy or compliance needs, the :ref:`ID-Only Push Notification ` setting offers a high level of privacy while still allowing your team members to benefit from mobile push notifications.
+External entities, such as APNS and FCM, handle only the ID and are unable to read any part of the message itself. If your organization has strict privacy or compliance needs, the :ref:`ID-Only Push Notification ` setting offers a high level of privacy while still allowing your team members to benefit from mobile push notifications.
The following payload shows an example of the json that is transmitted to the push notification service when using the ID-Only setting:
@@ -163,7 +163,7 @@ The following options are available for securing your push notification service:
1. Protecting notification contents
- - You can :ref:`choose what type of information to include in push notifications `, such as excluding the message contents if your compliance policies require it. Default server settings have message contents turned off.
+ - You can :ref:`choose what type of information to include in push notifications `, such as excluding the message contents if your compliance policies require it. Default server settings have message contents turned off.
2. Disabling push notifications
@@ -179,7 +179,7 @@ The following options are available for securing your push notification service:
4. Securing apps installed through the Apple App Store and Google Play:
- - When using Mattermost mobile apps from the App Store and Google Play, purchase an annual subscription to Mattermost Enterprise or Professional to use Mattermost's :ref:`Hosted Push Notification Service (HPNS) `.
+ - When using Mattermost mobile apps from the App Store and Google Play, purchase an annual subscription to Mattermost Enterprise or Professional to use Mattermost's :ref:`Hosted Push Notification Service (HPNS) `.
.. note::
@@ -209,7 +209,7 @@ Mattermost enables customers with high privacy and custom security requirements
How do I host the Mattermost push notification service?
-------------------------------------------------------
-First, you can use the :ref:`Mattermost Hosted Push Notification Service (HPNS) `. Organizations can also :doc:`host their own push proxy server ` instead. This is applicable when you want to:
+First, you can use the :ref:`Mattermost Hosted Push Notification Service (HPNS) `. Organizations can also :doc:`host their own push proxy server ` instead. This is applicable when you want to:
1. Customize the Mattermost mobile apps;
2. Deploy your own push notification service, or
@@ -299,7 +299,7 @@ How do I connect users across internal and external networks?
By setting up global network traffic management, you can send a user to an internal or external network when connecting with a mobile app. Moreover, you can have two separate layers of restrictions on internal and external traffic, such as:
- In the internal network, deploy on a private network via per device VPN.
- - In the external network, deploy with :doc:`TLS mutual auth ` with an NGINX proxy, and :doc:`client-side certificates ` for desktop and iOS.
+ - In the external network, deploy with :doc:`TLS mutual auth ` with an NGINX proxy, and :doc:`client-side certificates ` for desktop and iOS.
Many services such as Microsoft Azure provide options for `managing network traffic `_, or you can engage a services partner to assist.
@@ -353,7 +353,7 @@ You will need to `whitelist one subdomain and one port from Apple `__ or `Google Play Store `__ and connect with the :ref:`Mattermost Hosted Push Notification Service (HPNS) ` through your corporate proxy.
+You can use the mobile applications hosted by Mattermost in the `Apple App Store `__ or `Google Play Store `__ and connect with the :ref:`Mattermost Hosted Push Notification Service (HPNS) ` through your corporate proxy.
.. note::
@@ -388,7 +388,7 @@ Since the ``deviceId`` relates to the application, connections through the web b
Where can I find mobile message notification logs?
-------------------------------------------------------------
Notification messages are logged to the ``notifications.log`` file.
-System admins must enable notification logs in the ``config.json`` file by setting ``EnableFile`` to ``true``, and specifying an optional file location via ``FileLocation``. When no location is configured, the ``notifications.log`` file is stored in the default Mattermost directory. See the :ref:`logging configuration settings ` documentation for details.
+System admins must enable notification logs in the ``config.json`` file by setting ``EnableFile`` to ``true``, and specifying an optional file location via ``FileLocation``. When no location is configured, the ``notifications.log`` file is stored in the default Mattermost directory. See the :ref:`logging configuration settings ` documentation for details.
The team members / users can access their notification logs based on their device platform.
Android users can view the logs using ``logcat``.
diff --git a/source/deployment-guide/mobile/mobile-security-features.rst b/source/deployment-guide/mobile/mobile-security-features.rst
index 441198c1e20..106e2f28070 100644
--- a/source/deployment-guide/mobile/mobile-security-features.rst
+++ b/source/deployment-guide/mobile/mobile-security-features.rst
@@ -14,7 +14,7 @@ Mattermost leverages built-in checks from the Expo framework to identify jailbro
- On **Android**, the app looks for the presence of known jailbreak/root binaries, such as the ``su`` binary in ``/system/xbin/su``, which is a common indicator that the device has been rooted to allow unauthorized elevated access.
- On **iOS**, the detection process involves checking for unusual apps (e.g., Cydia), modified system paths, and testing whether the app can alter protected system files—all signs that the device may be jailbroken.
-See the :ref:`jailbreak/root protection configuration setting ` documentation for details on enabling this feature.
+See the :ref:`jailbreak/root protection configuration setting ` documentation for details on enabling this feature.
.. note::
@@ -25,7 +25,7 @@ Biometric authentication
Mattermost integrates with iOS Face ID/Touch ID and Android’s Biometric API. When enabled by the server administrator, biometric checks are required before accessing specific servers, and the Mattermost mobile app mandates that a device PIN or biometric lock is active.
-See the :ref:`biometric authentication configuration setting ` documentation for details on enabling this feature and the user workflows in which users must authenticate.
+See the :ref:`biometric authentication configuration setting ` documentation for details on enabling this feature and the user workflows in which users must authenticate.
.. note::
@@ -40,7 +40,7 @@ Preventing screenshots and screen recordings protects sensitive information from
- On **Android**, the app utilizes the FLAG_SECURE flag to block screen captures and recordings.
-See the :ref:`prevent screen capture configuration setting ` documentation for details on enabling this feature.
+See the :ref:`prevent screen capture configuration setting ` documentation for details on enabling this feature.
.. note::
@@ -51,7 +51,7 @@ Secure file previews
Preventing file downloads protects sensitive information from being inadvertently or maliciously shared. This control is essential in ensuring that confidential documents and media remain within the secure confines of the app. By enabling in-app previews for supported file types and restricting downloads, Mattermost significantly reduces the risk of data leakage while maintaining essential file-viewing capabilities.
-See the :ref:`secure file preview ` and :ref:`managing PDF link navigation ` configuration settings documentation for details on enabling these features.
+See the :ref:`secure file preview ` and :ref:`managing PDF link navigation ` configuration settings documentation for details on enabling these features.
Mobile data isolation
------------------------
diff --git a/source/deployment-guide/mobile/mobile-troubleshooting.rst b/source/deployment-guide/mobile/mobile-troubleshooting.rst
index 2f7d659ead8..21e4584be17 100644
--- a/source/deployment-guide/mobile/mobile-troubleshooting.rst
+++ b/source/deployment-guide/mobile/mobile-troubleshooting.rst
@@ -75,7 +75,7 @@ For example:
[...]
}
-See our :ref:`Configuration Settings ` documentation for details on configuring the connection string to the master database.
+See our :ref:`Configuration Settings ` documentation for details on configuring the connection string to the master database.
Testing mobile push notifications
----------------------------------
diff --git a/source/deployment-guide/mobile/secure-mobile-file-storage.rst b/source/deployment-guide/mobile/secure-mobile-file-storage.rst
index e65b137cf14..38a8db03856 100644
--- a/source/deployment-guide/mobile/secure-mobile-file-storage.rst
+++ b/source/deployment-guide/mobile/secure-mobile-file-storage.rst
@@ -24,7 +24,7 @@ iOS – app sandbox
- Non-image and non-video files are rendered using secure frameworks such as QLPreviewController. This controller displays file previews within the app’s sandbox, ensuring that raw file data isn’t exposed to external processes.
- Supported image and video files are previewed directly within the app, with the files downloaded to the app's cache folder located within its secure sandbox. For unsupported image and video formats, the Mattermost mobile app uses the QLPreviewController framework, just as it does for other file types.
- - If the file format is also unsupported by QLPreviewController and :ref:`mobile downloads are enabled ` on the server, users can download the file to a location of their choosing. However, if mobile downloads are disabled, these files become unavailable to the user.
+ - If the file format is also unsupported by QLPreviewController and :ref:`mobile downloads are enabled ` on the server, users can download the file to a location of their choosing. However, if mobile downloads are disabled, these files become unavailable to the user.
- **Official references:**
@@ -42,7 +42,7 @@ Android – scoped storage
- **Secure file viewing:**
- When users attempt to view non-image/video files, Mattermost uses an ``Intent.ACTION_VIEW`` to open the file. This intent delegates rendering to an external app only if the user explicitly triggers the action, while the file remains securely stored within Mattermost’s cache folder.
- - Viewing non-image/video files is available only if :ref:`mobile downloads are enabled ` on the server.
+ - Viewing non-image/video files is available only if :ref:`mobile downloads are enabled ` on the server.
- Image and video files with supported formats are previewed directly within the app, with the files downloaded to the app's cache folder located within its secure sandbox. For unsupported image and video formats, the Mattermost mobile app uses ``Intent.ACTION_VIEW`` to open the file with an external application, just as it does for other file types.
- **Official reference:**
@@ -56,7 +56,7 @@ Differentiating file handling to external applications
- **Previewing files:**
- File previewing follows the secure viewing practices described above in the “Secure File Viewing” sections for iOS and Android. All files prior to being previewed are stored in the cache folder of the Mattermost app sandbox. Images and videos with supported formats are previewed directly within the Mattermost mobile app. Non‑image and non‑video files are also previewed in-app in iOS but are handed off to an external application in Android while the raw data remains securely stored in the app’s cache. Previewing non-image/non-video files is possible only if :ref:`mobile downloads are enabled ` on the server side.
+ File previewing follows the secure viewing practices described above in the “Secure File Viewing” sections for iOS and Android. All files prior to being previewed are stored in the cache folder of the Mattermost app sandbox. Images and videos with supported formats are previewed directly within the Mattermost mobile app. Non‑image and non‑video files are also previewed in-app in iOS but are handed off to an external application in Android while the raw data remains securely stored in the app’s cache. Previewing non-image/non-video files is possible only if :ref:`mobile downloads are enabled ` on the server side.
- **Downloading files:**
@@ -88,7 +88,7 @@ Core defense pillars
- **Robust authentication:** Mattermost requires user authentication through SSO (e.g., SAML, LDAP, OpenID Connect) or traditional username/password logins. This authentication is managed by server-side identity controls, ensuring that only verified users can access the app and its data. For more details, see the `Mattermost Security Overview `_.
-- **Server-side access controls:** Administrators can enforce policies through the System Console to restrict file downloads, sharing, and public link generation. Currently, policies are applied at the server level. For more details, see `Configuration Settings - File Sharing and Downloads `_.
+- **Server-side access controls:** Administrators can enforce policies through the System Console to restrict file downloads, sharing, and public link generation. Currently, policies are applied at the server level. For more details, see `Configuration Settings - File Sharing and Downloads `_.
- **Sandbox isolation:** As discussed earlier, Mattermost’s mobile apps store files in a sandboxed environment. This isolation ensures that even if a device is shared or compromised, other apps cannot access the cached files without explicit user action.
diff --git a/source/deployment-guide/postgres-migration-assist-tool.rst b/source/deployment-guide/postgres-migration-assist-tool.rst
index b7a6c04a745..e6181984172 100644
--- a/source/deployment-guide/postgres-migration-assist-tool.rst
+++ b/source/deployment-guide/postgres-migration-assist-tool.rst
@@ -158,7 +158,7 @@ In your ``config.json`` or via environment variables, update:
"DataSource": "postgres://mmuser:pass@db:5432/mattermost?sslmode=disable"
}
-If your config was stored in the database, update ``MM_CONFIG`` accordingly. See the :ref:`environment configuration settings ` documentation for details.
+If your config was stored in the database, update ``MM_CONFIG`` accordingly. See the :ref:`environment configuration settings ` documentation for details.
.. note::
If your Mattermost deployment was initially configured with MySQL, there's a good chance your systemd service file has a ``BindsTo=mysql.service`` directive in it. This will cause the Mattermost server to be shut down if you deactivate your MySQL service. To fix this, update all references to ``mysql.service`` in your service file to use ``postgresql.service`` instead. This is only an issue if your Database and Mattermost are running on the same system.
diff --git a/source/deployment-guide/server/air-gapped-deployment.rst b/source/deployment-guide/server/air-gapped-deployment.rst
index 593c37c1ed6..6da19e83556 100644
--- a/source/deployment-guide/server/air-gapped-deployment.rst
+++ b/source/deployment-guide/server/air-gapped-deployment.rst
@@ -377,12 +377,12 @@ When deploying Mattermost in an air-gapped environment, there are configuration
Mobile push notifications
~~~~~~~~~~~~~~~~~~~~~~~~~~
-Mattermost can use mobile push notifications to notify users of new messages and activity. These notifications require a server component to be deployed to send the notifications to the mobile devices. By default, Mattermost will use the public push notification service which is not available in an air-gapped environment. We recommend :ref:`disabling push notifications ` in **System Console > Environment > Push Notification Server**.
+Mattermost can use mobile push notifications to notify users of new messages and activity. These notifications require a server component to be deployed to send the notifications to the mobile devices. By default, Mattermost will use the public push notification service which is not available in an air-gapped environment. We recommend :ref:`disabling push notifications ` in **System Console > Environment > Push Notification Server**.
Website link previews
~~~~~~~~~~~~~~~~~~~~~~~
-Website link previews require a connection to the internet to fetch the content of the links. We recommend :ref:`disabling website link previews ` in **System Console > Site Configuration > Posts**.
+Website link previews require a connection to the internet to fetch the content of the links. We recommend :ref:`disabling website link previews ` in **System Console > Site Configuration > Posts**.
Additional considerations
---------------------------
diff --git a/source/deployment-guide/server/containers/install-aws-beanstalk.rst b/source/deployment-guide/server/containers/install-aws-beanstalk.rst
index d2d00bf41c2..8510466442a 100644
--- a/source/deployment-guide/server/containers/install-aws-beanstalk.rst
+++ b/source/deployment-guide/server/containers/install-aws-beanstalk.rst
@@ -26,6 +26,6 @@ The Elastic Beanstalk application creation process below combines Application an
Enable Email (Recommended)
-----------------------------
-The default Docker instance for Mattermost is designed for product evaluation, and sets ``SendEmailNotifications=false`` so the product can function without enabling email. To see the product's full functionality, we recommend :doc:`enabling SMTP email `.
+The default Docker instance for Mattermost is designed for product evaluation, and sets ``SendEmailNotifications=false`` so the product can function without enabling email. To see the product's full functionality, we recommend :doc:`enabling SMTP email `.
-See :doc:`Configuration Settings ` documentation for more configuration and customization options for your deployment.
\ No newline at end of file
+See :doc:`Configuration Settings ` documentation for more configuration and customization options for your deployment.
\ No newline at end of file
diff --git a/source/deployment-guide/server/containers/install-docker.rst b/source/deployment-guide/server/containers/install-docker.rst
index be328f2de77..c9645833bed 100644
--- a/source/deployment-guide/server/containers/install-docker.rst
+++ b/source/deployment-guide/server/containers/install-docker.rst
@@ -200,9 +200,9 @@ Looking for a way to evaluate Mattermost on a single local machine using Docker?
.. important::
- - This local image is self-contained (i.e., it has an internal database and works out of the box). Dropping a container using this image removes data and configuration as expected. You can see the :doc:`configuration settings ` documentation to learn more about customizing your trial deployment.
+ - This local image is self-contained (i.e., it has an internal database and works out of the box). Dropping a container using this image removes data and configuration as expected. You can see the :doc:`configuration settings ` documentation to learn more about customizing your trial deployment.
- **Preview Mode** shouldn't be used in a production environment, as it uses a known password string, contains other non-production configuration settings, has email disabled, keeps no persistent data (all data lives inside the container), and doesn't support upgrades.
- - If you are planning to use the calling functionality in **Preview Mode** on a non-local environment, you should ensure that the server is running on a secure (HTTPs) connection and that the :ref:`network requirements ` to run calls are met.
+ - If you are planning to use the calling functionality in **Preview Mode** on a non-local environment, you should ensure that the server is running on a secure (HTTPs) connection and that the :ref:`network requirements ` to run calls are met.
1. Install `Docker `__.
@@ -213,13 +213,13 @@ Looking for a way to evaluate Mattermost on a single local machine using Docker?
docker run --name mattermost-preview -d --publish 8065:8065 --publish 8443:8443 mattermost/mattermost-preview
3. When Docker is done fetching the image, navigate to ``http://localhost:8065/`` in your browser to preview Mattermost.
-4. Select **Don't have an account** in the top right corner of the screen to create an account for your preview instance. If you don't see this option, ensure that the :ref:`Enable open server ` configuration setting is enabled. This setting is disabled for self-hosted Mattermost deployments by default.
+4. Select **Don't have an account** in the top right corner of the screen to create an account for your preview instance. If you don't see this option, ensure that the :ref:`Enable open server ` configuration setting is enabled. This setting is disabled for self-hosted Mattermost deployments by default.
5. Log in to your preview instance with your user credentials.
Troubleshooting your preview deployment
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-The **Preview Mode** Docker instance for Mattermost is designed for product evaluation, and sets ``SendEmailNotifications=false`` so the product can function without enabling email. See the :doc:`Configuration Settings ` documentation to customize your deployment.
+The **Preview Mode** Docker instance for Mattermost is designed for product evaluation, and sets ``SendEmailNotifications=false`` so the product can function without enabling email. See the :doc:`Configuration Settings ` documentation to customize your deployment.
To update your Mattermost preview image and container, you must first stop and delete your existing **mattermost-preview** container by running the following commands:
diff --git a/source/deployment-guide/server/deploy-kubernetes.rst b/source/deployment-guide/server/deploy-kubernetes.rst
index 4cc24161b4e..069e0725bd6 100644
--- a/source/deployment-guide/server/deploy-kubernetes.rst
+++ b/source/deployment-guide/server/deploy-kubernetes.rst
@@ -8,7 +8,7 @@ Mattermost server can be deployed on various Kubernetes platforms, providing a s
.. tip::
- To learn how to safely upgrade your deployment in Kubernetes for High Availability with Active/Active support, see the :doc:`Upgrading Mattermost in Kubernetes and High Availability Environments ` documenation.
+ To learn how to safely upgrade your deployment in Kubernetes for High Availability with Active/Active support, see the :doc:`Upgrading Mattermost in Kubernetes and High Availability Environments ` documenation.
Platform
--------
diff --git a/source/deployment-guide/server/image-proxy.rst b/source/deployment-guide/server/image-proxy.rst
index 653c0d4847a..a91c4055e54 100644
--- a/source/deployment-guide/server/image-proxy.rst
+++ b/source/deployment-guide/server/image-proxy.rst
@@ -17,7 +17,7 @@ The local image proxy is available as part of the Mattermost server deployment.
.. note::
- With the local image proxy enabled, requests for images hosted on the local network are now affected by the ``AllowUntrustedInternalConnections`` setting. See :ref:`documentation ` for more information or if you are seeing unintentionally blocked images.
+ With the local image proxy enabled, requests for images hosted on the local network are now affected by the ``AllowUntrustedInternalConnections`` setting. See :ref:`documentation ` for more information or if you are seeing unintentionally blocked images.
.. _atmos-camo:
diff --git a/source/deployment-guide/server/kubernetes/deploy-k8s.rst b/source/deployment-guide/server/kubernetes/deploy-k8s.rst
index 85d76d66aa5..24b00552742 100644
--- a/source/deployment-guide/server/kubernetes/deploy-k8s.rst
+++ b/source/deployment-guide/server/kubernetes/deploy-k8s.rst
@@ -11,7 +11,7 @@ Before you begin, ensure you have the following:
* A functioning Kubernetes cluster (see the `Kubernetes setup guide `__). Your cluster should be running a `supported Kubernetes version `__.
* The `kubectl` command-line tool installed on your local machine (see the `kubectl installation guide `__).
* A fundamental understanding of Kubernetes concepts, such as deployments, pods, and applying manifests.
-* Sufficient Kubernetes resources allocated based on your expected user load. Consult the :ref:`scaling for Enterprise ` documentation for resource requirements at different scales.
+* Sufficient Kubernetes resources allocated based on your expected user load. Consult the :ref:`scaling for Enterprise ` documentation for resource requirements at different scales.
Installation steps
~~~~~~~~~~~~~~~~~~
@@ -68,7 +68,7 @@ Step 3: Deploy Mattermost
.. note::
- A Mattermost Enterprise license is required for multi-server deployments.
- - For single-server deployments without an Enterprise license, add ``Replicas: 1`` to the ``spec`` section in step 2 below. See the :doc:`high availability documentation ` for more on highly-available deployments.
+ - For single-server deployments without an Enterprise license, add ``Replicas: 1`` to the ``spec`` section in step 2 below. See the :doc:`high availability documentation ` for more on highly-available deployments.
1. **(Mattermost Enterprise only)** Create a Mattermost license secret. Create a file named ``mattermost-license-secret.yaml`` with the following content, replacing ``[LICENSE_FILE_CONTENTS]`` with your actual license:
@@ -249,7 +249,7 @@ This command can be used to review the Mattermost Operator or Mattermost server
- If you're new to Kubernetes or prefer a managed solution, consider using a service like `Amazon EKS `_, `Azure Kubernetes Service `_, `Google Kubernetes Engine `_, or `DigitalOcean Kubernetes `_.- While this guidance focuses on using external, managed services for your database and file storage, the Mattermost Operator *does* offer the flexibility to use other solutions. For example, you could choose to deploy a PostgreSQL database within your Kubernetes cluster using the CloudNative PG operator (or externally however you wish), or use a self-hosted MinIO instance for object storage.
- While using managed cloud services is generally simpler to maintain and our recommended approach for production deployments, using self-managed services like MinIO for storage and CloudNative PG for PostgreSQL are also valid options if you have the expertise to manage them.
- If you choose to use self-managed components, you'll need to adapt the instructions accordingly, pointing to your internal services instead.
- - To customize your production deployment, refer to the :doc:`configuration settings documentation `.
+ - To customize your production deployment, refer to the :doc:`configuration settings documentation `.
- If you encounter issues during deployment, consult the :doc:`deployment troubleshooting guide `.
Frequently Asked Questions
diff --git a/source/deployment-guide/server/linux/deploy-rhel.rst b/source/deployment-guide/server/linux/deploy-rhel.rst
index ce752f337d2..b1a9f6f3c8a 100644
--- a/source/deployment-guide/server/linux/deploy-rhel.rst
+++ b/source/deployment-guide/server/linux/deploy-rhel.rst
@@ -237,7 +237,7 @@ The final step, depending on your requirements, is to run sudo ``systemctl enabl
Step 6: Update the server
~~~~~~~~~~~~~~~~~~~~~~~~~
-Updating your Mattermost Server installation when using the tarball requires several manual steps. See the :doc:`upgrade Mattermost Server ` documentation for details.
+Updating your Mattermost Server installation when using the tarball requires several manual steps. See the :doc:`upgrade Mattermost Server ` documentation for details.
Remove Mattermost
-----------------
diff --git a/source/deployment-guide/server/linux/deploy-tar.rst b/source/deployment-guide/server/linux/deploy-tar.rst
index 4af9af37134..d4c50584e97 100644
--- a/source/deployment-guide/server/linux/deploy-tar.rst
+++ b/source/deployment-guide/server/linux/deploy-tar.rst
@@ -173,7 +173,7 @@ The final step, depending on your requirements, is to run sudo ``systemctl enabl
Step 6: Update the server
~~~~~~~~~~~~~~~~~~~~~~~~~~
-Updating your Mattermost Server installation when using the tarball requires several manual steps. See the :doc:`upgrade Mattermost Server ` documentation for details.
+Updating your Mattermost Server installation when using the tarball requires several manual steps. See the :doc:`upgrade Mattermost Server ` documentation for details.
Remove Mattermost
-----------------
diff --git a/source/deployment-guide/server/orchestration.rst b/source/deployment-guide/server/orchestration.rst
index f835e60967b..e6eaf589ee2 100644
--- a/source/deployment-guide/server/orchestration.rst
+++ b/source/deployment-guide/server/orchestration.rst
@@ -65,7 +65,7 @@ Documentation
Following automated deployment, the following steps are required to make your system production-ready:
- [Configure SSL for Mattermost](https://docs.mattermost.com/deployment-guide/server/setup-nginx-proxy.html#configure-nginx-with-ssl-and-http-2)
- - [Configure SMTP email for Mattermost](https://docs.mattermost.com/administration-guide/configure/smtp-email.html)
+ - [Configure SMTP email for Mattermost](https://docs.mattermost.com/administration-guide/configuration-reference/smtp-email.html)
2. **Unofficial deployment options should be documented**. Unofficial deployment configurations, such as use of Linux operating systems that are not officially supported, should be documented in the README.
diff --git a/source/deployment-guide/server/preparations.rst b/source/deployment-guide/server/preparations.rst
index 7d88ad2a742..16da605534f 100644
--- a/source/deployment-guide/server/preparations.rst
+++ b/source/deployment-guide/server/preparations.rst
@@ -10,7 +10,7 @@ This guide outlines the key preparation steps required before installing the Mat
Review software and hardware requirements
Set up an NGINX proxy
- Configure Mattermost Calls
+ Configure Mattermost Calls
Set up TLS
Use an image proxy
@@ -18,7 +18,7 @@ Before installing Mattermost Server, review the following preparation requiremen
* :doc:`Review software and hardware requirements ` - Ensure your system meets the minimum requirements for Mattermost deployment.
* :doc:`Set up an NGINX proxy ` - Configure NGINX as a reverse proxy for enhanced security and performance.
-* :doc:`Configure Mattermost Calls ` - Set up real-time communication capabilities for voice and video calls.
+* :doc:`Configure Mattermost Calls ` - Set up real-time communication capabilities for voice and video calls.
* :doc:`Set up TLS ` - Enable secure communication with SSL/TLS encryption.
* :doc:`Use an image proxy ` - Configure image proxy for enhanced privacy and security.
diff --git a/source/deployment-guide/server/prepare-mattermost-mysql-database.rst b/source/deployment-guide/server/prepare-mattermost-mysql-database.rst
index 82e8ba939a9..628db13af97 100644
--- a/source/deployment-guide/server/prepare-mattermost-mysql-database.rst
+++ b/source/deployment-guide/server/prepare-mattermost-mysql-database.rst
@@ -67,7 +67,7 @@ Upgrade Mattermost
.. tab:: Upgrade to v7.0
:parse-titles:
- Self-hosted Mattermost customers using MySQL databases may notice the migration to release v7.0 taking longer than usual when there are a large number of rows in the ``FileInfo`` table. See the :doc:`important upgrade notes ` documentation for details.
+ Self-hosted Mattermost customers using MySQL databases may notice the migration to release v7.0 taking longer than usual when there are a large number of rows in the ``FileInfo`` table. See the :doc:`important upgrade notes ` documentation for details.
.. tab:: Upgrade to v6.7
:parse-titles:
@@ -247,14 +247,14 @@ By default, Mattermost uses full text search support included in MySQL. Select t
Perform searches in Chinese, Korean, and Japanese
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-The best experience for searching in Chinese, Korean, and Japanese is to use MySQL 5.7.6 or later with special configuration. See the :doc:`Chinese, Japanese and Korean Search documentation ` for details.
+The best experience for searching in Chinese, Korean, and Japanese is to use MySQL 5.7.6 or later with special configuration. See the :doc:`Chinese, Japanese and Korean Search documentation ` for details.
You can perform searches without this configuration by adding wildcards ``*`` to the end of search terms.
Migrate from Bitnami to a self-hosted Mattermost deployment
------------------------------------------------------------
-If you're planning a migration from Bitnami to a self-hosted Mattermost installation with a MySQL database, read these notes in our migration guide: :ref:`Migrating from Bitnami `.
+If you're planning a migration from Bitnami to a self-hosted Mattermost installation with a MySQL database, read these notes in our migration guide: :ref:`Migrating from Bitnami `.
Downgrade Mattermost v6.0 to v5.38
-----------------------------------
diff --git a/source/deployment-guide/server/server-architecture.rst b/source/deployment-guide/server/server-architecture.rst
index 83c291b085c..a2a597c45d4 100644
--- a/source/deployment-guide/server/server-architecture.rst
+++ b/source/deployment-guide/server/server-architecture.rst
@@ -1,7 +1,7 @@
Reference Architecture for Mattermost Server
=============================================
-The following diagrams detail suggested architecture configurations of :ref:`high availability Mattermost deployments ` at different scales. Hardware and infrastructure requirements will vary significantly based on usage and policies. See the :doc:`scaling for enterprise ` documentation for reference architecture guidance at scale, including hardware and infrastructure requirements.
+The following diagrams detail suggested architecture configurations of :ref:`high availability Mattermost deployments ` at different scales. Hardware and infrastructure requirements will vary significantly based on usage and policies. See the :doc:`scaling for enterprise ` documentation for reference architecture guidance at scale, including hardware and infrastructure requirements.
High availability in Mattermost consists of running redundant Mattermost application servers, redundant database servers, and redundant load balancers so that failure of any one of these components does not interrupt operation of the system. Upon failure of one component, the remaining application servers, database servers, and load balancers must be sized and configured to carry the full load of the system. If this requirement is not met, an outage of one component can result in an overload of the remaining components, causing a complete system outage.
@@ -14,12 +14,12 @@ You can apply most configuration changes and dot release security updates withou
Designed for scale
------------------
-Mattermost is designed to be able to handle a large number of concurrent users, and the architecture can be scaled up or down as needed. The architecture is also designed to be flexible, allowing for the addition of new components or services as needed. The following diagrams show the recommended architecture for Mattermost deployments at 5,000, 10,000, 25,000, and 50,000 users. The diagrams are organized by user count and include a general diagram and AWS and Azure versions of each diagram. See the :doc:`scaling for enterprise ` documentation for more information on scaling Mattermost deployments.
+Mattermost is designed to be able to handle a large number of concurrent users, and the architecture can be scaled up or down as needed. The architecture is also designed to be flexible, allowing for the addition of new components or services as needed. The following diagrams show the recommended architecture for Mattermost deployments at 5,000, 10,000, 25,000, and 50,000 users. The diagrams are organized by user count and include a general diagram and AWS and Azure versions of each diagram. See the :doc:`scaling for enterprise ` documentation for more information on scaling Mattermost deployments.
- Each generalized diagram represents a full High Availability deployment across all critical components. The proxy, database, file storage, and Elasticsearch layers can be replaced by cloud services.
- Each AWS diagram represents a full High Availability deployment on Amazon Web Services making full use of the available services.
- Each Azure diagram represents a full High Availability deployment on Microsoft Azure making full use of the available services.
-- Push proxy can be replaced by the Mattermost :ref:`hosted push notification service `.
+- Push proxy can be replaced by the Mattermost :ref:`hosted push notification service `.
.. tab:: AWS
diff --git a/source/deployment-guide/server/server-deployment-planning.rst b/source/deployment-guide/server/server-deployment-planning.rst
index 3992a8cb5f7..c4c34a5a74f 100644
--- a/source/deployment-guide/server/server-deployment-planning.rst
+++ b/source/deployment-guide/server/server-deployment-planning.rst
@@ -17,7 +17,7 @@ This section provides comprehensive guidance on deploying and managing your Matt
Pre-authentication secrets
Reference Architecture
Deployment Solution Programs
- Scale for Enterprise
+ Scale for Enterprise
* :doc:`Preparations ` - Software and hardware requirements, proxy setup, TLS configuration, and other pre-deployment tasks.
* :doc:`Deploy with Kubernetes ` - Scalable deployment on various Kubernetes platforms with high availability support.
@@ -28,7 +28,7 @@ This section provides comprehensive guidance on deploying and managing your Matt
* :doc:`Pre-authentication secrets ` - Configure reverse proxy validation for mobile and desktop applications using pre-authentication headers.
* :doc:`Reference Architecture ` - Recommended architecture patterns and infrastructure design.
* :doc:`Deployment Solution Programs ` - Automated deployment tools and orchestration solutions.
-* :doc:`Scale for Enterprise ` - High availability, clustering, and enterprise-scale deployment guidance.
+* :doc:`Scale for Enterprise ` - High availability, clustering, and enterprise-scale deployment guidance.
Core technology stack
diff --git a/source/deployment-guide/server/setup-nginx-proxy.rst b/source/deployment-guide/server/setup-nginx-proxy.rst
index a7a5e633974..864d2ef1b44 100644
--- a/source/deployment-guide/server/setup-nginx-proxy.rst
+++ b/source/deployment-guide/server/setup-nginx-proxy.rst
@@ -225,7 +225,7 @@ You can use any certificate that you want, but these instructions show you how t
.. note::
- If Let’s Encrypt is enabled, forward port 80 through a firewall, with :ref:`Forward80To443 ` ``config.json`` setting set to ``true`` to complete the Let’s Encrypt certification. See the `Let's Encrypt/Certbot documentation `_ for additional assistance.
+ If Let’s Encrypt is enabled, forward port 80 through a firewall, with :ref:`Forward80To443 ` ``config.json`` setting set to ``true`` to complete the Let’s Encrypt certification. See the `Let's Encrypt/Certbot documentation `_ for additional assistance.
1. Log in to the server that hosts NGINX and open a terminal window.
diff --git a/source/deployment-guide/server/setup-tls.rst b/source/deployment-guide/server/setup-tls.rst
index 3cafc9fb0ed..85c83333bfe 100644
--- a/source/deployment-guide/server/setup-tls.rst
+++ b/source/deployment-guide/server/setup-tls.rst
@@ -38,7 +38,7 @@ The certificate is retrieved the first time that a client tries to connect to th
.. note::
- - If Let's Encrypt is enabled, forward port 80 through a firewall, with :ref:`Forward80To443 ` ``config.json`` setting set to ``true`` to complete the Let's Encrypt certification.
+ - If Let's Encrypt is enabled, forward port 80 through a firewall, with :ref:`Forward80To443 ` ``config.json`` setting set to ``true`` to complete the Let's Encrypt certification.
- Your Mattermost server must be accessible from the Let's Encrypt CA in order to verify your domain name and issue the certificate. Be sure to open your firewall and configure any reverse proxies to forward traffic to ports 80 and 443. More information can be found `at Let's Encrypt `_.
Use your own certificate
diff --git a/source/deployment-guide/server/trouble_mysql.rst b/source/deployment-guide/server/trouble_mysql.rst
index 2a506583bf2..fd87cf73ff6 100644
--- a/source/deployment-guide/server/trouble_mysql.rst
+++ b/source/deployment-guide/server/trouble_mysql.rst
@@ -5,8 +5,8 @@ Before you can run the Mattermost server, you must first install and configure a
.. note::
- - Additional database tuning guidance is available for specific Mattermost releases. See the :doc:`important upgrade notes ` documentation for more details.
- - See the :ref:`database configuration settings ` documentation for details on configuration options specific to MySQL databases.
+ - Additional database tuning guidance is available for specific Mattermost releases. See the :doc:`important upgrade notes ` documentation for more details.
+ - See the :ref:`database configuration settings ` documentation for details on configuration options specific to MySQL databases.
How you install MySQL varies depending upon which Linux distribution you use. However, once MySQL is installed, the configuration instructions are the
same. For all distributions you must create a ``mattermost`` database and a ``mattermost`` database user. Failure to create these database
diff --git a/source/deployment-guide/server/troubleshooting.rst b/source/deployment-guide/server/troubleshooting.rst
index c65d17e96e6..d6f73251066 100644
--- a/source/deployment-guide/server/troubleshooting.rst
+++ b/source/deployment-guide/server/troubleshooting.rst
@@ -45,7 +45,7 @@ The resulting server log file is called ``mattermost.log`` and can be opened wit
If filesystem access is not possible, navigate to **System Console > Reporting > Server Logs** to locate the current system logs which can be copied to a file.
-You can find more on logging settings :ref:`here `.
+You can find more on logging settings :ref:`here `.
Mattermost Desktop App logs
~~~~~~~~~~~~~~~~~~~~~~~~~~~~
@@ -214,7 +214,7 @@ How to access logs
**Mattermost**
-Make sure :ref:`debug logging is enabled ` so that we can get the most information from the logs. To do this, go to **System Console > Environment > Logging**, then set both **Console File Level** and **File Log Level** to **DEBUG**. Remember to save your changes.
+Make sure :ref:`debug logging is enabled ` so that we can get the most information from the logs. To do this, go to **System Console > Environment > Logging**, then set both **Console File Level** and **File Log Level** to **DEBUG**. Remember to save your changes.
If the behavior started at a known time or date, use ``journalctl`` to get the logs like this:
diff --git a/source/deployment-guide/software-hardware-requirements.rst b/source/deployment-guide/software-hardware-requirements.rst
index bad5d187bbe..fac67c63e34 100644
--- a/source/deployment-guide/software-hardware-requirements.rst
+++ b/source/deployment-guide/software-hardware-requirements.rst
@@ -149,7 +149,7 @@ Search limitations on PostgreSQL:
- One of them is: ``The length of a tsvector (lexemes + positions) must be less than 1 megabyte``, which means that, based on the file content, even files with content less than 1 MB won't be searchable if they hit the ``tsvector`` limit of 1 MB.
-- If any of the above is an issue, you can :doc:`set up and enable enterprise search `.
+- If any of the above is an issue, you can :doc:`set up and enable enterprise search `.
MySQL Support
::::::::::::::::::::
@@ -188,7 +188,7 @@ Hardware requirements
Usage of CPU, RAM, and storage space can vary significantly based on user behavior. These hardware recommendations are based on traditional deployments and may grow or shrink depending on how active your users are.
-Moreover, memory requirements can be driven by peak file sharing activity. Recommendation is based on default 50 MB maximum file size, which can be :ref:`adjusted from the System Console `. Changing this number may change memory requirements.
+Moreover, memory requirements can be driven by peak file sharing activity. Recommendation is based on default 50 MB maximum file size, which can be :ref:`adjusted from the System Console `. Changing this number may change memory requirements.
For deployments larger than 2,000 users, it is recommended to use the Mattermost open source load testing framework to simulate usage of your system at full scale: `https://github.com/mattermost/mattermost-load-test-ng `__.
@@ -210,18 +210,18 @@ Hardware requirements for enterprise deployments (multi-server)
Scale requirements
^^^^^^^^^^^^^^^^^^
-For Enterprise Edition deployments with a multi-server setup, see :doc:`our scaling guide `.
+For Enterprise Edition deployments with a multi-server setup, see :doc:`our scaling guide `.
It is highly recommended that pilots are run before enterprise-wide deployments in order to estimate full scale usage based on your specific organizational needs. You can use the Mattermost open source load testing framework to simulate usage of your system: `https://github.com/mattermost/mattermost-load-test-ng `__.
-Mattermost's :doc:`performance monitoring ` tools can be used for detailed performance measurements and to inspect the running system to ensure sizing and installation is correct.
+Mattermost's :doc:`performance monitoring ` tools can be used for detailed performance measurements and to inspect the running system to ensure sizing and installation is correct.
System requirements
^^^^^^^^^^^^^^^^^^^
For Enterprise Edition deployments with a multi-server setup, we highly recommend the following systems to support your Mattermost deployment:
-- Prometheus to track system health of your Mattermost deployment, through :doc:`performance monitoring feature ` available in Mattermost Enterprise.
-- Grafana to visualize the system health metrics collected by Prometheus with the :doc:`performance monitoring feature `. Grafana 5.0.0 and later is recommended.
-- Elasticsearch to support highly efficient database searches in a cluster environment. Elasticsearch v7.17+ is supported, and Elasticsearch v8.x or AWS OpenSearch is recommended from Mattermost v9.11. :doc:`Learn more `.
-- MinIO or AWS S3. Mattermost is compatible with object storage systems which implement the S3 API. Other S3-compatible systems may work, but are not officially supported. Learn more about file storage configuration options :ref:`in our documentation `.
+- Prometheus to track system health of your Mattermost deployment, through :doc:`performance monitoring feature ` available in Mattermost Enterprise.
+- Grafana to visualize the system health metrics collected by Prometheus with the :doc:`performance monitoring feature `. Grafana 5.0.0 and later is recommended.
+- Elasticsearch to support highly efficient database searches in a cluster environment. Elasticsearch v7.17+ is supported, and Elasticsearch v8.x or AWS OpenSearch is recommended from Mattermost v9.11. :doc:`Learn more `.
+- MinIO or AWS S3. Mattermost is compatible with object storage systems which implement the S3 API. Other S3-compatible systems may work, but are not officially supported. Learn more about file storage configuration options :ref:`in our documentation `.
diff --git a/source/end-user-guide/collaborate/access-your-workspace.rst b/source/end-user-guide/collaborate/access-your-workspace.rst
index 827ffffc5d4..6dfe54dbd15 100644
--- a/source/end-user-guide/collaborate/access-your-workspace.rst
+++ b/source/end-user-guide/collaborate/access-your-workspace.rst
@@ -57,7 +57,7 @@ If you've forgotten your password, you can reset it on the login screen by selec
Email address or username
--------------------------
-When :ref:`account creation with email ` is enabled by your system admin, you can log in with the username or email address used to create a Mattermost account.
+When :ref:`account creation with email ` is enabled by your system admin, you can log in with the username or email address used to create a Mattermost account.
.. image:: ../../images/login-email-username.png
:alt: Log in to Mattermost with your username or email address, or reset your password.
@@ -100,7 +100,7 @@ When enabled by your system admin, you may log in using your GitLab, Google, Ent
When enabled by your system admin, you can log in with your SAML credentials. This lets you use the same username and password for Mattermost that you use for various other company services.
- Mattermost officially supports :doc:`Okta `, :doc:`OneLogin `, and Microsoft ADFS as an identity provider (IDP) for SAML, but you may use other SAML IDPs as well. See our :doc:`SAML Single Sign-On documentation ` to learn more about configuring SAML for Mattermost.
+ Mattermost officially supports :doc:`Okta `, :doc:`OneLogin `, and Microsoft ADFS as an identity provider (IDP) for SAML, but you may use other SAML IDPs as well. See our :doc:`SAML Single Sign-On documentation ` to learn more about configuring SAML for Mattermost.
.. image:: ../../images/login-onelogin.png
:alt: Log in to Mattermost with SAML credentials, such as OneLogin.
diff --git a/source/end-user-guide/collaborate/archive-unarchive-channels.rst b/source/end-user-guide/collaborate/archive-unarchive-channels.rst
index ff2a2f232a3..9374eb6d43b 100644
--- a/source/end-user-guide/collaborate/archive-unarchive-channels.rst
+++ b/source/end-user-guide/collaborate/archive-unarchive-channels.rst
@@ -11,7 +11,7 @@ Delete :ref:`public channels ` your ability to do so.
+ You can continue to access archived channels, unless your system admin has :ref:`disabled ` your ability to do so.
.. tab:: Web/Desktop
@@ -62,7 +62,7 @@ Delete :ref:`public channels `.
+System admins and Team admins can restore archived channels. When a channel is unarchived, channel membership and all its content is restored, unless messages and files have been deleted based on a :ref:`data retention policy `.
.. tab:: Web/Desktop
@@ -107,4 +107,4 @@ System admins and Team admins can restore archived channels. When a channel is u
.. tip::
- Alternatively, system admins can unarchive channels :ref:`via the mmctl `, and Team admins can unarchive channels `via the API `__.
+ Alternatively, system admins can unarchive channels :ref:`via the mmctl `, and Team admins can unarchive channels `via the API `__.
diff --git a/source/end-user-guide/collaborate/audio-and-screensharing.rst b/source/end-user-guide/collaborate/audio-and-screensharing.rst
index 361ef7fffdf..f5c2dd0d9dd 100644
--- a/source/end-user-guide/collaborate/audio-and-screensharing.rst
+++ b/source/end-user-guide/collaborate/audio-and-screensharing.rst
@@ -1,7 +1,7 @@
Audio and Screensharing
=======================
-Mattermost Calls offers native real-time chat, self-hosted audio calls, and screen sharing within your own network, enabling secure, effective team communication and collaboration. Learn more about :doc:`deploying Mattermost Calls ` in a self-hosted environment and :doc:`making calls ` with Mattermost.
+Mattermost Calls offers native real-time chat, self-hosted audio calls, and screen sharing within your own network, enabling secure, effective team communication and collaboration. Learn more about :doc:`deploying Mattermost Calls ` in a self-hosted environment and :doc:`making calls ` with Mattermost.
With calls and screen sharing, Mattermost ensures that communications remain uninterrupted, even during maintenance or outages, and scales effortlessly to meet your team’s growing needs, safeguarding the integrity of mission-critical operations.
diff --git a/source/end-user-guide/collaborate/channel-types.rst b/source/end-user-guide/collaborate/channel-types.rst
index aae1ccb609e..be769f5fee7 100644
--- a/source/end-user-guide/collaborate/channel-types.rst
+++ b/source/end-user-guide/collaborate/channel-types.rst
@@ -40,7 +40,7 @@ Direct message channels
Direct message channels are for conversations between 2 people. Only members of the conversation can see direct messages and channel heading information, including the last active status of the other user.
-You can start a direct message with people on other teams :ref:`unless the system admin has disabled your ability to do so `.
+You can start a direct message with people on other teams :ref:`unless the system admin has disabled your ability to do so `.
Direct messages update the numbered badge count and trigger a notification unless the direct message is muted, or your notifications are disabled. See the :doc:`notification documentation ` for details on customizing notifications based on your preferences.
@@ -58,13 +58,13 @@ Want to have a group conversation with more than 7 people? :doc:`Create a privat
.. note::
- - You can start a group message with people on other teams when :ref:`unless the system admin has disabled your ability to do so `.
+ - You can start a group message with people on other teams when :ref:`unless the system admin has disabled your ability to do so `.
- From Mattermost v9.1, group messages increase the numbered badge count and trigger a notification unless the direct message is muted, or your notifications are disabled. Control how you're notified about group message conversations by going to **Settings > Notifications**. See the :doc:`notification documentation ` to learn more.
- - Any group message history you have with a deactivated user remains available :ref:`unless your system admin disables your ability to do so `.
+ - Any group message history you have with a deactivated user remains available :ref:`unless your system admin disables your ability to do so `.
Archived channels
-----------------
Archived channels are deactivated public, private, direct message, or group message channels that are no longer used. Archived channels are identified with a **File Box** |file-box| icon.
-:ref:`Archiving a channel ` marks it read-only to prevent new messages from being sent and preserve channel history. You can continue to access archived channels, unless your system admin has :ref:`disabled ` your ability to do so.
\ No newline at end of file
+:ref:`Archiving a channel ` marks it read-only to prevent new messages from being sent and preserve channel history. You can continue to access archived channels, unless your system admin has :ref:`disabled ` your ability to do so.
\ No newline at end of file
diff --git a/source/end-user-guide/collaborate/client-availability.rst b/source/end-user-guide/collaborate/client-availability.rst
index b5c62689f80..39790580495 100644
--- a/source/end-user-guide/collaborate/client-availability.rst
+++ b/source/end-user-guide/collaborate/client-availability.rst
@@ -32,7 +32,7 @@ Messages
| :ref:`Preview image links ` | |checkmark| | |checkmark| | |checkmark| |
+-------------------------------------------------------------------------------------------------------------+-------------+-------------+-----------------+
| :ref:`Preview websites | | | |
-| ` | |checkmark| | |checkmark| | |checkmark| |
+| ` | |checkmark| | |checkmark| | |checkmark| |
+-------------------------------------------------------------------------------------------------------------+-------------+-------------+-----------------+
| :doc:`Notifications ` | |checkmark| | |checkmark| | |checkmark| |
+-------------------------------------------------------------------------------------------------------------+-------------+-------------+-----------------+
@@ -63,7 +63,7 @@ Channels
| :doc:`Rename channels ` | |checkmark| | |checkmark| | |checkmark| |
+----------------------------------------------------------------------------------------------------------+-------------+-------------+-------------+
| :ref:`Deactivate members | | | |
-| ` | |checkmark| | |checkmark| | |
+| ` | |checkmark| | |checkmark| | |
+----------------------------------------------------------------------------------------------------------+-------------+-------------+-------------+
Teams
@@ -164,15 +164,15 @@ Authentication
| :ref:`Email password login | | | |
| ` | |checkmark| | |checkmark| | |checkmark| |
+-------------------------------------------------------------------------------------------+-------------+-------------+-------------+
-| :doc:`AD/LDAP ` | |checkmark| | |checkmark| | |checkmark| |
+| :doc:`AD/LDAP ` | |checkmark| | |checkmark| | |checkmark| |
+-------------------------------------------------------------------------------------------+-------------+-------------+-------------+
-| :doc:`SAML SSO ` | |checkmark| | |checkmark| | |checkmark| |
+| :doc:`SAML SSO ` | |checkmark| | |checkmark| | |checkmark| |
+-------------------------------------------------------------------------------------------+-------------+-------------+-------------+
-| :doc:`GitLab SSO ` | |checkmark| | |checkmark| | |checkmark| |
+| :doc:`GitLab SSO ` | |checkmark| | |checkmark| | |checkmark| |
+-------------------------------------------------------------------------------------------+-------------+-------------+-------------+
-| :doc:`Entra ID SSO ` | |checkmark| | |checkmark| | |checkmark| |
+| :doc:`Entra ID SSO ` | |checkmark| | |checkmark| | |checkmark| |
+-------------------------------------------------------------------------------------------+-------------+-------------+-------------+
-| :doc:`Google SSO ` | |checkmark| | |checkmark| | |checkmark| |
+| :doc:`Google SSO ` | |checkmark| | |checkmark| | |checkmark| |
+-------------------------------------------------------------------------------------------+-------------+-------------+-------------+
Other
@@ -199,6 +199,6 @@ What feature quality levels does Mattermost have?
We strive to release viable features. This means that we put in a significant amount of effort to ensure we solve a use case with a high bar for quality. A feature that's viable and meets our criteria for our production quality levels will be released to production.
-However, when working on large and complex features or new products, we may need to test them with a high volume of customers and users. For these scenarios, we'll release them as :ref:`Experimental ` or :ref:`Beta `, and implement feature flags and/or A/B testing to validate the effectiveness of features prior to production-level release. Additionally, we `dogfood our features `_ on our community server, and provide many configuration options that ensure customers can opt-in when trying experimental or beta features.
+However, when working on large and complex features or new products, we may need to test them with a high volume of customers and users. For these scenarios, we'll release them as :ref:`Experimental ` or :ref:`Beta `, and implement feature flags and/or A/B testing to validate the effectiveness of features prior to production-level release. Additionally, we `dogfood our features `_ on our community server, and provide many configuration options that ensure customers can opt-in when trying experimental or beta features.
-See the :doc:`Mattermost feature labels ` documentation for details on the status, maturity, and support level of each feature, and what you can expect at each level.
+See the :doc:`Mattermost feature labels ` documentation for details on the status, maturity, and support level of each feature, and what you can expect at each level.
diff --git a/source/end-user-guide/collaborate/collaborate-within-connected-microsoft-teams.rst b/source/end-user-guide/collaborate/collaborate-within-connected-microsoft-teams.rst
index 4cb668f1cca..9adf44c5ed9 100644
--- a/source/end-user-guide/collaborate/collaborate-within-connected-microsoft-teams.rst
+++ b/source/end-user-guide/collaborate/collaborate-within-connected-microsoft-teams.rst
@@ -17,7 +17,7 @@ Connect your Mattermost account to your Microsoft Teams account
---------------------------------------------------------------
.. note::
- Your System Administrator must install and enable the :doc:`Mattermost for Microsoft Teams integration ` and ensure :ref:`support for notifications is enabled ` in order for you to connect your account and recieve chat notifications.
+ Your System Administrator must install and enable the :doc:`Mattermost for Microsoft Teams integration ` and ensure :ref:`support for notifications is enabled ` in order for you to connect your account and recieve chat notifications.
Once the integration is installed and configured by a System Administrator, you can connect your Mattermost user account to your Microsoft Teams account. You only need to complete this step once.
diff --git a/source/end-user-guide/collaborate/convert-public-channels.rst b/source/end-user-guide/collaborate/convert-public-channels.rst
index a467b4304f2..b518a762c7b 100644
--- a/source/end-user-guide/collaborate/convert-public-channels.rst
+++ b/source/end-user-guide/collaborate/convert-public-channels.rst
@@ -57,7 +57,7 @@ Due to potential security concerns with sharing private channel history, only sy
.. note::
- - The ability to convert private channels to public channels using the `API `_ or :ref:`mmctl channel modify command ` is limited to system admins, team admins, and users with specific granular admin roles. Team admins have this permission by default, but system admins can restrict it or assign it to other roles.
+ - The ability to convert private channels to public channels using the `API `_ or :ref:`mmctl channel modify command ` is limited to system admins, team admins, and users with specific granular admin roles. Team admins have this permission by default, but system admins can restrict it or assign it to other roles.
- Granular roles require permissions for managing User Management Channels and Groups, including ``sysconsole_write_user_management_channels`` and ``sysconsole_write_user_management_groups``. Manage permissions through the :ref:`permission scheme `.
- If :ref:`Sync Group channel management ` is enabled, private channels can't be converted to public channels.
diff --git a/source/end-user-guide/collaborate/create-channels.rst b/source/end-user-guide/collaborate/create-channels.rst
index 4facc5e7f99..345f5e93a06 100644
--- a/source/end-user-guide/collaborate/create-channels.rst
+++ b/source/end-user-guide/collaborate/create-channels.rst
@@ -21,7 +21,7 @@ Anyone can create public channels, private channels, direct messages, and group
2. Enter a channel name.
3. Choose whether this is a public or private channel. See the :doc:`channel types ` documentation to learn more about public and private channels.
4. (Optional) Describe the channel's focus or purpose. This text is visible to all channel members in the channel header.
- 5. (Optional) Assign the channel to a category. If your system admin has enabled :ref:`channel category sorting `, you can assign the new channel to a new or existing channel category. If this option isn't available, you can `customize your channel sidebar `.
+ 5. (Optional) Assign the channel to a category. If your system admin has enabled :ref:`channel category sorting `, you can assign the new channel to a new or existing channel category. If this option isn't available, you can `customize your channel sidebar `.
Start a direct or group message
--------------------------------
@@ -31,7 +31,7 @@ Anyone can create public channels, private channels, direct messages, and group
.. image:: ../../images/write-dm.png
:alt: Access recent direct messages and group messages.
- 2. Select up to seven users by searching or browsing. If your organization uses :doc:`connected workspaces `, you can also select remote users from shared channels for direct and group messages.
+ 2. Select up to seven users by searching or browsing. If your organization uses :doc:`connected workspaces `, you can also select remote users from shared channels for direct and group messages.
.. tip::
@@ -60,7 +60,7 @@ Anyone can create public channels, private channels, direct messages, and group
Start a direct or group message
--------------------------------
- Tap |plus| in the top right corner of the app, then select **Open a Direct Message**. You can select one person for a direct message or up to seven people for a group message. If your organization uses :doc:`connected workspaces `, remote users from shared channels are also available to select. Tap **Start** to start the conversation.
+ Tap |plus| in the top right corner of the app, then select **Open a Direct Message**. You can select one person for a direct message or up to seven people for a group message. If your organization uses :doc:`connected workspaces `, remote users from shared channels are also available to select. Tap **Start** to start the conversation.
.. image:: ../../images/create-channel-or-open-direct-message-on-mobile.jpg
:alt: You can start a direct or group message by tapping the plus in the top right corner.
@@ -81,4 +81,4 @@ Automatic actions include:
- Automatically adding the channel to a :doc:`category in the user's channel sidebar `.
- Prompting to run a playbook based on the contents of a message.
-The :ref:`collaborative playbooks must be enabled ` for channel admins to use channel actions.
\ No newline at end of file
+The :ref:`collaborative playbooks must be enabled ` for channel admins to use channel actions.
\ No newline at end of file
diff --git a/source/end-user-guide/collaborate/extend-mattermost-with-integrations.rst b/source/end-user-guide/collaborate/extend-mattermost-with-integrations.rst
index e87534db39d..4fae45d564b 100644
--- a/source/end-user-guide/collaborate/extend-mattermost-with-integrations.rst
+++ b/source/end-user-guide/collaborate/extend-mattermost-with-integrations.rst
@@ -12,9 +12,9 @@ Mattermost features
~~~~~~~~~~~~~~~~~~~~
- :ref:`AI Agents `
-- :ref:`Export Mattermost channel data `
-- :ref:`Monitor performance metrics `
-- :doc:`Perform legal holds `
+- :ref:`Export Mattermost channel data `
+- :ref:`Monitor performance metrics `
+- :doc:`Perform legal holds `
Mattermost interoperability
~~~~~~~~~~~~~~~~~~~~~~~~~~~
diff --git a/source/end-user-guide/collaborate/format-messages.rst b/source/end-user-guide/collaborate/format-messages.rst
index 2b167a7f211..060e561ec2a 100644
--- a/source/end-user-guide/collaborate/format-messages.rst
+++ b/source/end-user-guide/collaborate/format-messages.rst
@@ -659,7 +659,7 @@ Math Formulas
.. note::
- This feature is :ref:`disabled by default `. Contact your system admin to enable this setting in **System Console > Site Configuration > Posts** to use this feature.
+ This feature is :ref:`disabled by default `. Contact your system admin to enable this setting in **System Console > Site Configuration > Posts** to use this feature.
.. code-block:: text
@@ -676,7 +676,7 @@ Math Formulas
.. note::
- This feature is :ref:`disabled by default `. Contact your system admin to enable this setting in **System Console > Site Configuration > Posts** to use this feature.
+ This feature is :ref:`disabled by default `. Contact your system admin to enable this setting in **System Console > Site Configuration > Posts** to use this feature.
.. code-block:: text
diff --git a/source/end-user-guide/collaborate/install-android-app.rst b/source/end-user-guide/collaborate/install-android-app.rst
index 1c7e26ebdad..c30e1ba2c6b 100644
--- a/source/end-user-guide/collaborate/install-android-app.rst
+++ b/source/end-user-guide/collaborate/install-android-app.rst
@@ -12,7 +12,7 @@ Take Mattermost wherever you go by `installing the Mattermost mobile app `. See the :doc:`manage security preferences ` documentation for details.
+ You can set up multi-factor authentication for Mattermost if your system admin has :ref:`enabled your ability to do so `. See the :doc:`manage security preferences ` documentation for details.
Mattermost on Chromebooks
--------------------------
diff --git a/source/end-user-guide/collaborate/install-ios-app.rst b/source/end-user-guide/collaborate/install-ios-app.rst
index c2f91e7e5df..18d285a18bc 100644
--- a/source/end-user-guide/collaborate/install-ios-app.rst
+++ b/source/end-user-guide/collaborate/install-ios-app.rst
@@ -17,4 +17,4 @@ Take Mattermost wherever you go by `installing the Mattermost mobile app ` documentation for additional details.
- - You can set up multi-factor authentication for Mattermost if your system admin has :ref:`enabled your ability to do so `. See the :doc:`manage security preferences ` documentation for details.
\ No newline at end of file
+ - You can set up multi-factor authentication for Mattermost if your system admin has :ref:`enabled your ability to do so `. See the :doc:`manage security preferences ` documentation for details.
\ No newline at end of file
diff --git a/source/end-user-guide/collaborate/invite-people.rst b/source/end-user-guide/collaborate/invite-people.rst
index df5891c3872..05dd4fff0d3 100644
--- a/source/end-user-guide/collaborate/invite-people.rst
+++ b/source/end-user-guide/collaborate/invite-people.rst
@@ -49,8 +49,8 @@ Anyone can invite people to Mattermost teams and channels, unless your system ad
.. note::
- - Can't share invitation links? Contact your Mattermost system admin for assistance. An :doc:`SSL certificate (or a self-signed certificate) ` may be required for link-based invitations to work.
+ - Can't share invitation links? Contact your Mattermost system admin for assistance. An :doc:`SSL certificate (or a self-signed certificate) ` may be required for link-based invitations to work.
- An invite link can be used by anyone and doesn’t change unless it’s re-generated by a system admin or team admin via **Team Settings > Access > Invite Code**.
- - Your system admin must :ref:`enable email invitations ` and configure :ref:`email ` for Mattermost to send email-based invitations.
+ - Your system admin must :ref:`enable email invitations ` and configure :ref:`email ` for Mattermost to send email-based invitations.
- Invitation links sent by email expire after 48 hours and can only be used once.
- - Your system admin can :ref:`cancel all email invitations ` that haven't yet been accepted within the System Console.
\ No newline at end of file
+ - Your system admin can :ref:`cancel all email invitations ` that haven't yet been accepted within the System Console.
\ No newline at end of file
diff --git a/source/end-user-guide/collaborate/learn-about-roles.rst b/source/end-user-guide/collaborate/learn-about-roles.rst
index 6e99dfbae9a..8514384aff4 100644
--- a/source/end-user-guide/collaborate/learn-about-roles.rst
+++ b/source/end-user-guide/collaborate/learn-about-roles.rst
@@ -71,7 +71,7 @@ A guest is a role with restricted permissions. Guests enable organizations to co
Deactivated
-----------
-A system admin can deactivate user accounts via **System Console > Users**. A list of all users on the server can be searched and filtered to make finding users easier. Select the user's role and in the menu that opens, then select **Deactivate**. See the :ref:`deactivate user accounts admin ` documentation for details.
+A system admin can deactivate user accounts via **System Console > Users**. A list of all users on the server can be searched and filtered to make finding users easier. Select the user's role and in the menu that opens, then select **Deactivate**. See the :ref:`deactivate user accounts admin ` documentation for details.
When **Deactivate** is selected, the user is logged out of the system, and receives an error message if they try to log back in. The user no longer appears in channel member lists, and they are removed from the team members list. A deactivated account can also be reactivated from the System Console, in which case the user rejoins channels and teams that they previously belonged to.
diff --git a/source/end-user-guide/collaborate/make-calls.rst b/source/end-user-guide/collaborate/make-calls.rst
index 710427f7dc1..92f64564b76 100644
--- a/source/end-user-guide/collaborate/make-calls.rst
+++ b/source/end-user-guide/collaborate/make-calls.rst
@@ -10,8 +10,8 @@ Using a web browser, the desktop app, or the mobile app, you can `join a call <#
- All Mattermost customers can start, join, and participate in 1:1 audio calls with optional screen sharing.
- For group calls up to 50 concurrent users, Mattermost Enterprise, Professional, or Mattermost Cloud is required.
- - Enterprise customers can also `record calls <#record-a-call>`__, enable :ref:`live text captions ` during calls, and `transcribe recorded calls <#transcribe-recorded-calls>`__. We recommend that Enterprise self-hosted customers looking for group calls beyond 50 concurrent users consider using the :ref:`dedicated rtcd service `.
- - Mattermost Cloud users can start calling right out of the box. For Mattermost self-hosted deployments, System admins need to enable and configure the plugin :ref:`using the System Console `.
+ - Enterprise customers can also `record calls <#record-a-call>`__, enable :ref:`live text captions ` during calls, and `transcribe recorded calls <#transcribe-recorded-calls>`__. We recommend that Enterprise self-hosted customers looking for group calls beyond 50 concurrent users consider using the :ref:`dedicated rtcd service `.
+ - Mattermost Cloud users can start calling right out of the box. For Mattermost self-hosted deployments, System admins need to enable and configure the plugin :ref:`using the System Console `.
.. include:: ../../_static/badges/academy-calls.rst
:start-after: :nosearch:
@@ -101,7 +101,7 @@ From Mattermost v10.2 and mobile v2.19, call hosts who choose to leave a call ar
Share your screen
-----------------
-During a call, call participants can share their screen with other call participants, unless your system admin has :ref:`disabled your ability to do so `.
+During a call, call participants can share their screen with other call participants, unless your system admin has :ref:`disabled your ability to do so `.
.. note::
@@ -172,11 +172,11 @@ Record a call
.. include:: ../../_static/badges/ent-only.rst
:start-after: :nosearch:
-From Mattermost v7.7, if you're the host of a meeting, you can record the call, unless your system admin has :ref:`disabled the host's ability to do so `.
+From Mattermost v7.7, if you're the host of a meeting, you can record the call, unless your system admin has :ref:`disabled the host's ability to do so `.
-Call recordings include audio, any screen sharing during the call, and text transcriptions, when :ref:`enabled `.
+Call recordings include audio, any screen sharing during the call, and text transcriptions, when :ref:`enabled `.
-The default setting for a recording is 60 minutes, but your system admin may :ref:`change the recording duration ` as needed. You'll receive a reminder 10 minutes before the recording limit is reached. If your call is going to continue beyond the recording limit, allow the first recording to complete, then start a new recording immediately after.
+The default setting for a recording is 60 minutes, but your system admin may :ref:`change the recording duration ` as needed. You'll receive a reminder 10 minutes before the recording limit is reached. If your call is going to continue beyond the recording limit, allow the first recording to complete, then start a new recording immediately after.
When you stop recording, the recording file is posted in the call thread as an MP4 file attachment. It's available to all users in the channel both during the call, and after the call has ended.
@@ -217,14 +217,14 @@ Live captions during calls
.. include:: ../../_static/badges/ent-only.rst
:start-after: :nosearch:
-From Mattermost v9.7, and Mattermost mobile app v.2.16, all call participants can display real-time text captions by selecting the **More** |more-icon| icon and **Show live captions** when the call is being recorded, and when :ref:`live captions are enabled `. Live captions can be helpful in cases where noise is preventing you from hearing the audio of participants clearly.
+From Mattermost v9.7, and Mattermost mobile app v.2.16, all call participants can display real-time text captions by selecting the **More** |more-icon| icon and **Show live captions** when the call is being recorded, and when :ref:`live captions are enabled `. Live captions can be helpful in cases where noise is preventing you from hearing the audio of participants clearly.
-By default, live captions display in English. Your Mattermost system admin can :ref:`specify a different language for live captions ` in the System Console.
+By default, live captions display in English. Your Mattermost system admin can :ref:`specify a different language for live captions ` in the System Console.
.. note::
- - The ability to enable live captions during Mattermost calls is currently in :ref:`Beta `.
- - Your system admin must enable :ref:`call recordings ` to enable live captions.
+ - The ability to enable live captions during Mattermost calls is currently in :ref:`Beta `.
+ - Your system admin must enable :ref:`call recordings ` to enable live captions.
Transcribe recorded calls
--------------------------------
@@ -232,14 +232,14 @@ Transcribe recorded calls
.. include:: ../../_static/badges/ent-only.rst
:start-after: :nosearch:
-From Mattermost v9.4, and Mattermost mobile app v.2.13, call recordings can include text captions, and a transcription text file can be generated, unless your system admin has :ref:`disabled the ability to transcribe call recordings `.
+From Mattermost v9.4, and Mattermost mobile app v.2.13, call recordings can include text captions, and a transcription text file can be generated, unless your system admin has :ref:`disabled the ability to transcribe call recordings `.
When call recording stops, the transcription file is posted in the call thread as a TXT file attachment. It's available to all users in the channel both during the call, and after the call has ended. Additionally, users viewing the call recording can show or hide text captions using the Closed Captioning option in the video player.
.. note::
- - The ability to enable recorded call transcriptions is currently in :ref:`Beta `.
- - Your system admin must enable :ref:`call recordings ` to enable recorded call transcriptions.
+ - The ability to enable recorded call transcriptions is currently in :ref:`Beta `.
+ - Your system admin must enable :ref:`call recordings ` to enable recorded call transcriptions.
Frequently asked questions
--------------------------
@@ -247,7 +247,7 @@ Frequently asked questions
Can I set a ring tone for incoming calls?
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-Yes! From Mattermost v8.0 and Calls v0.17.0, desktop app and web users can go to **Settings > Notifications > Desktop Notifications** to enable Mattermost to alert you to incoming calls through direct or group messages with a specific ring tone and a desktop notification, unless the system admin has :ref:`disabled your ability to do so `.
+Yes! From Mattermost v8.0 and Calls v0.17.0, desktop app and web users can go to **Settings > Notifications > Desktop Notifications** to enable Mattermost to alert you to incoming calls through direct or group messages with a specific ring tone and a desktop notification, unless the system admin has :ref:`disabled your ability to do so `.
Is video supported?
~~~~~~~~~~~~~~~~~~~
diff --git a/source/end-user-guide/collaborate/manage-channel-bookmarks.rst b/source/end-user-guide/collaborate/manage-channel-bookmarks.rst
index ca4e8b2ebf8..d7fcdc86e21 100644
--- a/source/end-user-guide/collaborate/manage-channel-bookmarks.rst
+++ b/source/end-user-guide/collaborate/manage-channel-bookmarks.rst
@@ -104,7 +104,7 @@ Using the mobile app, long-press on a bookmark and select **Share**.
Copy bookmark links
^^^^^^^^^^^^^^^^^^^^
-You can copy bookmark links when your system admin has :ref:`enabled your ability to do so `.
+You can copy bookmark links when your system admin has :ref:`enabled your ability to do so `.
.. tab:: Web/Desktop
diff --git a/source/end-user-guide/collaborate/mention-people.rst b/source/end-user-guide/collaborate/mention-people.rst
index 962c937b5f2..cc17f232c22 100644
--- a/source/end-user-guide/collaborate/mention-people.rst
+++ b/source/end-user-guide/collaborate/mention-people.rst
@@ -69,7 +69,7 @@ You can ignore channel-wide mentions in specific channels by enabling the **Chan
.. include:: ../../_static/badges/ent-only.rst
:start-after: :nosearch:
-This feature enables system admins to configure custom mentions for :doc:`LDAP synced groups ` via the Group Configuration page. This functionality is also supported on the mobile app (from v1.34) if the AD/LDAP groups feature is enabled. The mobile app supports auto-suggesting groups, highlights group member mentions, and also provides a warning dialog when a mention will notify more than five users.
+This feature enables system admins to configure custom mentions for :doc:`LDAP synced groups ` via the Group Configuration page. This functionality is also supported on the mobile app (from v1.34) if the AD/LDAP groups feature is enabled. The mobile app supports auto-suggesting groups, highlights group member mentions, and also provides a warning dialog when a mention will notify more than five users.
Once enabled for a specific group, users can mention and notify the entire group in a channel (similar to ``@channel`` or ``@all``). Members of the group in that channel will receive a notification. If members of the group mentioned aren't members of the channel, the user who posted the mention is prompted to invite them.
@@ -121,7 +121,7 @@ Confirmation dialog warnings
When your system admin has configured Mattermost to require confirmations for @mentions, you must confirm any mention that will trigger notifications for more than five users before sending the notification.
-This confirmation dialog only appears when your system admin has configured this setting in the System Console. See our :ref:`configuration settings ` product documentation for details. This configuration setting is supported on the Mattermost Mobile App (from v1.34) if the :doc:`AD/LDAP groups ` feature is enabled.
+This confirmation dialog only appears when your system admin has configured this setting in the System Console. See our :ref:`configuration settings ` product documentation for details. This configuration setting is supported on the Mattermost Mobile App (from v1.34) if the :doc:`AD/LDAP groups ` feature is enabled.
Mention highlights
------------------
diff --git a/source/end-user-guide/collaborate/message-priority.rst b/source/end-user-guide/collaborate/message-priority.rst
index 5cc4a858fdb..49ab54f78ce 100644
--- a/source/end-user-guide/collaborate/message-priority.rst
+++ b/source/end-user-guide/collaborate/message-priority.rst
@@ -37,7 +37,7 @@ To enable persistent notifications for a message:
.. note::
- @channel, @all and @here mentions don't send persistent notifications.
- - System admins can customize the maximum number of @mentions permitted, how frequently and how many persistent notifications are sent, as well as disable persistent notifications for all users, if preferred. By default, users are notified every 5 minutes for a total of 30 minutes. See the :ref:`configuration ` documentation for details.
+ - System admins can customize the maximum number of @mentions permitted, how frequently and how many persistent notifications are sent, as well as disable persistent notifications for all users, if preferred. By default, users are notified every 5 minutes for a total of 30 minutes. See the :ref:`configuration ` documentation for details.
Receive persistent notifications
--------------------------------
diff --git a/source/end-user-guide/collaborate/organize-conversations.rst b/source/end-user-guide/collaborate/organize-conversations.rst
index e32a0c8e579..6fa03a572f0 100644
--- a/source/end-user-guide/collaborate/organize-conversations.rst
+++ b/source/end-user-guide/collaborate/organize-conversations.rst
@@ -8,11 +8,11 @@ Threads are a key part of the messaging experience in Mattermost. They're used t
Threaded discussions offers an enhanced experience for users communicating in threads and replying to messages that includes a unified threads inbox to read all conversations in one view. Threads improve the ability to process channel content, find, follow, and resume conversations more easily, and keep threaded conversations focused.
-From Mattermost v7.0, threaded discussions are enabled by default for all new Mattermost deployments. All Mattermost users can create new threads, unless the system admin has :ref:`disabled the ability to do so `.
+From Mattermost v7.0, threaded discussions are enabled by default for all new Mattermost deployments. All Mattermost users can create new threads, unless the system admin has :ref:`disabled the ability to do so `.
.. note::
- System admins can :ref:`configure default availability and user opt-in ` of threaded discussions.
+ System admins can :ref:`configure default availability and user opt-in ` of threaded discussions.
.. image:: ../../images/collapsed-reply-threads.gif
:alt: Organize conversations using threaded discussions.
@@ -117,4 +117,4 @@ Tutorial video
Known issues
------------
-Threaded discussions were released as generally available in Mattermost v7.0, including significant server performance improvements and more flexible configuration options for system admins to enable the feature by default. We highly recommended :doc:`upgrading Mattermost ` to take advantage of configuration and performance enhancements.
+Threaded discussions were released as generally available in Mattermost v7.0, including significant server performance improvements and more flexible configuration options for system admins to enable the feature by default. We highly recommended :doc:`upgrading Mattermost ` to take advantage of configuration and performance enhancements.
diff --git a/source/end-user-guide/collaborate/organize-using-custom-user-groups.rst b/source/end-user-guide/collaborate/organize-using-custom-user-groups.rst
index a16898ec98f..8b8e75b2d09 100644
--- a/source/end-user-guide/collaborate/organize-using-custom-user-groups.rst
+++ b/source/end-user-guide/collaborate/organize-using-custom-user-groups.rst
@@ -14,7 +14,7 @@ Once a custom user group has been created, you can mention that group the same w
.. note::
- - System admins need to enable this feature. See our :ref:`Mattermost Configuration Settings ` documentation for details.
+ - System admins need to enable this feature. See our :ref:`Mattermost Configuration Settings ` documentation for details.
- From Mattermost v7.2, system admins can limit who can manage custom user groups through the Custom Group Manager system admin role. See the :doc:`delegated granular administration ` documentation for details.
- The ability to create custom user groups on mobile will be available in a future release. @mentions for custom user groups on mobile work the same as :ref:`LDAP-synced groups `.
diff --git a/source/end-user-guide/collaborate/organize-using-teams.rst b/source/end-user-guide/collaborate/organize-using-teams.rst
index ed754f19452..a0e2177f1e3 100644
--- a/source/end-user-guide/collaborate/organize-using-teams.rst
+++ b/source/end-user-guide/collaborate/organize-using-teams.rst
@@ -12,7 +12,7 @@ Organize using teams
Team settings
Team keyboard shortcuts
-A team is a digital :doc:`workspace ` where you and your teammates can collaborate in Mattermost. Depending on how Mattermost is :ref:`set up ` in your organization, you can belong to one team or multiple teams, and :ref:`access to the team ` can be open or restricted.
+A team is a digital :doc:`workspace ` where you and your teammates can collaborate in Mattermost. Depending on how Mattermost is :ref:`set up ` in your organization, you can belong to one team or multiple teams, and :ref:`access to the team ` can be open or restricted.
Users with the **Create Teams** permission can `create new teams <#create-a-team>`__ and :doc:`manage team settings ` for existing teams. System admins can grant the **Create Team** permission to roles via the :ref:`System scheme ` or the :ref:`Team override scheme `.
diff --git a/source/end-user-guide/collaborate/react-with-emojis-gifs.rst b/source/end-user-guide/collaborate/react-with-emojis-gifs.rst
index 16bc3fa529f..f1058f1cd9f 100644
--- a/source/end-user-guide/collaborate/react-with-emojis-gifs.rst
+++ b/source/end-user-guide/collaborate/react-with-emojis-gifs.rst
@@ -66,7 +66,7 @@ Select the **Skin tone** icon in the top right corner of the emoji picker to spe
Upload custom emojis
--------------------
-Using Mattermost in a web browser or the desktop app, you can upload new emojis that everyone in your Mattermost :doc:`workspace ` can access to react to messages, unless your system admin has :ref:`disabled your ability to do so `.
+Using Mattermost in a web browser or the desktop app, you can upload new emojis that everyone in your Mattermost :doc:`workspace ` can access to react to messages, unless your system admin has :ref:`disabled your ability to do so `.
1. From the emoji picker, select **Custom Emoji**.
diff --git a/source/end-user-guide/collaborate/rename-channels.rst b/source/end-user-guide/collaborate/rename-channels.rst
index 81f4a4fc25f..1301420d39e 100644
--- a/source/end-user-guide/collaborate/rename-channels.rst
+++ b/source/end-user-guide/collaborate/rename-channels.rst
@@ -13,7 +13,7 @@ Anyone can rename the channels they belong to, unless the system admin has :doc:
- **Channel name:** The channel name that displays in the Mattermost user interface for all users. Enter a different channel name if needed or preferred.
- **Channel URL:** The web URL used to access the channel in a web browser. Select **Edit** to change the URL, and select **Done** to save your changes.
- If your system admin has enabled :ref:`channel category sorting `, you can assign the renamed channel to a new or existing channel category.
+ If your system admin has enabled :ref:`channel category sorting `, you can assign the renamed channel to a new or existing channel category.
For example, a channel could be named ``UX Design`` and have a URL of ``https://community.mattermost.com/core/channels/ux-design``.
diff --git a/source/end-user-guide/collaborate/search-for-messages.rst b/source/end-user-guide/collaborate/search-for-messages.rst
index dfbc21678c4..b2c6130e772 100644
--- a/source/end-user-guide/collaborate/search-for-messages.rst
+++ b/source/end-user-guide/collaborate/search-for-messages.rst
@@ -91,9 +91,9 @@ File contents that match on file name, or contain matching text content within s
System admins can extend file content search support for self-hosted deployments to include:
- - :ref:`files shared before upgrading to Mattermost Server v5.35 `.
- - :ref:`DOC and RTF file formats `.
- - :ref:`documents within ZIP files `.
+ - :ref:`files shared before upgrading to Mattermost Server v5.35 `.
+ - :ref:`DOC and RTF file formats `.
+ - :ref:`documents within ZIP files `.
Filter results by file type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~
diff --git a/source/end-user-guide/collaborate/send-messages.rst b/source/end-user-guide/collaborate/send-messages.rst
index 7a51f3683e5..b881581712e 100644
--- a/source/end-user-guide/collaborate/send-messages.rst
+++ b/source/end-user-guide/collaborate/send-messages.rst
@@ -36,7 +36,7 @@ Mattermost may notify you when a recipient's availability is set to :ref:`Do Not
Draft messages
--------------
-From Mattermost v7.7, when composing new messages, it's easy to return to a message in progress later, unless your system admin has :ref:`disabled global drafts ` in the System Console.
+From Mattermost v7.7, when composing new messages, it's easy to return to a message in progress later, unless your system admin has :ref:`disabled global drafts ` in the System Console.
By default, message drafts are synchronized on the Mattermost server and are accessible everywhere you access Mattermost, including a web browser or the desktop app. Limit drafts to your current Mattermost client only by going to **Settings > Advanced > Allow message drafts to sync with the server** to disable draft synchronization.
diff --git a/source/end-user-guide/collaborate/share-files-in-messages.rst b/source/end-user-guide/collaborate/share-files-in-messages.rst
index 97189b5cacc..4b46b3d48bb 100644
--- a/source/end-user-guide/collaborate/share-files-in-messages.rst
+++ b/source/end-user-guide/collaborate/share-files-in-messages.rst
@@ -79,9 +79,9 @@ With file attachments, you can share additional information that helps your team
Attachment limits and sizes
---------------------------
-Up to 10 files can be attached per post. The default maximum file size is 100 MB, but this can be changed by the system admin. See our :ref:`Configuration Settings ` product documentation for details.
+Up to 10 files can be attached per post. The default maximum file size is 100 MB, but this can be changed by the system admin. See our :ref:`Configuration Settings ` product documentation for details.
-Image files can be a maximum size of 7680 pixels x 4320 pixels, with a maximum image resolution of 33 MP (mega pixels) or 8K resolution, and a maximum raw image file size of approximately 253 MB. System admins can customize the maximum image resolution size within the ``config.json`` file. See our :ref:`Configuration Settings ` product documentation for details.
+Image files can be a maximum size of 7680 pixels x 4320 pixels, with a maximum image resolution of 33 MP (mega pixels) or 8K resolution, and a maximum raw image file size of approximately 253 MB. System admins can customize the maximum image resolution size within the ``config.json`` file. See our :ref:`Configuration Settings ` product documentation for details.
Preview file attachments
------------------------
diff --git a/source/end-user-guide/collaborate/share-links.rst b/source/end-user-guide/collaborate/share-links.rst
index bd9c8f6d160..f6a3f03267f 100644
--- a/source/end-user-guide/collaborate/share-links.rst
+++ b/source/end-user-guide/collaborate/share-links.rst
@@ -49,7 +49,7 @@ Share message links
.. note::
- Message previews respect channel membership permissions, so they’re only visible to users who have access to the original message. If the link is to a message in a public channel, any member of the team can see the message preview. If the link is to a message in a private channel or direct message, only members in that channel can see the message preview.
- - If you're unable to share links, contact your Mattermost system admin for assistance. An :doc:`SSL certificate (or a self-signed certificate) ` may be required for this functionality to work.
+ - If you're unable to share links, contact your Mattermost system admin for assistance. An :doc:`SSL certificate (or a self-signed certificate) ` may be required for this functionality to work.
Deep links
-----------
diff --git a/source/end-user-guide/collaborate/team-settings.rst b/source/end-user-guide/collaborate/team-settings.rst
index 94606877a4c..27411439dcc 100644
--- a/source/end-user-guide/collaborate/team-settings.rst
+++ b/source/end-user-guide/collaborate/team-settings.rst
@@ -72,7 +72,7 @@ When enabled, only users that have an email domain from the approved domain list
.. important::
- Mattermost deployments using :ref:`email authentication ` must also enable the :ref:`require email verification configuration setting ` for domain restrictions to be effective.
+ Mattermost deployments using :ref:`email authentication ` must also enable the :ref:`require email verification configuration setting ` for domain restrictions to be effective.
Users on this server
~~~~~~~~~~~~~~~~~~~~~
diff --git a/source/end-user-guide/collaborate/view-system-information.rst b/source/end-user-guide/collaborate/view-system-information.rst
index 5857a9dc882..ea9e16fdbc9 100644
--- a/source/end-user-guide/collaborate/view-system-information.rst
+++ b/source/end-user-guide/collaborate/view-system-information.rst
@@ -25,4 +25,4 @@ The About dialog displays key information about your Mattermost instance, includ
- **Database Schema Version**: The version of the database schema in use
- **License**: Information about your Mattermost license (if applicable)
- **Build Information**: Details about the server build
-- **Load Metric**: Monthly active users relative to licensed users (:ref:`learn more `)
\ No newline at end of file
+- **Load Metric**: Monthly active users relative to licensed users (:ref:`learn more `)
\ No newline at end of file
diff --git a/source/end-user-guide/preferences/customize-your-channel-sidebar.rst b/source/end-user-guide/preferences/customize-your-channel-sidebar.rst
index 802bf086bcd..44c218215d9 100644
--- a/source/end-user-guide/preferences/customize-your-channel-sidebar.rst
+++ b/source/end-user-guide/preferences/customize-your-channel-sidebar.rst
@@ -36,7 +36,7 @@ Create custom categories to group channels together for quicker and easier navig
To create categories, select the **+** symbol at the top of the sidebar. Or, select the **More options** |more-icon| icon in the sidebar on any category header, then select **Create New Category**.
.. note::
- If your system admin has enabled :ref:`channel category sorting `, you can assign channels to new or existing channel categories when :doc:`creating channels ` and :doc:`renaming channels `.
+ If your system admin has enabled :ref:`channel category sorting `, you can assign channels to new or existing channel categories when :doc:`creating channels ` and :doc:`renaming channels `.
Next, type a category name, select **Create**, then drag any channels or direct messages into this new category. You can also multi-select channels and direct messages to drag them together as a group by pressing :kbd:`Ctrl` or :kbd:`Shift` and selecting on Windows or Linux, or :kbd:`⌘` or :kbd:`⇧` and selecting on Mac. See the section `drag and drop selections <#drag-and-drop-selections>`__ below for details.
diff --git a/source/end-user-guide/preferences/manage-advanced-options.rst b/source/end-user-guide/preferences/manage-advanced-options.rst
index ee10f9398ac..3175db6c7de 100644
--- a/source/end-user-guide/preferences/manage-advanced-options.rst
+++ b/source/end-user-guide/preferences/manage-advanced-options.rst
@@ -56,7 +56,7 @@ By default, Mattermost shows you system messages when users join or leave channe
Deactivate account
------------------
-You can deactivate your account if you access Mattermost using an email address and password, and when your system admin has :ref:`enabled your ability to do so `. Deactivating your account removes your ability to access Mattermost, and disables all email and mobile notifications.
+You can deactivate your account if you access Mattermost using an email address and password, and when your system admin has :ref:`enabled your ability to do so `. Deactivating your account removes your ability to access Mattermost, and disables all email and mobile notifications.
.. important::
@@ -74,7 +74,7 @@ You can deactivate your account if you access Mattermost using an email address
Delete account
--------------
-From Mattermost v10.11, you can permanently delete your account if you access Mattermost using an email address and password, and when your system admin has :ref:`enabled your ability to do so `. Deleting your account permanently removes your user account and profile information from Mattermost. This action cannot be undone.
+From Mattermost v10.11, you can permanently delete your account if you access Mattermost using an email address and password, and when your system admin has :ref:`enabled your ability to do so `. Deleting your account permanently removes your user account and profile information from Mattermost. This action cannot be undone.
.. important::
@@ -94,7 +94,7 @@ From Mattermost v10.11, you can permanently delete your account if you access Ma
Performance debugging
---------------------
-You can disable key Mattermost features temporarily to help isolate issues while debugging Mattermost, if your system admin :ref:`enables your ability to do so `. We don't recommend leaving these settings enabled for an extended period of time as they can negatively impact your user experience.
+You can disable key Mattermost features temporarily to help isolate issues while debugging Mattermost, if your system admin :ref:`enables your ability to do so `. We don't recommend leaving these settings enabled for an extended period of time as they can negatively impact your user experience.
.. tab:: Web/Desktop
diff --git a/source/end-user-guide/preferences/manage-your-desktop-notifications.rst b/source/end-user-guide/preferences/manage-your-desktop-notifications.rst
index bbd1bec3e18..240ef937d6d 100644
--- a/source/end-user-guide/preferences/manage-your-desktop-notifications.rst
+++ b/source/end-user-guide/preferences/manage-your-desktop-notifications.rst
@@ -66,7 +66,7 @@ You can change or disable notification sounds by going to **Desktop notification
Incoming Call notifications
~~~~~~~~~~~~~~~~~~~~~~~~~~~
-Want to hear a sound when a Mattermost call starts? If your Mattermost admin :ref:`enables this Beta feature `, you can choose the sound that plays when a call is started within a direct or group message by going to **Desktop notification sounds > Incoming call sound**.
+Want to hear a sound when a Mattermost call starts? If your Mattermost admin :ref:`enables this Beta feature `, you can choose the sound that plays when a call is started within a direct or group message by going to **Desktop notification sounds > Incoming call sound**.
Disable all desktop notifications
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
diff --git a/source/end-user-guide/preferences/manage-your-display-options.rst b/source/end-user-guide/preferences/manage-your-display-options.rst
index f8be96db59f..5d4d6bc5bc4 100644
--- a/source/end-user-guide/preferences/manage-your-display-options.rst
+++ b/source/end-user-guide/preferences/manage-your-display-options.rst
@@ -33,7 +33,7 @@ Threaded discussions
Threaded discussions offers an enhanced experience for users communicating in threads and replying to messages. Threaded discussions are generally available in Mattermost Cloud and from self-hosted Mattermost v7.0, and are enabled by default for all new Mattermost deployments.
-Depending on how your system admin has :ref:`configured threaded discussions ` for your :doc:`workspace `, it may already be enabled for you, or you may be able to enable this feature for your account. See our :doc:`organize conversations using threaded discussions ` documentation to learn more about working with threaded discussions.
+Depending on how your system admin has :ref:`configured threaded discussions ` for your :doc:`workspace `, it may already be enabled for you, or you may be able to enable this feature for your account. See our :doc:`organize conversations using threaded discussions ` documentation to learn more about working with threaded discussions.
.. tab:: Web/Desktop
@@ -59,7 +59,7 @@ You can customize how time is displayed in Mattermost.
Teammate name display
---------------------
-You can customize how names are displayed in Mattermost unless your system admin has :ref:`disabled your ability to do so `.
+You can customize how names are displayed in Mattermost unless your system admin has :ref:`disabled your ability to do so `.
.. tab:: Web/Desktop
@@ -85,7 +85,7 @@ You can show or hide :ref:`availability `.
+By default, Mattermost shows when you were last online in your profile and in direct message channel headers, unless your system admin has :ref:`disabled this option `.
.. tab:: Web/Desktop
@@ -117,7 +117,7 @@ You can control whether website link previews in Mattermost show a preview of th
.. note::
- Your system admin must :ref:`enable this feature `. It's disabled by default. Once enabled, only the first web link in a message creates a preview of the website.
+ Your system admin must :ref:`enable this feature `. It's disabled by default. Once enabled, only the first web link in a message creates a preview of the website.
.. tab:: Web/Desktop
diff --git a/source/end-user-guide/preferences/manage-your-mobile-notifications.rst b/source/end-user-guide/preferences/manage-your-mobile-notifications.rst
index c3c22eccd2b..318ea6687ba 100644
--- a/source/end-user-guide/preferences/manage-your-mobile-notifications.rst
+++ b/source/end-user-guide/preferences/manage-your-mobile-notifications.rst
@@ -66,7 +66,7 @@ You can manage your mobile notifications in both the desktop app and the mobile
Incoming Call notifications
~~~~~~~~~~~~~~~~~~~~~~~~~~~
-Want to hear a sound on your mobile device when a Mattermost call starts? If your Mattermost admin :ref:`enables this Beta feature `, select **Call Notifications** to choose the sound that plays when a call is started within a direct or group message you're participating in.
+Want to hear a sound on your mobile device when a Mattermost call starts? If your Mattermost admin :ref:`enables this Beta feature `, select **Call Notifications** to choose the sound that plays when a call is started within a direct or group message you're participating in.
.. tip::
diff --git a/source/end-user-guide/preferences/manage-your-notifications.rst b/source/end-user-guide/preferences/manage-your-notifications.rst
index d699d139e67..2101f5580a1 100644
--- a/source/end-user-guide/preferences/manage-your-notifications.rst
+++ b/source/end-user-guide/preferences/manage-your-notifications.rst
@@ -82,11 +82,11 @@ The table below lists the types of notifications you can expect to see and hear
Email notifications
~~~~~~~~~~~~~~~~~~~~
-When your admin :ref:`enables email notifications `, Mattermost notifications are sent to you via email for :doc:`@mentions ` and :ref:`direct messages ` as soon as you're away from Mattermost for 5 minutes.
+When your admin :ref:`enables email notifications `, Mattermost notifications are sent to you via email for :doc:`@mentions ` and :ref:`direct messages ` as soon as you're away from Mattermost for 5 minutes.
You can also opt in to be notified by email about thread replies you're following.
-Additionally, if your admin :ref:`enables email batching `, email-based notifications are batched, and you can customize how frequenly you receive batched notifications by going to **Settings > Notifications > Email notifications**. The default frequency is 15 minutes. Choosing every 15 minutes or every hour will reduce the number of emails you receive.
+Additionally, if your admin :ref:`enables email batching `, email-based notifications are batched, and you can customize how frequenly you receive batched notifications by going to **Settings > Notifications > Email notifications**. The default frequency is 15 minutes. Choosing every 15 minutes or every hour will reduce the number of emails you receive.
Disable email notifications by going to **Settings > Notifications > Email notifications** and changing **On** to **Off**.
diff --git a/source/end-user-guide/preferences/manage-your-profile.rst b/source/end-user-guide/preferences/manage-your-profile.rst
index 38d65fc239d..97ad0a9a5f6 100644
--- a/source/end-user-guide/preferences/manage-your-profile.rst
+++ b/source/end-user-guide/preferences/manage-your-profile.rst
@@ -6,7 +6,7 @@ Manage your Mattermost profile
Select your profile picture and select **Profile** to manage the details of your Mattermost profile, including your name, username, nickname, email, and profile picture.
-Your Mattermost system admin may :doc:`define custom user profile fields ` that you can personalize. Additionally, some of your profile information may be pulled from another source, which means you won't be able to modify it in Mattermost. Contact your Mattermost system admin for assistance.
+Your Mattermost system admin may :doc:`define custom user profile fields ` that you can personalize. Additionally, some of your profile information may be pulled from another source, which means you won't be able to modify it in Mattermost. Contact your Mattermost system admin for assistance.
+---------------------+----------------------------------------------------------------------------------------------------------------+
| **Profile setting** | **Description** |
diff --git a/source/end-user-guide/preferences/manage-your-security-preferences.rst b/source/end-user-guide/preferences/manage-your-security-preferences.rst
index 77b47487776..cacccc5a631 100644
--- a/source/end-user-guide/preferences/manage-your-security-preferences.rst
+++ b/source/end-user-guide/preferences/manage-your-security-preferences.rst
@@ -18,7 +18,7 @@ Select your profile picture, select **Profile**, and then select **Security** to
| | your SSO service account. |
+----------------------+------------------------------------------------------------------------------------------------------------+
| Multi-factor | If your system admin has enabled :ref:`multi-factor authentication |
-| authentication (MFA) | ` |
+| authentication (MFA) | ` |
| | (MFA), you can require a passcode in addition to your password to log-in to your Mattermost account. |
| | |
| | You'll need to download a MFA passcode generation app, such as Google Authenticator or a similar app, |
diff --git a/source/end-user-guide/preferences/manage-your-sidebar-options.rst b/source/end-user-guide/preferences/manage-your-sidebar-options.rst
index 9fcbc09f35e..d7fc7927b2d 100644
--- a/source/end-user-guide/preferences/manage-your-sidebar-options.rst
+++ b/source/end-user-guide/preferences/manage-your-sidebar-options.rst
@@ -17,7 +17,7 @@ Your channel sidebar includes :doc:`enhanced sidebar features `.
+You can control whether unread channels are grouped together separately in the channel sidebar, unless your system admin has :ref:`disabled your ability to do so `.
Select **Sidebar Settings > Group unread channels separately > Edit** to group unread channels at the top of the channel sidebar in an **Unreads** category.
diff --git a/source/end-user-guide/preferences/manage-your-thread-reply-notifications.rst b/source/end-user-guide/preferences/manage-your-thread-reply-notifications.rst
index ba2d7d86596..cc9dbac416b 100644
--- a/source/end-user-guide/preferences/manage-your-thread-reply-notifications.rst
+++ b/source/end-user-guide/preferences/manage-your-thread-reply-notifications.rst
@@ -35,7 +35,7 @@ If your organization doesn't use threaded discussions, or you have :ref:`opted o
Send automatic replies to direct messages
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-Want to automatically reply to direct messages when you're out of office? When your system admin :ref:`enables the ability for you to do so `, you can configure Mattermost to send custom replies to direct messages by going to **Settings > Notifications > Automatic Direct Message Replies**, selecting **Enable**, and composing your automatic reply message.
+Want to automatically reply to direct messages when you're out of office? When your system admin :ref:`enables the ability for you to do so `, you can configure Mattermost to send custom replies to direct messages by going to **Settings > Notifications > Automatic Direct Message Replies**, selecting **Enable**, and composing your automatic reply message.
Frequently asked questions
--------------------------
diff --git a/source/end-user-guide/preferences/manage-your-web-notifications.rst b/source/end-user-guide/preferences/manage-your-web-notifications.rst
index df68c12c6e2..ce8f795757b 100644
--- a/source/end-user-guide/preferences/manage-your-web-notifications.rst
+++ b/source/end-user-guide/preferences/manage-your-web-notifications.rst
@@ -62,7 +62,7 @@ You can change or disable notification sounds by going to **Desktop notification
Incoming Call notifications
~~~~~~~~~~~~~~~~~~~~~~~~~~~
-Want to hear a sound when a Mattermost call starts? If your Mattermost admin :ref:`enables this Beta feature `, you can choose the sound that plays when a call is started within a direct or group message by going to **Desktop notification sounds > Incoming call sound**.
+Want to hear a sound when a Mattermost call starts? If your Mattermost admin :ref:`enables this Beta feature `, you can choose the sound that plays when a call is started within a direct or group message by going to **Desktop notification sounds > Incoming call sound**.
Disable all web notifications
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
diff --git a/source/end-user-guide/preferences/set-your-status-availability.rst b/source/end-user-guide/preferences/set-your-status-availability.rst
index 21480e497a2..6766e1700d4 100644
--- a/source/end-user-guide/preferences/set-your-status-availability.rst
+++ b/source/end-user-guide/preferences/set-your-status-availability.rst
@@ -55,7 +55,7 @@ To set your availability, select your profile picture, then specify your availab
| | |
| | - Set automatically for you when you've been inactive for more than 5 minutes. System admins can change this |
| | value using an experimental configuation setting called |
-| | :ref:`user status away timeout `. |
+| | :ref:`user status away timeout `. |
| | |
| | - You're inactive in Mattermost when you're not: typing in or navigating between channels, switching to |
| | another browser tab, or when you've minimized or moved the browser window to the background. |
diff --git a/source/end-user-guide/preferences/troubleshoot-notifications.rst b/source/end-user-guide/preferences/troubleshoot-notifications.rst
index eebbf35e069..b14ab51f40a 100644
--- a/source/end-user-guide/preferences/troubleshoot-notifications.rst
+++ b/source/end-user-guide/preferences/troubleshoot-notifications.rst
@@ -207,6 +207,6 @@ TPNS, hosted at `https://push-test.mattermost.com `_, which enables you to use a production-level Hosted Push Notification Service (HPNS) at ``https://push.mattermost.com``.
-Learn more about :ref:`our push notification service `.
+Learn more about :ref:`our push notification service `.
`Book a live demo `_ or `talk to a Mattermost expert `_ to explore tailored solutions for your organization's secure collaboration needs. Or try Mattermost yourself with a `1-hour preview `_ for instant access to a live sandbox environment.
\ No newline at end of file
diff --git a/source/end-user-guide/project-task-management.rst b/source/end-user-guide/project-task-management.rst
index e0ee5f92863..1480e628c22 100644
--- a/source/end-user-guide/project-task-management.rst
+++ b/source/end-user-guide/project-task-management.rst
@@ -31,7 +31,7 @@ With Boards you can:
Install Boards
---------------
-Your system admin may need to install and enable Mattermost Boards before you can use it. See the :doc:`install Mattermost Boards ` documentation to learn how to install and configure the Boards plugin for your Mattermost instance.
+Your system admin may need to install and enable Mattermost Boards before you can use it. See the :doc:`install Mattermost Boards ` documentation to learn how to install and configure the Boards plugin for your Mattermost instance.
What's a board?
---------------
diff --git a/source/end-user-guide/workflow-automation/metrics-and-goals.rst b/source/end-user-guide/workflow-automation/metrics-and-goals.rst
index 4cc527a38f8..1132cb2fb5b 100644
--- a/source/end-user-guide/workflow-automation/metrics-and-goals.rst
+++ b/source/end-user-guide/workflow-automation/metrics-and-goals.rst
@@ -57,4 +57,4 @@ Export channel data
.. include:: ../../_static/badges/ent-only.rst
:start-after: :nosearch:
-See the :doc:`export channel data ` documentation for details on working with channel export functionality.
\ No newline at end of file
+See the :doc:`export channel data ` documentation for details on working with channel export functionality.
\ No newline at end of file
diff --git a/source/end-user-guide/workflow-automation/share-and-collaborate.rst b/source/end-user-guide/workflow-automation/share-and-collaborate.rst
index e9b60d9d9e0..a73c6b7abed 100644
--- a/source/end-user-guide/workflow-automation/share-and-collaborate.rst
+++ b/source/end-user-guide/workflow-automation/share-and-collaborate.rst
@@ -105,4 +105,4 @@ Export channel data
.. include:: ../../_static/badges/ent-only.rst
:start-after: :nosearch:
-See the :doc:`export channel data ` documentation for details on working with channel export functionality.
\ No newline at end of file
+See the :doc:`export channel data ` documentation for details on working with channel export functionality.
\ No newline at end of file
diff --git a/source/end-user-guide/workflow-automation/work-with-runs.rst b/source/end-user-guide/workflow-automation/work-with-runs.rst
index e7ac71f1609..35c312fa935 100644
--- a/source/end-user-guide/workflow-automation/work-with-runs.rst
+++ b/source/end-user-guide/workflow-automation/work-with-runs.rst
@@ -37,8 +37,8 @@ If you decide to run a playbook in a new channel, you can do this when you start
.. tip::
- When deciding whether to reuse a channel for multiple runs, or create new channels for each playbook run, multiple runs in a single channel can help avoid too many channels being created, which can lead to channel overload.
- - Playbook run channels aren't automatically archived when runs are marked as complete; however, you can :ref:`archive channels ` you no longer need, and system admins can :ref:`allow user access to archived channels ` if needed. See the :ref:`multiple runs in a channel ` documentation for additional considerations.
- - In contrast, using a dedicated channel for each playbook run can be helpful particularly in cases where strict :doc:`compliance ` and :doc:`channel data export ` is required.
+ - Playbook run channels aren't automatically archived when runs are marked as complete; however, you can :ref:`archive channels ` you no longer need, and system admins can :ref:`allow user access to archived channels ` if needed. See the :ref:`multiple runs in a channel ` documentation for additional considerations.
+ - In contrast, using a dedicated channel for each playbook run can be helpful particularly in cases where strict :doc:`compliance ` and :doc:`channel data export ` is required.
Send outgoing webhooks
----------------------
diff --git a/source/integrations-guide/github.rst b/source/integrations-guide/github.rst
index 83ef6cda2d6..dc76b3a960f 100644
--- a/source/integrations-guide/github.rst
+++ b/source/integrations-guide/github.rst
@@ -74,8 +74,8 @@ A Mattermost system admin must perform the following steps in Mattermost.
1. Confirm whether your Mattermost deployment has a ``github`` user account. If it exists, that account posts GitHub messages in channels by default, and the messages won't include a BOT tag. You can change this account behavior to include a BOT tag by using one of the following methods:
- - Convert the user account to a bot using :ref:`mmctl user convert `.
- - Change the existing ``github`` username to something else. A new bot account called ``github`` is created the Mattermost server is restarted when the :ref:`enable bot account creation ` configuration setting is enabled.
+ - Convert the user account to a bot using :ref:`mmctl user convert `.
+ - Change the existing ``github`` username to something else. A new bot account called ``github`` is created the Mattermost server is restarted when the :ref:`enable bot account creation ` configuration setting is enabled.
2. Install the GitHub integration from the in-product App Marketplace:
diff --git a/source/integrations-guide/incoming-webhooks.rst b/source/integrations-guide/incoming-webhooks.rst
index 4c95d3b9ccd..3bed970c4e6 100644
--- a/source/integrations-guide/incoming-webhooks.rst
+++ b/source/integrations-guide/incoming-webhooks.rst
@@ -94,13 +94,13 @@ The JSON payload can contain the following parameters:
- Overrides the default channel. Use the channel's name (e.g., ``town-square``), not the display name. Use ``@`` to send a Direct Message. The webhook can post to any public channel, and any private channel the creator is a member of.
* - ``username``
- No
- - Overrides the default username. The :ref:`Enable integrations to override usernames ` setting must be enabled.
+ - Overrides the default username. The :ref:`Enable integrations to override usernames ` setting must be enabled.
* - ``icon_url``
- No
- - Overrides the default profile picture URL. The :ref:`Enable integrations to override profile picture icons ` setting must be enabled.
+ - Overrides the default profile picture URL. The :ref:`Enable integrations to override profile picture icons ` setting must be enabled.
* - ``icon_emoji``
- No
- - Overrides the ``icon_url`` with an emoji. Use the emoji name (e.g., ``:tada:``). The :ref:`Enable integrations to override profile picture icons ` setting must be enabled.
+ - Overrides the ``icon_url`` with an emoji. Use the emoji name (e.g., ``:tada:``). The :ref:`Enable integrations to override profile picture icons ` setting must be enabled.
* - ``attachments``
- Yes (if ``text`` is not set)
- An array of `message attachment `_ objects for richer formatting.
diff --git a/source/integrations-guide/jira.rst b/source/integrations-guide/jira.rst
index ef3b4c77f5d..317207d8223 100644
--- a/source/integrations-guide/jira.rst
+++ b/source/integrations-guide/jira.rst
@@ -225,7 +225,7 @@ Why isn't the Jira integration posting messages to Mattermost?
Try the following troubleshooting steps:
-1. Confirm that your :ref:`Mattermost Site URL ` is configured, and that the webhook created in Jira is pointing to this URL. To ensure the URL is correct, run the ``/jira webhook`` slash command, then copy the output and paste it into Jira's webhook setup page.
+1. Confirm that your :ref:`Mattermost Site URL ` is configured, and that the webhook created in Jira is pointing to this URL. To ensure the URL is correct, run the ``/jira webhook`` slash command, then copy the output and paste it into Jira's webhook setup page.
2. If you specified a JQL query in your Jira webhook setup, paste the JQL to Jira issue search and make sure it returns results. If it doesn't, the query may be incorrect. Refer to the `Atlassian documentation `__ for help. A JQL query isn't required when setting up the webhook.
@@ -263,7 +263,7 @@ Users will need to temporarily enable third-party cookies in their browser durin
What does the error message ``'/(name)' not found`` mean?
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-If you see the error ``'/(name)' not found`` in Mattermost, disable the Jira integration, check the log file looking for messages that refer to plugins and health check fail, such as ``ExecuteCommand``, etc. And consider :ref:`enabling debug logging ` to log more verbose error events in the Mattermost system log. Then try re-enabling Jira interoperability and review the log file for clues.
+If you see the error ``'/(name)' not found`` in Mattermost, disable the Jira integration, check the log file looking for messages that refer to plugins and health check fail, such as ``ExecuteCommand``, etc. And consider :ref:`enabling debug logging ` to log more verbose error events in the Mattermost system log. Then try re-enabling Jira interoperability and review the log file for clues.
Debug logging can cause log files to expand substantially, and may adversely impact the server performance. Keep an eye on your server logs, or only enable it temporarily or in development environments, and not production enviornments.
diff --git a/source/integrations-guide/mattermost-mission-collaboration-for-m365.rst b/source/integrations-guide/mattermost-mission-collaboration-for-m365.rst
index 30ffaf85279..7023044da5a 100644
--- a/source/integrations-guide/mattermost-mission-collaboration-for-m365.rst
+++ b/source/integrations-guide/mattermost-mission-collaboration-for-m365.rst
@@ -6,7 +6,7 @@ Connect Microsoft 365, Teams, and Outlook with Mattermost
Mattermost Mission Collaboration for Microsoft extends Microsoft for mission-critical coordination, command and control, incident response, and DevSecOps workflows in demanding environments, including air-gapped and classified networks by embedding Mattermost inside Teams. Use data-sovereign tools like secure chat, Playbooks, and Calls directly within M365, Teams, and Outlook.
-This app is designed to work with Microsoft 365, Teams, and Outlook and is currently in :ref:`Beta `. From Mattermost v10.9, this integration supports third-party Single Sign-On (SSO). See the :doc:`user provisioning ` product documentation for details on setting up SSO.
+This app is designed to work with Microsoft 365, Teams, and Outlook and is currently in :ref:`Beta `. From Mattermost v10.9, this integration supports third-party Single Sign-On (SSO). See the :doc:`user provisioning ` product documentation for details on setting up SSO.
Deploy
-------
diff --git a/source/integrations-guide/microsoft-calendar.rst b/source/integrations-guide/microsoft-calendar.rst
index f0db78731d7..253c822e8a0 100644
--- a/source/integrations-guide/microsoft-calendar.rst
+++ b/source/integrations-guide/microsoft-calendar.rst
@@ -101,7 +101,7 @@ Enable and configure the Microsoft Calendar Integration in Mattermost
4. In Mattermost, enter the following values in the fields provided. Select **Save** to apply the configuration:
- - **Admin User IDs** - A comma-separated list of :ref:`user IDs ` for authorized users who can manage this integration.
+ - **Admin User IDs** - A comma-separated list of :ref:`user IDs ` for authorized users who can manage this integration.
- **Copy plugin logs to admins, as bot messages** - Select the log level for logs.
- **Display full context for each admin log message** - Show or hide full context for all log entries.
- **Azure - Directory (tenant) ID** - Paste the **Directory (tenant) ID** from the Azure portal.
diff --git a/source/integrations-guide/microsoft-teams-sync.rst b/source/integrations-guide/microsoft-teams-sync.rst
index 0ef1ed5be53..da9e1ad75e3 100644
--- a/source/integrations-guide/microsoft-teams-sync.rst
+++ b/source/integrations-guide/microsoft-teams-sync.rst
@@ -100,7 +100,7 @@ Install and configure the Microsoft Teams integration in Mattermost
4. Once installed, select **Configure**. You're taken to the System Console.
5. Configure the **Tenant ID**, **Client ID**, and **Client Secret** with the values obtained from setting up the OAuth App in Azure above.
-See the :ref:`Microsoft Teams plugin configuration settings ` documentation for additional configuration options.
+See the :ref:`Microsoft Teams plugin configuration settings ` documentation for additional configuration options.
.. note::
@@ -110,7 +110,7 @@ See the :ref:`Microsoft Teams plugin configuration settings ` and :doc:`performance alerting ` for this plugin using Prometheus and Grafana.
+You can set up :doc:`performance monitoring ` and :doc:`performance alerting ` for this plugin using Prometheus and Grafana.
- Monitoring enables you to proactively review the overall health of the plugin, including database calls, HTTP requests, and API latency.
- Alerting enables you to detect and take action as issues come up, such as the integration being offline.
diff --git a/source/integrations-guide/outgoing-webhooks.rst b/source/integrations-guide/outgoing-webhooks.rst
index de5ff046c16..bc498d876ad 100644
--- a/source/integrations-guide/outgoing-webhooks.rst
+++ b/source/integrations-guide/outgoing-webhooks.rst
@@ -123,9 +123,9 @@ The JSON response can contain the following parameters:
* - ``response_type``
- Set to ``comment`` to reply to the message that triggered the webhook. Defaults to ``post``, which creates a new message.
* - ``username``
- - Overrides the default username. Requires :ref:`Enable integrations to override usernames ` to be enabled.
+ - Overrides the default username. Requires :ref:`Enable integrations to override usernames ` to be enabled.
* - ``icon_url``
- - Overrides the default profile picture. Requires :ref:`Enable integrations to override profile picture icons ` to be enabled.
+ - Overrides the default profile picture. Requires :ref:`Enable integrations to override profile picture icons ` to be enabled.
* - ``attachments``
- (Required if ``text`` is not set) An array of `message attachment `_ objects.
* - ``type``
diff --git a/source/integrations-guide/popular-integrations.rst b/source/integrations-guide/popular-integrations.rst
index 84bdcdfb233..4e910f77bc1 100644
--- a/source/integrations-guide/popular-integrations.rst
+++ b/source/integrations-guide/popular-integrations.rst
@@ -11,9 +11,9 @@ Popular Pre-Built Integrations
Jira
ServiceNow
Zoom
- Mattermost Channel Export
- Mattermost Metrics
- Mattermost User Survey
+ Mattermost Channel Export
+ Mattermost Metrics
+ Mattermost User Survey
Mattermost Embedded for M365, Teams, and Outlook
Microsoft Calendar
Microsoft Teams Sync
@@ -30,21 +30,21 @@ Designed for teams that need reliability, auditability, and ownership of their c
+------------------------------------------------------------------------------------------------+-------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------+
| **Mattermost Integration** | **How to Get It** | **What It Does** |
+================================================================================================+===================================================================+============================================================================================================+
-| :doc:`Mattermost Agents ` | **System Console > Plugins > Plugin Management** | Runs small automated tasks inside Mattermost, like summarizing converations, or answering questions. |
+| :doc:`Mattermost Agents ` | **System Console > Plugins > Plugin Management** | Runs small automated tasks inside Mattermost, like summarizing converations, or answering questions. |
+------------------------------------------------------------------------------------------------+-------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------+
| :doc:`Mattermost Boards ` | `Mattermost Marketplace `_ | Helps teams plan and track project tasks with cards and boards. |
+------------------------------------------------------------------------------------------------+-------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------+
-| :doc:`Mattermost Calls ` | **System Console > Plugins > Plugin Management** | Lets people collaborate by voice or video inside Mattermost. |
+| :doc:`Mattermost Calls ` | **System Console > Plugins > Plugin Management** | Lets people collaborate by voice or video inside Mattermost. |
+------------------------------------------------------------------------------------------------+-------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------+
-| :doc:`Mattermost Channel Export ` | |product-list| > **App Marketplace** | Exports channel history and data for compliance purposes. |
+| :doc:`Mattermost Channel Export ` | |product-list| > **App Marketplace** | Exports channel history and data for compliance purposes. |
+------------------------------------------------------------------------------------------------+-------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------+
-| :doc:`Mattermost Legal Hold ` | `Mattermost Marketplace `_ | Keeps a copy of messages and files so they cannot be deleted for legal or compliance needs. |
+| :doc:`Mattermost Legal Hold ` | `Mattermost Marketplace `_ | Keeps a copy of messages and files so they cannot be deleted for legal or compliance needs. |
+------------------------------------------------------------------------------------------------+-------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------+
-| :doc:`Mattermost Metrics ` | |product-list| > **App Marketplace** | Shows numbers about system performance when people use Mattermost. |
+| :doc:`Mattermost Metrics ` | |product-list| > **App Marketplace** | Shows numbers about system performance when people use Mattermost. |
+------------------------------------------------------------------------------------------------+-------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------+
| :doc:`Mattermost Playbooks ` | **System Console > Plugins > Plugin Management** | Guides teams through repeatable steps for important work, like incident response. |
+------------------------------------------------------------------------------------------------+-------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------+
-| :doc:`Mattermost User Survey ` | |product-list| > **App Marketplace** | Collects feedback by asking questions directly in Mattermost channels. |
+| :doc:`Mattermost User Survey ` | |product-list| > **App Marketplace** | Collects feedback by asking questions directly in Mattermost channels. |
+------------------------------------------------------------------------------------------------+-------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------+
diff --git a/source/product-overview/certifications-and-compliance.rst b/source/product-overview/certifications-and-compliance.rst
index 34ddd141227..afe1721615a 100644
--- a/source/product-overview/certifications-and-compliance.rst
+++ b/source/product-overview/certifications-and-compliance.rst
@@ -54,15 +54,15 @@ Mattermost supports features that ensure data management and data portability.
Data management
^^^^^^^^^^^^^^^^
-- **Data Retention:** Use :doc:`data retention ` to automatically erase data after a set period of time, a feature that meets the Right to Erasure principle. In Team Edition, you can use database scripts to achieve the same result.
-- **Profile Deletion:** Delete a user’s personal information via :ref:`mmctl user delete `. This permanently deletes all user information including messages created by the user.
+- **Data Retention:** Use :doc:`data retention ` to automatically erase data after a set period of time, a feature that meets the Right to Erasure principle. In Team Edition, you can use database scripts to achieve the same result.
+- **Profile Deletion:** Delete a user’s personal information via :ref:`mmctl user delete `. This permanently deletes all user information including messages created by the user.
- **Self-Hosted Push Notification Service:** Self-host your own push notification service, or deploy mobile apps with any EMM provider that supports `AppConfig `_ to meet security and compliance policies. See :doc:`our Mobile App deployment documentation ` to learn more.
Data portability
^^^^^^^^^^^^^^^^^
-- **Data Import:** Use the :doc:`bulk loading tool ` to migrate data from an existing messaging system, or for pre-populating a new installation with data. :ref:`Review this guide ` which summarizes the different approaches and meets the `Right to Data Portability `_ principle.
-- **Data Export:** Use :doc:`compliance exports ` to export conversations from public, private and direct message channels in XML or EML format. Those in Team Edition can export conversations directly from the database, both in PostgreSQL and in MySQL.
+- **Data Import:** Use the :doc:`bulk loading tool ` to migrate data from an existing messaging system, or for pre-populating a new installation with data. :ref:`Review this guide ` which summarizes the different approaches and meets the `Right to Data Portability `_ principle.
+- **Data Export:** Use :doc:`compliance exports ` to export conversations from public, private and direct message channels in XML or EML format. Those in Team Edition can export conversations directly from the database, both in PostgreSQL and in MySQL.
Accessibility compliance
-------------------------
@@ -190,8 +190,8 @@ To be compliant with GDPR, do I need to remove message contents of email notific
Based on our interpretation of GDPR, it is not required to hide message contents in email notifications to remain compliant for the following reasons:
1. Every user has the ability to disable email notifications in **Settings**. Therefore, every user has the ultimate control over whether or not they want information sent via email. This option aligns with most other products, but we will follow updates on interpretations of GDPR closely to see if we need to make changes in this area.
-2. Mattermost offers :ref:`TLS encryption ` to protect communication between the Mattermost server and the SMTP email server.
-3. If you're uncertain whether the first two points cover GDPR compliance, you can :ref:`disable notifications completely ` on your Mattermost server. To use Mattermost in production with no email notifications, you also need to :ref:`disable a "preview mode" notice banner `.
+2. Mattermost offers :ref:`TLS encryption ` to protect communication between the Mattermost server and the SMTP email server.
+3. If you're uncertain whether the first two points cover GDPR compliance, you can :ref:`disable notifications completely ` on your Mattermost server. To use Mattermost in production with no email notifications, you also need to :ref:`disable a "preview mode" notice banner `.
What information is shared when I select **Contact us** on a Mattermost Admin Advisor notification?
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
@@ -199,7 +199,7 @@ What information is shared when I select **Contact us** on a Mattermost Admin Ad
Selecting **Contact us** in the Mattermost Admin Advisor will send some information to us. This may include the email address and name associated with your Mattermost account as well as the number of registered users on your system, the site URL, and a Mattermost diagnostic server ID number. This information is used to contact you as requested and to help us better understand your needs.
.. note::
- :doc:`Mattermost Admin Advisor notices are disabled ` in v5.35 and later.
+ :doc:`Mattermost Admin Advisor notices are disabled ` in v5.35 and later.
Are the server access logs containing IP addresses a GDPR compliance issue?
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
@@ -231,7 +231,7 @@ Are you IPv6 compliant?
Yes, the Mattermost platform is compliant with IPv6 when Audio & Screen Sharing is disabled, both for our :doc:`self-hosted and Cloud offerings `.
-We plan to add IPv6 compliance for :doc:`Audio & Screen Sharing ` in future.
+We plan to add IPv6 compliance for :doc:`Audio & Screen Sharing ` in future.
Are you 508 compliant?
~~~~~~~~~~~~~~~~~~~~~~
diff --git a/source/product-overview/cloud-dedicated.rst b/source/product-overview/cloud-dedicated.rst
index dee21f7b0ac..6830ae7ce7d 100644
--- a/source/product-overview/cloud-dedicated.rst
+++ b/source/product-overview/cloud-dedicated.rst
@@ -47,19 +47,19 @@ Mattermost maintains control over network and security policies, including `encr
Authentication and authorization
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-Mattermost offers advanced security and authentication options for integrating with corporate directories, including :doc:`Active Directory/LDAP `, :doc:`Okta `, :doc:`OneLogin `, :doc:`SAML `, :doc:`Google `, :doc:`EntraID `, and :doc:`OpenID `.
+Mattermost offers advanced security and authentication options for integrating with corporate directories, including :doc:`Active Directory/LDAP `, :doc:`Okta `, :doc:`OneLogin `, :doc:`SAML `, :doc:`Google `, :doc:`EntraID `, and :doc:`OpenID `.
Secure networking
~~~~~~~~~~~~~~~~~~
-Mattermost Cloud Dedicated supports :doc:`IP filtering ` through CIDR-based IP ranges, providing flexibility for system administrators to include various authorized IPs or IP ranges for seamless access control. Users attempting to access their :doc:`workspace ` from IPs outside defined ranges are restricted from entry. Cloud system admins can :ref:`configure IP filtering ` through their Mattermost System Console.
+Mattermost Cloud Dedicated supports :doc:`IP filtering ` through CIDR-based IP ranges, providing flexibility for system administrators to include various authorized IPs or IP ranges for seamless access control. Users attempting to access their :doc:`workspace ` from IPs outside defined ranges are restricted from entry. Cloud system admins can :ref:`configure IP filtering ` through their Mattermost System Console.
Encryption
~~~~~~~~~~~
Mattermost provides encryption-in-transit and encryption-at-rest capabilities. Mattermost supports :doc:`TLS encryption `, including AES-256 with 2048-bit RSA on all data transmissions, between Mattermost client applications and the Mattermost server. You may either set up TLS on the Mattermost Server or :doc:`install a proxy such as NGINX `, and set up TLS on the proxy.
-Connections to :doc:`Active Directory/LDAP ` can :ref:`optionally be secured with TLS or stunnel `.
+Connections to :doc:`Active Directory/LDAP ` can :ref:`optionally be secured with TLS or stunnel `.
Connections to calls are secured with a combination of:
@@ -70,7 +70,7 @@ Connections to calls are secured with a combination of:
Cloud native exports
~~~~~~~~~~~~~~~~~~~~
-Mattermost supports optional :ref:`filestore configuration settings ` to direct compliance and bulk export data to a separate S3 bucket from standard files. This separate bucket can be configured to allow for secure access by Mattermost Cloud teams as well as admins who manage a given Mattermost deployment. The exports can also be accessed by generating unique download links as needed.
+Mattermost supports optional :ref:`filestore configuration settings ` to direct compliance and bulk export data to a separate S3 bucket from standard files. This separate bucket can be configured to allow for secure access by Mattermost Cloud teams as well as admins who manage a given Mattermost deployment. The exports can also be accessed by generating unique download links as needed.
The following diagram provides a high-level view of how this functionality works:
@@ -85,7 +85,7 @@ Email sent from Mattermost Cloud Dedicated uses SendGrid, and the connection to
Audit and observability
~~~~~~~~~~~~~~~~~~~~~~~
-Mattermost Cloud Dedicated provides access to :doc:`audit and system logs ` generated by the application.
+Mattermost Cloud Dedicated provides access to :doc:`audit and system logs ` generated by the application.
Customization
~~~~~~~~~~~~~~
@@ -98,4 +98,4 @@ The following Mattermost plugins are available for cloud-based deployments:
Migrate from a self-hosted instance
------------------------------------
-See our :ref:`self-hosted to cloud migration ` documentation to learn more about migrating from a self-hosted to a Mattermost Cloud instance.
+See our :ref:`self-hosted to cloud migration ` documentation to learn more about migrating from a self-hosted to a Mattermost Cloud instance.
diff --git a/source/product-overview/cloud-shared.rst b/source/product-overview/cloud-shared.rst
index 2871d3e0f7f..db8e4bee9c4 100644
--- a/source/product-overview/cloud-shared.rst
+++ b/source/product-overview/cloud-shared.rst
@@ -47,19 +47,19 @@ Mattermost maintains control over network and security policies, including `encr
Authentication and authorization
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-Mattermost offers advanced security and authentication options for integrating with corporate directories, including :doc:`Active Directory/LDAP `, :doc:`Okta `, :doc:`OneLogin `, :doc:`SAML `, :doc:`Google `, :doc:`EntraID `, and :doc:`OpenID `.
+Mattermost offers advanced security and authentication options for integrating with corporate directories, including :doc:`Active Directory/LDAP `, :doc:`Okta `, :doc:`OneLogin `, :doc:`SAML `, :doc:`Google `, :doc:`EntraID `, and :doc:`OpenID `.
Secure networking
~~~~~~~~~~~~~~~~~~
-Enterprise customers with a Mattermost Cloud Shared deployment can :ref:`configure IP filtering ` through CIDR-based IP ranges, within the Mattermost System Console to specify authorized IPs or IP ranges for seamless access control. Users attempting to access their :doc:`workspace ` from IPs outside defined ranges are restricted from entry.
+Enterprise customers with a Mattermost Cloud Shared deployment can :ref:`configure IP filtering ` through CIDR-based IP ranges, within the Mattermost System Console to specify authorized IPs or IP ranges for seamless access control. Users attempting to access their :doc:`workspace ` from IPs outside defined ranges are restricted from entry.
Encryption
~~~~~~~~~~~
Mattermost provides encryption-in-transit and encryption-at-rest capabilities. Mattermost supports :doc:`TLS encryption `, including AES-256 with 2048-bit RSA on all data transmissions, between Mattermost client applications and the Mattermost server. You may either set up TLS on the Mattermost Server or :doc:`install a proxy such as NGINX `, and set up TLS on the proxy.
-Connections to :doc:`Active Directory/LDAP ` can :ref:`optionally be secured with TLS or stunnel `.
+Connections to :doc:`Active Directory/LDAP ` can :ref:`optionally be secured with TLS or stunnel `.
Connections to calls are secured with a combination of:
@@ -70,7 +70,7 @@ Connections to calls are secured with a combination of:
Cloud native exports
~~~~~~~~~~~~~~~~~~~~
-Mattermost supports optional :ref:`filestore configuration settings ` to direct compliance and bulk export data to a separate S3 bucket from standard files. This separate bucket can be configured to allow for secure access by Mattermost Cloud teams as well as deployment admins who manage a given installation. The exports can also be accessed by generating unique download links as needed.
+Mattermost supports optional :ref:`filestore configuration settings ` to direct compliance and bulk export data to a separate S3 bucket from standard files. This separate bucket can be configured to allow for secure access by Mattermost Cloud teams as well as deployment admins who manage a given installation. The exports can also be accessed by generating unique download links as needed.
The following diagram provides a high-level view of how this functionality works:
@@ -85,7 +85,7 @@ Email sent from Mattermost Cloud Dedicated uses SendGrid, and the connection to
Audit and observability
~~~~~~~~~~~~~~~~~~~~~~~
-Mattermost Cloud Dedicated provides access to :doc:`audit and system logs ` generated by the application.
+Mattermost Cloud Dedicated provides access to :doc:`audit and system logs ` generated by the application.
Customization
~~~~~~~~~~~~~~
@@ -100,4 +100,4 @@ Custom plugins and integrations outside of Mattermost Marketplace aren’t curre
Migrate from a self-hosted instance
------------------------------------
-See our :ref:`self-hosted to cloud migration ` documentation to learn more about migrating from a self-hosted to a Mattermost Cloud instance.
\ No newline at end of file
+See our :ref:`self-hosted to cloud migration ` documentation to learn more about migrating from a self-hosted to a Mattermost Cloud instance.
\ No newline at end of file
diff --git a/source/product-overview/cloud-supported-integrations.rst b/source/product-overview/cloud-supported-integrations.rst
index 5bfa96caa97..23080167da4 100644
--- a/source/product-overview/cloud-supported-integrations.rst
+++ b/source/product-overview/cloud-supported-integrations.rst
@@ -8,5 +8,5 @@
- :doc:`GitLab `
- :doc:`Jira `
- :doc:`ServiceNow `
-- :doc:`User Survey `
+- :doc:`User Survey `
- :doc:`Zoom `
\ No newline at end of file
diff --git a/source/product-overview/corporate-directory-integration.rst b/source/product-overview/corporate-directory-integration.rst
index a2ba7a33c69..aee078d285e 100644
--- a/source/product-overview/corporate-directory-integration.rst
+++ b/source/product-overview/corporate-directory-integration.rst
@@ -18,7 +18,7 @@ Security features for authentication
A core set of features is available with all authentication options to help increase security:
-- Ability to :ref:`set session length ` to define how long a user can use Mattermost before needing to re-enter credentials.
+- Ability to :ref:`set session length ` to define how long a user can use Mattermost before needing to re-enter credentials.
- Ability for users to remotely sign out of devices.
- Ability for IT admin to force sign out of a user from devices.
- Ability to set rate limits on authentication API calls to deter password-guessing attacks.
@@ -28,7 +28,7 @@ A core set of features is available with all authentication options to help incr
AD/LDAP authentication
------------------------
-:doc:`AD/LDAP ` is the most popular corporate directory integration option for deploying Mattermost behind a corporate firewall. Features include:
+:doc:`AD/LDAP ` is the most popular corporate directory integration option for deploying Mattermost behind a corporate firewall. Features include:
- Account creation using AD/LDAP credentials.
- AD/LDAP user filters to define which users get access to Mattermost in the form of a query.
@@ -38,8 +38,8 @@ AD/LDAP authentication
- Synchronization with AD/LDAP to disable, enable, and update Mattermost users based on AD/LDAP.
.. note::
- - New user accounts are created when new users log in with their AD/LDAP credentials. You can optionally pre-create user accounts using the :doc:`bulk loading ` tool.
- - If you're using email or username and password authentication :ref:`users can switch to AD/LDAP manually `, and the conversion to AD/LDAP can also be done using the :ref:`mmctl user migrate auth ` command by an IT admin.
+ - New user accounts are created when new users log in with their AD/LDAP credentials. You can optionally pre-create user accounts using the :doc:`bulk loading ` tool.
+ - If you're using email or username and password authentication :ref:`users can switch to AD/LDAP manually `, and the conversion to AD/LDAP can also be done using the :ref:`mmctl user migrate auth ` command by an IT admin.
For very large AD/LDAP instances you can also configure max page size to divide a Mattermost AD/LDAP query into several pieces to not overtax the authentication server when synchronizing.
@@ -48,13 +48,13 @@ Authentication options outside of a private network
When deploying Mattermost to a DMZ location outside the security of a private network, additional authentication options include:
-- :doc:`Okta integration via SAML `
-- :doc:`OneLogin integration via SAML `
-- :doc:`Active Directory Federation Services via SAML `
-- :doc:`SAML 2.0 authentication `
-- :doc:`Google Apps `
-- :doc:`Entra ID `
-- :doc:`OpenID Connect `
+- :doc:`Okta integration via SAML `
+- :doc:`OneLogin integration via SAML `
+- :doc:`Active Directory Federation Services via SAML `
+- :doc:`SAML 2.0 authentication `
+- :doc:`Google Apps `
+- :doc:`Entra ID `
+- :doc:`OpenID Connect `
Generic OAuth is not currently supported.
diff --git a/source/product-overview/deprecated-features.rst b/source/product-overview/deprecated-features.rst
index 333b266afea..e6c80fc7f88 100644
--- a/source/product-overview/deprecated-features.rst
+++ b/source/product-overview/deprecated-features.rst
@@ -132,7 +132,7 @@ Mattermost Server v8.0.0
- Removed ``ExperimentalSettings.PatchPluginsReactDOM``. If this setting was previously enabled, confirm that:
- All Mattermost-supported plugins are updated to the latest versions.
- - Any other plugins have been updated to support React 17. See the :doc:`Important Upgrade Notes ` for v7.7 for more information.
+ - Any other plugins have been updated to support React 17. See the :doc:`Important Upgrade Notes ` for v7.7 for more information.
- Deprecated Insights for all new instances and for existing servers that upgrade to Mattermost v8.0.
- Removed deprecated ``PermissionUseSlashCommands``.
- Removed deprecated ``model.CommandArgs.Session``.
@@ -142,24 +142,24 @@ Mattermost Server v8.0.0
Mattermost Server v6.0.0
~~~~~~~~~~~~~~~~~~~~~~~~
-- :doc:`Legacy Command Line Tools `. Most commands have been replaced by :doc:`mmctl ` and new commands have been added over the last few months, making this tool a full and robust replacement.
+- :doc:`Legacy Command Line Tools `. Most commands have been replaced by :doc:`mmctl ` and new commands have been added over the last few months, making this tool a full and robust replacement.
- Slack Import via the web app. The Slack import tool accessible via the Team Setting menu is being replaced by the mmetl tool that is much more comprehensive for the types of data it can assist in uploading.
- MySQL versions below 5.7.12. Minimum support will now be for 5.7.12. This version introduced a native JSON data type that lets us improve performance and scalability of several database fields (most notably Users and Posts props). Additionally, version 5.6 (our current minimum version) reached `EOL in February 2021 `_.
- Elasticsearch 5 and 6. `Versions 5.x reached EOL in March of 2019, and versions 6.x reached EOL in November 2020 `_. Our minimal supported version with Mattermost v6.0 will be Elasticsearch version 7.0.
- Windows 7 reached `EOL in January 2020 `_. We will no longer provide support for the desktop app issues on Windows 7.
-- :ref:`DisableLegacyMFAEndpoint ` configuration setting.
-- :ref:`Experimental Timezone ` configuration setting.
+- :ref:`DisableLegacyMFAEndpoint ` configuration setting.
+- :ref:`Experimental Timezone ` configuration setting.
- All legacy channel sidebar experimental configuration settings. We encourage customers using these settings to upgrade to v5.32 or later to access custom, collapsible channel categories among many other channel organization features. The settings being deprecated include:
- - :ref:`EnableLegacySidebar `
- - :ref:`ExperimentalTownSquareIsReadOnly `
- - :ref:`ExperimentalHideTownSquareinLHS `
- - :ref:`EnableXToLeaveChannelsFromLHS `
- - :ref:`CloseUnusedDirectMessages `
- - :ref:`ExperimentalChannelOrganization `
- - :ref:`ExperimentalChannelSidebarOrganization `
-
-- :ref:`All configuration settings previously marked as “Deprecated” `.
+ - :ref:`EnableLegacySidebar `
+ - :ref:`ExperimentalTownSquareIsReadOnly `
+ - :ref:`ExperimentalHideTownSquareinLHS `
+ - :ref:`EnableXToLeaveChannelsFromLHS `
+ - :ref:`CloseUnusedDirectMessages `
+ - :ref:`ExperimentalChannelOrganization `
+ - :ref:`ExperimentalChannelSidebarOrganization `
+
+- :ref:`All configuration settings previously marked as “Deprecated” `.
- Changes to mattermost-server/model for naming consistency.
Mattermost Server v5.38.0
@@ -229,7 +229,7 @@ Mattermost Server v4.0.0
Mattermost Server v3.8.0
~~~~~~~~~~~~~~~~~~~~~~~~~~
-- Old CLI tool (replaced by :doc:`an upgraded CLI tool `)
+- Old CLI tool (replaced by :doc:`an upgraded CLI tool `)
- APIv3 endpoints:
- “GET at /channels/more” (replaced by “/channels/more/{offset}/{limit}”)
diff --git a/source/product-overview/editions-and-offerings.rst b/source/product-overview/editions-and-offerings.rst
index 538bc5456b6..1905f867c41 100644
--- a/source/product-overview/editions-and-offerings.rst
+++ b/source/product-overview/editions-and-offerings.rst
@@ -48,7 +48,7 @@ Mattermost Enterprise Advanced
Mattermost Enterprise Advanced is the :doc:`Intelligent Mission Environment ` for Cyber Defense and Mission Operations that features:
- :doc:`Classified and Sensitive Information Controls `
-- :doc:`Zero Trust Security ` with dynamic attribute-based policy controls, environmental atributes, and User Authoritative Source integration
+- :doc:`Zero Trust Security ` with dynamic attribute-based policy controls, environmental atributes, and User Authoritative Source integration
- :doc:`Mobile security ` controls
- :doc:`Air-gapped deployment workflows `
@@ -69,26 +69,26 @@ Mattermost Enterprise is an enterprise-grade collaboration system that supports
This offering includes all the features of `Mattermost Professional <#mattermost-professional>`__, plus:
-- :doc:`Enterprise-scale search with dedicated indexing and usage resourcing via cluster support `.
-- :doc:`Sychronization of access controls, channels, and teams with AD/LDAP Groups `.
-- :doc:`eDiscovery and compliance export automation `.
+- :doc:`Enterprise-scale search with dedicated indexing and usage resourcing via cluster support `.
+- :doc:`Sychronization of access controls, channels, and teams with AD/LDAP Groups `.
+- :doc:`eDiscovery and compliance export automation `.
- :doc:`Enterprise mobile device management with custom EMM support via AppConfig `.
-- :doc:`Advanced legal controls with customizable end-user terms of service and re-acceptance duration `.
-- :ref:`Private mobility with ID-only push notifications `.
-- :doc:`Enhanced compliance with global and custom retention policies for messages and files `.
+- :doc:`Advanced legal controls with customizable end-user terms of service and re-acceptance duration `.
+- :ref:`Private mobility with ID-only push notifications `.
+- :doc:`Enhanced compliance with global and custom retention policies for messages and files `.
- :doc:`Collaborative playbooks with ad hoc add/remove tasks, automated triggers, and stakeholders dashboard `.
- :doc:`Deleted granular administrative control `.
- :doc:`Advanced configuration of playbook permissions, and analytics dashboards `
-- :doc:`Channel export `
-- :ref:`Enhanced compliance controls and granular audit logs with data export `.
-- :doc:`Advanced collaboration with connected workspaces across Mattermost instances `.
-- :doc:`High availability support with multi-node database deployment `.
-- :doc:`Horizontal scaling through cluster-based deployment `.
-- :doc:`Advanced performance monitoring `.
-- :doc:`Server health checks `.
+- :doc:`Channel export `
+- :ref:`Enhanced compliance controls and granular audit logs with data export `.
+- :doc:`Advanced collaboration with connected workspaces across Mattermost instances `.
+- :doc:`High availability support with multi-node database deployment `.
+- :doc:`Horizontal scaling through cluster-based deployment `.
+- :doc:`Advanced performance monitoring `.
+- :doc:`Server health checks `.
- `Eligibility for Premier Support add-on `__.
- Contextual AI-based :ref:`summarization `, real-time :ref:`channel briefing `, and :ref:`composition `
-- Private, air-gapped & DDIL :doc:`AI operations `
+- Private, air-gapped & DDIL :doc:`AI operations `
- PQ&A with :doc:`access-controlled backend systems `
- 99.99% uptime SLA guarantee (Cloud only, via dedicated virtual secure Cloud add-on option).
@@ -105,16 +105,16 @@ Mattermost Professional is the set of collaboration features that enables you to
This offering includes all the features of `Mattermost Free <#mattermost-free>`__, plus:
- :doc:`Guest access ` and :doc:`custom user groups `.
-- :doc:`Active Directory/LDAP Single Sign-on and user synchronization `.
-- Single Sign-on with :doc:`GitLab ` using the OpenID Connect standard, :doc:`Google `, :doc:`OpenID Connect `, :doc:`SAML ` or :doc:`Entra ID `.
+- :doc:`Active Directory/LDAP Single Sign-on and user synchronization `.
+- Single Sign-on with :doc:`GitLab ` using the OpenID Connect standard, :doc:`Google `, :doc:`OpenID Connect `, :doc:`SAML ` or :doc:`Entra ID `.
- :ref:`MFA enforcement `.
- :ref:`Advanced team permissions `.
- :ref:`Read-only announcement channels `.
-- :doc:`System-wide announcement banners `.
+- :doc:`System-wide announcement banners `.
- O365 integration with `Microsoft Teams Meetings `_ and `Jira multi-server `_.
- `Next business day support via online ticketing system `_.
- :ref:`Interactive AI bot support `
-- Flexible :doc:`bring-your-own-LLM integration `
+- Flexible :doc:`bring-your-own-LLM integration `
See a `complete list of Mattermost features `_.
@@ -141,11 +141,11 @@ Features include:
- Teams and channels for one-to-one and group messaging, file sharing, and unlimited search history with threaded messaging, emoji, and custom emoji.
- Native apps for iOS, Android, Windows, macOS, and Linux.
- Pre-packaged integrations with most common developer tools, including Jira, GitHub, GitLab, Zoom, and more.
-- Tools for :doc:`custom branding ` and :doc:`themes `.
-- :doc:`Multi-factor authentication `.
-- Single Sign-on with :doc:`GitLab ` using the OAuth 2.0 standard.
+- Tools for :doc:`custom branding ` and :doc:`themes `.
+- :doc:`Multi-factor authentication `.
+- Single Sign-on with :doc:`GitLab ` using the OAuth 2.0 standard.
- :doc:`Granular system permissions `.
-- Highly customizable `third-party bots, integrations `_, and :doc:`command line tools `.
+- Highly customizable `third-party bots, integrations `_, and :doc:`command line tools `.
- Extensive integration support via `webhooks, APIs, drivers `_, and `third-party extensions `_.
- Multiple languages including English (Australian, US), Bulgarian, Chinese (Simplified and Traditional), Dutch, French, German, Hungarian, Italian, Japanese, Korean, Persian, Polish, Portuguese (Brazil), Romanian, Russian, Spanish, Swedish, Turkish, Ukrainian, and Vietnamese.
- `Community support `_.
diff --git a/source/product-overview/faq-enterprise.rst b/source/product-overview/faq-enterprise.rst
index a683bc2f627..da3179253e8 100644
--- a/source/product-overview/faq-enterprise.rst
+++ b/source/product-overview/faq-enterprise.rst
@@ -73,7 +73,7 @@ Growing your Mattermost installation from supporting a team to supporting an ent
**Functional Scaling:** Scaling from a team to an enterprise is like going from a "virtual office" to a "virtual campus". Advanced features like enterprise authentication, granular permissions, compliance and auditing, and advanced reporting become increasingly important as organizations grow beyond teams. Organizations needing this flexibility can easily upgrade from Mattermost Team Edition to Mattermost Enterprise Edition as well as downgrade without data loss, should their needs change.
-For more information on how Mattermost scales, technically, and functionally, talk to a `Mattermost Expert `_, and :doc:`read about scaling for Enterprise `.
+For more information on how Mattermost scales, technically, and functionally, talk to a `Mattermost Expert `_, and :doc:`read about scaling for Enterprise `.
What does it take to manage a Mattermost deployment?
----------------------------------------------------
diff --git a/source/product-overview/faq-federal-procurement.rst b/source/product-overview/faq-federal-procurement.rst
index bef9e3bd6fa..9319339be35 100644
--- a/source/product-overview/faq-federal-procurement.rst
+++ b/source/product-overview/faq-federal-procurement.rst
@@ -39,7 +39,7 @@ Yes. Mattermost can be deployed on-premises, in private clouds, or air-gapped ne
Is CAC/SAML/LDAP integration available?
---------------------------------------
-Yes. Mattermost supports :ref:`SAML 2.0 ` (compatible with Okta, ADFS, OneLogin, Azure AD, PingFederate, etc.), CAC via SAML integration (configuration details may vary), and :doc:`AD/LDAP integration ` for centralized identity, user provisioning, and group sync in Enterprise editions.
+Yes. Mattermost supports :ref:`SAML 2.0 ` (compatible with Okta, ADFS, OneLogin, Azure AD, PingFederate, etc.), CAC via SAML integration (configuration details may vary), and :doc:`AD/LDAP integration ` for centralized identity, user provisioning, and group sync in Enterprise editions.
Can it be used securely on BYOD mobile?
---------------------------------------
diff --git a/source/product-overview/faq-license.rst b/source/product-overview/faq-license.rst
index 3cc3023045c..382885a0536 100644
--- a/source/product-overview/faq-license.rst
+++ b/source/product-overview/faq-license.rst
@@ -104,7 +104,7 @@ In contrast, Mattermost, as the copyright holder to the collection of the Matter
How can I create an open source derivative work of Mattermost?
--------------------------------------------------------------
-If you're looking to customize the look and feel of Mattermost, see the :doc:`customization ` documentation. For advanced customization, the system's user experience is available in different repositories for web, mobile apps, and desktop apps and custom experiences can be developed and integrated via the system APIs and custom plugins.
+If you're looking to customize the look and feel of Mattermost, see the :doc:`customization ` documentation. For advanced customization, the system's user experience is available in different repositories for web, mobile apps, and desktop apps and custom experiences can be developed and integrated via the system APIs and custom plugins.
If, instead of using Mattermost Team Edition or Mattermost Enterprise Edition, you choose to compile your own version of the system using the open source code from ``/mattermost``, there are a number of factors to consider:
@@ -117,7 +117,7 @@ Rebranding
~~~~~~~~~~
- When you create a derivative version of Mattermost and share it with others as a product, you need to replace the Mattermost name and logo from the system, among other requirements, per the `Mattermost trademark policy `_.
-- You can rebrand your system using :doc:`custom branding tools `.
+- You can rebrand your system using :doc:`custom branding tools `.
- For advanced whitelabelling, you can manually update files on the Mattermost server `per product documentation. `_ This can also be done without forking.
Copyright and Licensing of ``/mattermost`` open source code
@@ -128,7 +128,7 @@ Copyright and Licensing of ``/mattermost`` open source code
Other considerations
~~~~~~~~~~~~~~~~~~~~
-- Mattermost has a default :ref:`Terms of Use ` agreement for the Terms of Use link at the bottom of login screen that should be incorporated into any additional Terms of Use you may add.
+- Mattermost has a default :ref:`Terms of Use ` agreement for the Terms of Use link at the bottom of login screen that should be incorporated into any additional Terms of Use you may add.
- The Mattermost copyright notices on the user interface should remain.
- There may be additional legal and regulatory issues to consider and we recommend you employ legal counsel to fully understand what's involved in creating and selling a derivative work.
diff --git a/source/product-overview/mattermost-server-releases.md b/source/product-overview/mattermost-server-releases.md
index 27ca18532d2..3ea85dd8f01 100644
--- a/source/product-overview/mattermost-server-releases.md
+++ b/source/product-overview/mattermost-server-releases.md
@@ -14,7 +14,7 @@
```
## Frequency
-Mattermost releases a new server version on the 16th of each month in [binary form](https://docs.mattermost.com/administration-guide/upgrade/upgrading-mattermost-server.html).
+Mattermost releases a new server version on the 16th of each month in [binary form](https://docs.mattermost.com/administration-guide/operations-scaling/upgrading-mattermost-server.html).
- See the [v10 changelog](https://docs.mattermost.com/product-overview/mattermost-v10-changelog.html) for details on what's coming and changing in the next major release.
- See the [unsupported Mattermost legacy releases](https://docs.mattermost.com/product-overview/unsupported-legacy-releases.html) documentation for details on older, unsupported Mattermost releases.
diff --git a/source/product-overview/mattermost-v10-changelog.md b/source/product-overview/mattermost-v10-changelog.md
index d34604712be..7fb0899f891 100644
--- a/source/product-overview/mattermost-v10-changelog.md
+++ b/source/product-overview/mattermost-v10-changelog.md
@@ -15,7 +15,7 @@
**Release day: 2025-09-16**
```{Important}
-If you upgrade from a release earlier than v10.10, please read the other [Important Upgrade Notes](https://docs.mattermost.com/administration-guide/upgrade/important-upgrade-notes.html).
+If you upgrade from a release earlier than v10.10, please read the other [Important Upgrade Notes](https://docs.mattermost.com/administration-guide/operations-scaling/important-upgrade-notes.html).
```
### Compatibility
@@ -65,7 +65,7 @@ If you upgrade from a release earlier than v10.10, please read the other [Import
- Original 10.11.0 release.
```{Important}
-If you upgrade from a release earlier than v10.10, please read the other [Important Upgrade Notes](https://docs.mattermost.com/administration-guide/upgrade/important-upgrade-notes.html).
+If you upgrade from a release earlier than v10.10, please read the other [Important Upgrade Notes](https://docs.mattermost.com/administration-guide/operations-scaling/important-upgrade-notes.html).
```
### Highlights
diff --git a/source/product-overview/product-overview-index.rst b/source/product-overview/product-overview-index.rst
index 6c60fa2696c..64ac2f3f503 100644
--- a/source/product-overview/product-overview-index.rst
+++ b/source/product-overview/product-overview-index.rst
@@ -47,7 +47,7 @@ Messaging collaboration
:doc:`Mattermost Channels ` enables secure, real-time and asynchronous communication across web, desktop, and mobile—powering mission-critical collaboration and Chat Operations (ChatOps) workflows across connected, hybrid, and air-gapped environments. Channels feature the following capabilities:
- :ref:`Public ` and :ref:`private ` channels, :ref:`direct messages `, and :doc:`threaded conversations ` for structured operational coordination.
-- :doc:`Role-based access controls ` and :ref:`audit logs ` to support need-to-know enforcement.
+- :doc:`Role-based access controls ` and :ref:`audit logs ` to support need-to-know enforcement.
- Configurable :doc:`notifications ` (e.g., :ref:`alerts `, :doc:`keyword triggers `, :doc:`muting `) to surface high-priority activity.
- Integrated ChatOps capabilities via :doc:`slash commands `, `bots `_, and :doc:`webhooks ` for real-time automation and system alerts.
- :ref:`Pinning `, :doc:`bookmarking `, and :doc:`advanced search ` to maintain continuity and context in high-volume environments.
@@ -79,7 +79,7 @@ Audio and screenshare
- Enables :ref:`1:1 and group audio calls ` directly within channels and direct messages, maintaining contextual awareness and access control based on channel membership.
- Supports secure :ref:`screen sharing ` for visual coordination and analysis.
-- Operates in :doc:`sovereign, air-gapped, or sensitive network ` environments.
+- Operates in :doc:`sovereign, air-gapped, or sensitive network ` environments.
- Offers optional :ref:`AI-based transcription ` and :ref:`summarization ` for meeting capture and follow ups.
- Works across web, desktop, and mobile for flexible, secure access.
@@ -108,7 +108,7 @@ AI Agents and open APIs
- Provides configurable AI assistants that :ref:`summarize threads `, :ref:`extract action items and answer questions ` with contextual insight and operational awareness.
- Supports :ref:`direct interactions with AI agents ` in dedicated threads or channels.
- Enables :ref:`semantic search ` using natural language to surface relevant content across Mattermost data.
-- Supports Retrieval-Augmented Generation (RAG), :ref:`custom instructions `, and responsible :ref:`AI guardrails ` for secure automation.
+- Supports Retrieval-Augmented Generation (RAG), :ref:`custom instructions `, and responsible :ref:`AI guardrails ` for secure automation.
- Integrates with :doc:`local models ` (e.g., Ollama, vLLM) and cloud LLMs via OpenAI-compatible APIs for flexible deployment.
.. image:: /images/agents-meeting-summary.png
@@ -142,10 +142,10 @@ Multi-Agent, Multi-LLM integration
A secure, extensible foundation for integrating multiple large language models (LLMs) and autonomous agents within a sovereign control plane enables organizations to operationalize AI within sovereign infrastructure—fusing data across systems, accelerating decisions, and maintaining full control over AI model access and performance. Organizations can leverage the following capabilities to operationalize AI:
- :doc:`Sovereign AI ` model support: Integrate with :doc:`OpenAI, Anthropic, Meta Llama, and other LLMs ` via secure APIs.
-- :ref:`Custom instructions ` and Retrieval-Augmented Generation (RAG): Adapt agent behavior to domain-specific tasks using internal data and policies.
+- :ref:`Custom instructions ` and Retrieval-Augmented Generation (RAG): Adapt agent behavior to domain-specific tasks using internal data and policies.
- :ref:`Semantic search ` and natural language interaction: Provide operational teams with intuitive ways to retrieve and act on information.
- :ref:`Responsible AI control plane `: Define model access policies, enforce guardrails, and monitor agent activity with feedback loops.
-- Multi-agent orchestration: Use the :ref:`Mission Control Plane (MCP) ` and agent-to-agent protocols to coordinate actions across multiple autonomous agents. *
+- Multi-agent orchestration: Use the :ref:`Mission Control Plane (MCP) ` and agent-to-agent protocols to coordinate actions across multiple autonomous agents. *
Sovereign & cyber-resilient deployment flexibility
--------------------------------------------------
@@ -168,8 +168,8 @@ Private Cloud & sovereign datacenter
For high-security environments requiring full infrastructure control, IME supports scalable, highly available deployment within sovereign datacenters.
- :doc:`Kubernetes-native architecture ` enables containerized services, self-healing workloads, and zero-downtime updates.
-- :doc:`High availability ` through clustering across application, database, and proxy layers.
-- :doc:`Horizontal scalability ` to tens of thousands of users per instance.
+- :doc:`High availability ` through clustering across application, database, and proxy layers.
+- :doc:`Horizontal scalability ` to tens of thousands of users per instance.
- Complies with Security Technical Implementation Guide (STIG), Federal Information Processing Standard 140-3 (FIPS 140-3), and Federal Risk and Authorization Management Program (FedRAMP)-aligned security standards.
Hyperscaler & sovereign Cloud support
diff --git a/source/product-overview/release-policy.md b/source/product-overview/release-policy.md
index b41440e5f31..9de558bf5a8 100644
--- a/source/product-overview/release-policy.md
+++ b/source/product-overview/release-policy.md
@@ -39,10 +39,10 @@ We strongly recommend planning ahead for upgrades before the end of an ESR's lif
ESRs don’t include changes to product functionality or new features. ESRs are intended for organizations who value stability over having the newest features and improvements, or who have a long internal testing and certification process to undergo when upgrading. Consider using ESRs for more stable and long-term deployments, especially in environments where frequent updates are challenging. If your organization prefers to have the newest features and improvements, Extended Support Releases may not be the best fit for you.
-To install extended support releases, follow our [install and upgrade](/administration-guide/upgrade/enterprise-install-upgrade) documentation. To restore a previous ESR, restore the database and previous version if you need to revert an upgrade. Previous ESR versions continue remain subject to a [life cycle end date](/product-overview/mattermost-server-releases).
+To install extended support releases, follow our [install and upgrade](/administration-guide/operations-scaling/enterprise-install-upgrade) documentation. To restore a previous ESR, restore the database and previous version if you need to revert an upgrade. Previous ESR versions continue remain subject to a [life cycle end date](/product-overview/mattermost-server-releases).
```{Important}
-- We strongly recommend reviewing [upgrade best practices](https://docs.mattermost.com/administration-guide/upgrade/prepare-to-upgrade-mattermost.html#upgrade-best-practices) for upgrading, and [important upgrade notes](/upgrade/important-upgrade-notes) for all the versions beyond the current ESR version you have currently installed. See the [Mattermost v9 changelog](https://docs.mattermost.com/product-overview/mattermost-v9-changelog.html) for a list of database, API, and `config.json` updates for all v9.x releases.
+- We strongly recommend reviewing [upgrade best practices](https://docs.mattermost.com/administration-guide/operations-scaling/prepare-to-upgrade-mattermost.html#upgrade-best-practices) for upgrading, and [important upgrade notes](/upgrade/important-upgrade-notes) for all the versions beyond the current ESR version you have currently installed. See the [Mattermost v9 changelog](https://docs.mattermost.com/product-overview/mattermost-v9-changelog.html) for a list of database, API, and `config.json` updates for all v9.x releases.
- Your license key is decoupled from the Mattermost server version, so you can upgrade to the latest ESR using a legacy license.
We highly recommend working with your Mattermost Account Team to plan for a migration to our new plans, and to access the latest features such as persistent notifications, advanced compliance features, call recordings, and more.
```
diff --git a/source/product-overview/self-hosted-subscriptions.rst b/source/product-overview/self-hosted-subscriptions.rst
index fe1b32a7b90..7cd40d14f5f 100644
--- a/source/product-overview/self-hosted-subscriptions.rst
+++ b/source/product-overview/self-hosted-subscriptions.rst
@@ -24,12 +24,12 @@ Mattermost installed
Check your email for a purchase confirmation from Mattermost. Download the attached license. In Mattermost, follow the steps provided in **System Console > About > Edition and License** to apply your license key.
-You can also use the :ref:`mmctl ` to apply the license.
+You can also use the :ref:`mmctl ` to apply the license.
Mattermost not yet installed
~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-If you haven't yet installed and deployed a Mattermost instance, visit the :doc:`Deployment Guide ` to get started. For information on creating a system admin account, visit our :doc:`Administrator Tasks ` documentation.
+If you haven't yet installed and deployed a Mattermost instance, visit the :doc:`Deployment Guide ` to get started. For information on creating a system admin account, visit our :doc:`Administrator Tasks ` documentation.
Add more users to your subscription
-----------------------------------
diff --git a/source/product-overview/subscription.rst b/source/product-overview/subscription.rst
index e335650121a..ffd85014e56 100644
--- a/source/product-overview/subscription.rst
+++ b/source/product-overview/subscription.rst
@@ -89,7 +89,7 @@ How is a user defined for subscriptions?
For the purpose of billing, a “user” is any account created in Mattermost that does not show as **Deactivated** in **System Console > User Management > Users**. Guests are also defined as users.
-Bots, deactivated users, and synthetic users in :doc:`Microsoft Teams integrations ` and :doc:`connected workspace ` users aren't counted towards the total number of activated users.
+Bots, deactivated users, and synthetic users in :doc:`Microsoft Teams integrations ` and :doc:`connected workspace ` users aren't counted towards the total number of activated users.
You can review your user count, for billing purposes, by going to **System Console > Site Statistics**, under **Total Activated Users**.
@@ -116,7 +116,7 @@ The affected features include, but are not limited to, the following:
Mentions for AD/LDAP groups are not shown in the autocomplete menu.
- Group mentions are no longer highlighted in text and do not trigger new notifications.", "Use :ref:`mmctl ` to modify group sync settings for the team/channel."
+ Group mentions are no longer highlighted in text and do not trigger new notifications.", "Use :ref:`mmctl ` to modify group sync settings for the team/channel."
"High availability", "High availability is disabled. If all nodes in a cluster continue running, the nodes will stop communicating and caches will get out of sync. This is likely to cause delays in messages, notifications, etc.", "None needed."
"Performance monitoring", "Monitoring is disabled and Grafana will no longer update with new data.", "None needed."
"Compliance exports", "Jobs are no longer scheduled in the job server. Data is not exported.", "None needed."
@@ -124,7 +124,7 @@ The affected features include, but are not limited to, the following:
"Custom terms", "Custom terms no longer displayed to end users on login. Data is retained in the Terms of Service database table.", "None needed."
"Custom announcement banners", "No longer visible and is replaced by the default announcement banner.", "None needed."
"Multi-factor authentication (MFA)", "MFA is no longer enforced/required for new accounts but remains enabled for those who configured it.", "None needed."
- "Permissions", "Permissions are retained in the database in a frozen state and cannot be modified in the System Console.", "Use :ref:`mmctl ` to reset permissions to default."
+ "Permissions", "Permissions are retained in the database in a frozen state and cannot be modified in the System Console.", "Use :ref:`mmctl ` to reset permissions to default."
"Guest accounts", "Guests that are not actively logged in are prevented from logging in. Guests who are actively logged in are able to use Mattermost until their session expires or they log out.", "None needed."
Is there a maximum number of users per subscription?
diff --git a/source/product-overview/unsupported-legacy-releases.md b/source/product-overview/unsupported-legacy-releases.md
index 84ecdc298ef..4a4db02178a 100644
--- a/source/product-overview/unsupported-legacy-releases.md
+++ b/source/product-overview/unsupported-legacy-releases.md
@@ -2544,7 +2544,7 @@ If you upgrade from a release earlier than v7.4, please read the other [Importan
#### Boards
- Added additional standard [board templates](https://docs.mattermost.com/end-user-guide/project-management/work-with-boards.html#choose-a-board-template) to help users kick-off their next projects.
- Filters now support all [text properties](https://docs.mattermost.com/end-user-guide/project-management/work-with-cards.html#work-with-property-types).
- - Added two new tiles for System Console [Boards metrics](https://docs.mattermost.com/administration-guide/configure/reporting-configuration-settings.html#site-statistics) under **System Console > Site Statistics**.
+ - Added two new tiles for System Console [Boards metrics](https://docs.mattermost.com/administration-guide/configuration-reference/reporting-configuration-settings.html#site-statistics) under **System Console > Site Statistics**.
#### Last active status
- Added a [“Last active” status](https://docs.mattermost.com/end-user-guide/preferences/manage-your-display-options.html#share-last-active-time) to the profile popover and to the **Direct Message** channel header that indicates when a user was last online. This status only displays for users who are Away, Offline, or in do-not-disturb (DND). This can be disabled via **Settings > Display > Share last active time**.
@@ -2686,7 +2686,7 @@ Mattermost v7.4.0 contains a medium severity level security fix. [Upgrading](htt
### Bug Fixes
- Fixed an issue with a nil point exception error during imports.
- - Fixed an issue where users were unable to download a [Support Packet](https://docs.mattermost.com/administration-guide/manage/admin/generating-support-packet.html) using the Desktop App.
+ - Fixed an issue where users were unable to download a [Support Packet](https://docs.mattermost.com/administration-guide/admin-tools/generating-support-packet.html) using the Desktop App.
- Fixed an issue with the **Message forward** modal where the auto-complete in the comment box moved with the text cursor.
- Fixed an issue where muted channels with an at-mention were displayed under the **Unreads** section of the channel switcher.
- Fixed an issue where the Collapsed Reply Threads setting was displayed in the **System Console > Experimental Features** section.
@@ -14233,7 +14233,7 @@ Release date: 2016-04-16
#### TPNS and EAS options
-- [Enterprise App Store](https://docs.mattermost.com/administration-guide/configure/environment-configuration-settings.html#push-notification-server-location) (EAS) and [Test Push Notification Service](https://docs.mattermost.com/administration-guide/configure/environment-configuration-settings.html#test-push-notifications-service-tpns) (TPNS) option are now included in **System Console** > **Email Settings** > **Push Notification Settings** as built-in options.
+- [Enterprise App Store](https://docs.mattermost.com/administration-guide/configuration-reference/environment-configuration-settings.html#push-notification-server-location) (EAS) and [Test Push Notification Service](https://docs.mattermost.com/administration-guide/configuration-reference/environment-configuration-settings.html#test-push-notifications-service-tpns) (TPNS) option are now included in **System Console** > **Email Settings** > **Push Notification Settings** as built-in options.
### Languages
diff --git a/source/recipes/product-vulnerability-incident.rst b/source/recipes/product-vulnerability-incident.rst
index fd3a5fbc3b7..ff8530922d1 100644
--- a/source/recipes/product-vulnerability-incident.rst
+++ b/source/recipes/product-vulnerability-incident.rst
@@ -18,7 +18,7 @@ This guide walks through the set up of a product security incident room using :d
1. Workspace setup
~~~~~~~~~~~~~~~~~~
-For Cloud customers, all the functionalities works out-of-the-box with no technical setup. Simply invite your team members to your workspace and move onto the next section. For self-hosted deployments, refer to the :ref:`calls configuration documentation ` to configure voice calling and screen sharing.
+For Cloud customers, all the functionalities works out-of-the-box with no technical setup. Simply invite your team members to your workspace and move onto the next section. For self-hosted deployments, refer to the :ref:`calls configuration documentation ` to configure voice calling and screen sharing.
2. Playbooks setup
~~~~~~~~~~~~~~~~~~
diff --git a/source/redirects.py b/source/redirects.py
index a242d90ba99..1b1c52cd903 100644
--- a/source/redirects.py
+++ b/source/redirects.py
@@ -302,6 +302,229 @@
# Administration redirects
"administration/announcement-banner.html":
"https://docs.mattermost.com/administration-guide/manage/system-wide-notifications.html",
+
+# Administration guide restructuring (2025-09)
+# Comply → Compliance, Security & Auditing
+"administration-guide/comply/compliance-export.html":
+ "https://docs.mattermost.com/administration-guide/compliance-security-auditing/compliance-export.html",
+"administration-guide/comply/compliance-monitoring.html":
+ "https://docs.mattermost.com/administration-guide/compliance-security-auditing/compliance-monitoring.html",
+"administration-guide/comply/custom-terms-of-service.html":
+ "https://docs.mattermost.com/administration-guide/compliance-security-auditing/custom-terms-of-service.html",
+"administration-guide/comply/data-retention-policy.html":
+ "https://docs.mattermost.com/administration-guide/compliance-security-auditing/data-retention-policy.html",
+"administration-guide/comply/electronic-discovery.html":
+ "https://docs.mattermost.com/administration-guide/compliance-security-auditing/electronic-discovery.html",
+"administration-guide/comply/embedded-json-audit-log-schema.html":
+ "https://docs.mattermost.com/administration-guide/compliance-security-auditing/embedded-json-audit-log-schema.html",
+"administration-guide/comply/export-mattermost-channel-data.html":
+ "https://docs.mattermost.com/administration-guide/compliance-security-auditing/export-mattermost-channel-data.html",
+"administration-guide/comply/legal-hold.html":
+ "https://docs.mattermost.com/administration-guide/compliance-security-auditing/legal-hold.html",
+"administration-guide/compliance-with-mattermost.html":
+ "https://docs.mattermost.com/administration-guide/compliance-security-auditing/compliance-with-mattermost.html",
+
+# Onboard → Identity & Access / Getting Started
+"administration-guide/onboard/ad-ldap.html":
+ "https://docs.mattermost.com/administration-guide/identity-access/ad-ldap.html",
+"administration-guide/onboard/ad-ldap-groups-synchronization.html":
+ "https://docs.mattermost.com/administration-guide/identity-access/ad-ldap-groups-synchronization.html",
+"administration-guide/onboard/managing-team-channel-membership-using-ad-ldap-sync-groups.html":
+ "https://docs.mattermost.com/administration-guide/identity-access/managing-team-channel-membership-using-ad-ldap-sync-groups.html",
+"administration-guide/onboard/multi-factor-authentication.html":
+ "https://docs.mattermost.com/administration-guide/identity-access/multi-factor-authentication.html",
+"administration-guide/onboard/certificate-based-authentication.html":
+ "https://docs.mattermost.com/administration-guide/identity-access/certificate-based-authentication.html",
+"administration-guide/onboard/ssl-client-certificate.html":
+ "https://docs.mattermost.com/administration-guide/identity-access/ssl-client-certificate.html",
+"administration-guide/onboard/sso-gitlab.html":
+ "https://docs.mattermost.com/administration-guide/identity-access/authentication-methods/sso/sso-gitlab.html",
+"administration-guide/onboard/sso-openidconnect.html":
+ "https://docs.mattermost.com/administration-guide/identity-access/authentication-methods/sso/sso-openidconnect.html",
+"administration-guide/onboard/sso-google.html":
+ "https://docs.mattermost.com/administration-guide/identity-access/authentication-methods/sso/sso-google.html",
+"administration-guide/onboard/sso-entraid.html":
+ "https://docs.mattermost.com/administration-guide/identity-access/authentication-methods/sso/sso-entraid.html",
+"administration-guide/onboard/convert-oauth20-service-providers-to-openidconnect.html":
+ "https://docs.mattermost.com/administration-guide/identity-access/authentication-methods/sso/convert-oauth20-service-providers-to-openidconnect.html",
+"administration-guide/onboard/sso-saml.html":
+ "https://docs.mattermost.com/administration-guide/identity-access/authentication-methods/saml-based-sso/sso-saml.html",
+"administration-guide/onboard/sso-saml-adfs.html":
+ "https://docs.mattermost.com/administration-guide/identity-access/authentication-methods/saml-based-sso/sso-saml-adfs.html",
+"administration-guide/onboard/sso-saml-adfs-msws2016.html":
+ "https://docs.mattermost.com/administration-guide/identity-access/authentication-methods/saml-based-sso/sso-saml-adfs-msws2016.html",
+"administration-guide/onboard/sso-saml-okta.html":
+ "https://docs.mattermost.com/administration-guide/identity-access/authentication-methods/saml-based-sso/sso-saml-okta.html",
+"administration-guide/onboard/sso-saml-onelogin.html":
+ "https://docs.mattermost.com/administration-guide/identity-access/authentication-methods/saml-based-sso/sso-saml-onelogin.html",
+"administration-guide/onboard/sso-saml-keycloak.html":
+ "https://docs.mattermost.com/administration-guide/identity-access/authentication-methods/saml-based-sso/sso-saml-keycloak.html",
+"administration-guide/onboard/sso-saml-ldapsync.html":
+ "https://docs.mattermost.com/administration-guide/identity-access/authentication-methods/saml-based-sso/sso-saml-ldapsync.html",
+"administration-guide/onboard/sso-saml-technical.html":
+ "https://docs.mattermost.com/administration-guide/identity-access/authentication-methods/saml-based-sso/sso-saml-technical.html",
+"administration-guide/onboard/sso-saml-faq.html":
+ "https://docs.mattermost.com/administration-guide/identity-access/authentication-methods/saml-based-sso/sso-saml-faq.html",
+"administration-guide/onboard/migrating-to-mattermost.html":
+ "https://docs.mattermost.com/administration-guide/getting-started/migrating-to-mattermost.html",
+"administration-guide/onboard/migrate-from-slack.html":
+ "https://docs.mattermost.com/administration-guide/getting-started/migrate-from-slack.html",
+"administration-guide/onboard/migrating-from-hipchat-to-mattermost.html":
+ "https://docs.mattermost.com/administration-guide/getting-started/migrating-from-hipchat-to-mattermost.html",
+"administration-guide/onboard/connected-workspaces.html":
+ "https://docs.mattermost.com/administration-guide/getting-started/connected-workspaces.html",
+"administration-guide/onboard/bulk-loading-data.html":
+ "https://docs.mattermost.com/administration-guide/getting-started/bulk-loading-data.html",
+
+# Upgrade/Scale → Operations & Scaling or Getting Started
+"administration-guide/upgrade/upgrading-mattermost-server.html":
+ "https://docs.mattermost.com/administration-guide/operations-scaling/upgrading-mattermost-server.html",
+"administration-guide/upgrade/prepare-to-upgrade-mattermost.html":
+ "https://docs.mattermost.com/administration-guide/operations-scaling/prepare-to-upgrade-mattermost.html",
+"administration-guide/upgrade/important-upgrade-notes.html":
+ "https://docs.mattermost.com/administration-guide/operations-scaling/important-upgrade-notes.html",
+"administration-guide/upgrade/upgrade-mattermost-kubernetes-ha.html":
+ "https://docs.mattermost.com/administration-guide/operations-scaling/upgrade-mattermost-kubernetes-ha.html",
+"administration-guide/upgrade/downgrading-mattermost-server.html":
+ "https://docs.mattermost.com/administration-guide/operations-scaling/downgrading-mattermost-server.html",
+"administration-guide/upgrade/enterprise-roll-out-checklist.html":
+ "https://docs.mattermost.com/administration-guide/getting-started/enterprise-roll-out-checklist.html",
+"administration-guide/upgrade/admin-onboarding-tasks.html":
+ "https://docs.mattermost.com/administration-guide/getting-started/admin-onboarding-tasks.html",
+"administration-guide/upgrade-mattermost.html":
+ "https://docs.mattermost.com/administration-guide/operations-scaling/upgrade-mattermost.html",
+
+# Scale → Operations & Scaling
+"administration-guide/scale/high-availability-cluster-based-deployment.html":
+ "https://docs.mattermost.com/administration-guide/operations-scaling/high-availability-cluster-based-deployment.html",
+"administration-guide/scale/scaling-for-enterprise.html":
+ "https://docs.mattermost.com/administration-guide/operations-scaling/scaling-for-enterprise.html",
+"administration-guide/scale/redis.html":
+ "https://docs.mattermost.com/administration-guide/operations-scaling/redis.html",
+"administration-guide/scale/elasticsearch-setup.html":
+ "https://docs.mattermost.com/administration-guide/operations-scaling/elasticsearch-setup.html",
+"administration-guide/scale/opensearch-setup.html":
+ "https://docs.mattermost.com/administration-guide/operations-scaling/opensearch-setup.html",
+"administration-guide/scale/ensuring-releases-perform-at-scale.html":
+ "https://docs.mattermost.com/administration-guide/operations-scaling/ensuring-releases-perform-at-scale.html",
+"administration-guide/scale/collect-performance-metrics.html":
+ "https://docs.mattermost.com/administration-guide/operations-scaling/collect-performance-metrics.html",
+"administration-guide/scale/estimated-storage-per-user-per-month.html":
+ "https://docs.mattermost.com/administration-guide/operations-scaling/estimated-storage-per-user-per-month.html",
+"administration-guide/scale/lifetime-storage.html":
+ "https://docs.mattermost.com/administration-guide/operations-scaling/lifetime-storage.html",
+"administration-guide/scale/performance-alerting.html":
+ "https://docs.mattermost.com/administration-guide/operations-scaling/performance-alerting.html",
+"administration-guide/scale/performance-monitoring-metrics.html":
+ "https://docs.mattermost.com/administration-guide/operations-scaling/performance-monitoring-metrics.html",
+"administration-guide/scale/additional-ha-considerations.html":
+ "https://docs.mattermost.com/administration-guide/operations-scaling/additional-ha-considerations.html",
+"administration-guide/scale/backing-storage-benchmarks.html":
+ "https://docs.mattermost.com/administration-guide/operations-scaling/backing-storage-benchmarks.html",
+"administration-guide/scale/common-configure-mattermost-for-enterprise-search.html":
+ "https://docs.mattermost.com/administration-guide/operations-scaling/common-configure-mattermost-for-enterprise-search.html",
+"administration-guide/scale/push-notification-health-targets.html":
+ "https://docs.mattermost.com/administration-guide/operations-scaling/push-notification-health-targets.html",
+"administration-guide/scale/scale-to-200000-users.html":
+ "https://docs.mattermost.com/administration-guide/operations-scaling/scale-to-200000-users.html",
+"administration-guide/scale/scale-to-100000-users.html":
+ "https://docs.mattermost.com/administration-guide/operations-scaling/scale-to-100000-users.html",
+"administration-guide/scale/scale-to-15000-users.html":
+ "https://docs.mattermost.com/administration-guide/operations-scaling/scale-to-15000-users.html",
+"administration-guide/scale/scale-to-200-users.html":
+ "https://docs.mattermost.com/administration-guide/operations-scaling/scale-to-200-users.html",
+"administration-guide/scale/scale-to-2000-users.html":
+ "https://docs.mattermost.com/administration-guide/operations-scaling/scale-to-2000-users.html",
+"administration-guide/scale/scale-to-30000-users.html":
+ "https://docs.mattermost.com/administration-guide/operations-scaling/scale-to-30000-users.html",
+"administration-guide/scale/scale-to-50000-users.html":
+ "https://docs.mattermost.com/administration-guide/operations-scaling/scale-to-50000-users.html",
+"administration-guide/scale/scale-to-80000-users.html":
+ "https://docs.mattermost.com/administration-guide/operations-scaling/scale-to-80000-users.html",
+"administration-guide/scale/scale-to-90000-users.html":
+ "https://docs.mattermost.com/administration-guide/operations-scaling/scale-to-90000-users.html",
+
+# Manage → Admin Tools & Utilities (selected)
+"administration-guide/manage/command-line-tools.html":
+ "https://docs.mattermost.com/administration-guide/admin-tools/command-line-tools.html",
+"administration-guide/manage/mmctl-command-line-tool.html":
+ "https://docs.mattermost.com/administration-guide/admin-tools/mmctl-command-line-tool.html",
+"administration-guide/manage/logging.html":
+ "https://docs.mattermost.com/administration-guide/admin-tools/logging.html",
+"administration-guide/manage/in-product-notices.html":
+ "https://docs.mattermost.com/administration-guide/admin-tools/in-product-notices.html",
+"administration-guide/manage/system-wide-notifications.html":
+ "https://docs.mattermost.com/administration-guide/admin-tools/system-wide-notifications.html",
+"administration-guide/manage/feature-labels.html":
+ "https://docs.mattermost.com/administration-guide/admin-tools/feature-labels.html",
+"administration-guide/manage/statistics.html":
+ "https://docs.mattermost.com/administration-guide/admin-tools/statistics.html",
+"administration-guide/manage/request-server-health-check.html":
+ "https://docs.mattermost.com/administration-guide/admin-tools/request-server-health-check.html",
+"administration-guide/manage/telemetry.html":
+ "https://docs.mattermost.com/administration-guide/admin-tools/telemetry.html",
+"administration-guide/manage/bulk-export-tool.html":
+ "https://docs.mattermost.com/administration-guide/admin-tools/bulk-export-tool.html",
+"administration-guide/manage/cloud-byok.html":
+ "https://docs.mattermost.com/administration-guide/admin-tools/cloud-byok.html",
+"administration-guide/manage/cloud-data-residency.html":
+ "https://docs.mattermost.com/administration-guide/admin-tools/cloud-data-residency.html",
+"administration-guide/manage/cloud-ip-filtering.html":
+ "https://docs.mattermost.com/administration-guide/admin-tools/cloud-ip-filtering.html",
+"administration-guide/manage/cloud-data-export.html":
+ "https://docs.mattermost.com/administration-guide/admin-tools/cloud-data-export.html",
+
+# Cloud workspace & licensing
+"administration-guide/cloud-workspace-management.html":
+ "https://docs.mattermost.com/administration-guide/licensing/cloud-workspace-management.html",
+"administration-guide/manage/admin/self-hosted-billing.html":
+ "https://docs.mattermost.com/administration-guide/licensing/self-hosted-billing.html",
+"administration-guide/manage/admin/installing-license-key.html":
+ "https://docs.mattermost.com/administration-guide/admin-tools/installing-license-key.html",
+
+# Configure → Configuration Settings (Reference)
+"administration-guide/configure/configuration-settings.html":
+ "https://docs.mattermost.com/administration-guide/configuration-reference/configuration-settings.html",
+"administration-guide/configure/system-attributes.html":
+ "https://docs.mattermost.com/administration-guide/configuration-reference/system-attributes.html",
+"administration-guide/configure/environment-variables.html":
+ "https://docs.mattermost.com/administration-guide/configuration-reference/environment-variables.html",
+"administration-guide/configure/authentication-configuration-settings.html":
+ "https://docs.mattermost.com/administration-guide/configuration-reference/authentication-configuration-settings.html",
+"administration-guide/configure/site-configuration-settings.html":
+ "https://docs.mattermost.com/administration-guide/configuration-reference/site-configuration-settings.html",
+"administration-guide/configure/user-management-configuration-settings.html":
+ "https://docs.mattermost.com/administration-guide/configuration-reference/user-management-configuration-settings.html",
+"administration-guide/configure/integrations-configuration-settings.html":
+ "https://docs.mattermost.com/administration-guide/configuration-reference/integrations-configuration-settings.html",
+"administration-guide/configure/plugins-configuration-settings.html":
+ "https://docs.mattermost.com/administration-guide/configuration-reference/plugins-configuration-settings.html",
+"administration-guide/configure/reporting-configuration-settings.html":
+ "https://docs.mattermost.com/administration-guide/configuration-reference/reporting-configuration-settings.html",
+"administration-guide/configure/compliance-configuration-settings.html":
+ "https://docs.mattermost.com/administration-guide/configuration-reference/compliance-configuration-settings.html",
+"administration-guide/configure/experimental-configuration-settings.html":
+ "https://docs.mattermost.com/administration-guide/configuration-reference/experimental-configuration-settings.html",
+"administration-guide/configure/deprecated-configuration-settings.html":
+ "https://docs.mattermost.com/administration-guide/configuration-reference/deprecated-configuration-settings.html",
+"administration-guide/configure/rate-limiting-configuration-settings.html":
+ "https://docs.mattermost.com/administration-guide/configuration-reference/rate-limiting-configuration-settings.html",
+"administration-guide/configure/push-notification-server-configuration-settings.html":
+ "https://docs.mattermost.com/administration-guide/configuration-reference/push-notification-server-configuration-settings.html",
+"administration-guide/configure/configuration-in-your-database.html":
+ "https://docs.mattermost.com/administration-guide/configuration-reference/configuration-in-your-database.html",
+"administration-guide/configure/bleve-search.html":
+ "https://docs.mattermost.com/administration-guide/configuration-reference/bleve-search.html",
+"administration-guide/configure/enabling-chinese-japanese-korean-search.html":
+ "https://docs.mattermost.com/administration-guide/configuration-reference/enabling-chinese-japanese-korean-search.html",
+"administration-guide/configure/install-boards.html":
+ "https://docs.mattermost.com/administration-guide/configuration-reference/install-boards.html",
+"administration-guide/configure/manage-user-surveys.html":
+ "https://docs.mattermost.com/administration-guide/configuration-reference/manage-user-surveys.html",
+"administration-guide/configure/customize-mattermost.html":
+ "https://docs.mattermost.com/administration-guide/configuration-reference/customize-mattermost.html",
+"administration-guide/configure/custom-branding-tools.html":
+ "https://docs.mattermost.com/administration-guide/configuration-reference/custom-branding-tools.html",
"administration/audit-log.html":
"https://docs.mattermost.com/administration-guide/comply/audit-log.html",
"administration/backup.html":
diff --git a/source/security-guide/cmmc-compliance.rst b/source/security-guide/cmmc-compliance.rst
index 6e1c2276b07..ec98a69f664 100644
--- a/source/security-guide/cmmc-compliance.rst
+++ b/source/security-guide/cmmc-compliance.rst
@@ -13,41 +13,41 @@ Access Control and Identity Management
Mattermost supports robust identity and access management to ensure that only authorized users access the system and that they only see data permitted for their role. Key capabilities include:
-:doc:`Single Sign-On (SSO) Integration `: Mattermost integrates with enterprise identity providers via :doc:`SAML 2.0 `, :doc:`OpenID Connect `, and :doc:`AD/LDAP `. This allows you to centrally manage user accounts and enforce enterprise authentication policies. Only users provisioned in your directory (and assigned to the Mattermost service) can log in. This helps satisfy access control requirements to “limit system access to authorized users” (AC 3.1.1) using vetted corporate identities.
+:doc:`Single Sign-On (SSO) Integration `: Mattermost integrates with enterprise identity providers via :doc:`SAML 2.0 `, :doc:`OpenID Connect `, and :doc:`AD/LDAP `. This allows you to centrally manage user accounts and enforce enterprise authentication policies. Only users provisioned in your directory (and assigned to the Mattermost service) can log in. This helps satisfy access control requirements to “limit system access to authorized users” (AC 3.1.1) using vetted corporate identities.
-:doc:`Role-Based Access Control (RBAC) `: Granular permissions in Mattermost ensure users can perform only the actions permitted for their role. For example, regular users cannot perform administrative functions, and :doc:`guest accounts ` have restricted access to specific channels. Administrators can configure :ref:`team-wide ` and :ref:`channel-specific roles/permissions ` so that users only access data and functions needed for their duties. This supports the principle of least privilege (AC 3.1.5) and limits users’ actions to authorized functions (AC 3.1.2, AC 3.1.7).
+:doc:`Role-Based Access Control (RBAC) `: Granular permissions in Mattermost ensure users can perform only the actions permitted for their role. For example, regular users cannot perform administrative functions, and :doc:`guest accounts ` have restricted access to specific channels. Administrators can configure :ref:`team-wide ` and :ref:`channel-specific roles/permissions ` so that users only access data and functions needed for their duties. This supports the principle of least privilege (AC 3.1.5) and limits users’ actions to authorized functions (AC 3.1.2, AC 3.1.7).
-:doc:`Group-Based Access Management `: Mattermost :doc:`AD/LDAP Group Sync ` automates user provisioning and de-provisioning. Users can be added or removed from Mattermost teams/channels based on their directory group membership. This ensures timely removal of access when personnel change roles or leave (addressing account management aspects of AC 3.1.1) and helps enforce separation of duties (AC 3.1.4) by aligning channel access with organizational roles.
+:doc:`Group-Based Access Management `: Mattermost :doc:`AD/LDAP Group Sync ` automates user provisioning and de-provisioning. Users can be added or removed from Mattermost teams/channels based on their directory group membership. This ensures timely removal of access when personnel change roles or leave (addressing account management aspects of AC 3.1.1) and helps enforce separation of duties (AC 3.1.4) by aligning channel access with organizational roles.
-:ref:`Session Management and Timeout `: Mattermost administrators can define session security settings, including session idle timeouts and session lifetime. Sessions can be automatically invalidated after a period of inactivity or on demand. By limiting session duration and requiring re-authentication, Mattermost reduces the risk of unauthorized access via unattended sessions (helps address AC 3.1.6 for session lock and IA 3.5.2 for session control). Failed login attempt thresholds can also be set (e.g. lock out after X failed attempts) to mitigate brute-force attacks, aligning with AC 3.1.8.
+:ref:`Session Management and Timeout `: Mattermost administrators can define session security settings, including session idle timeouts and session lifetime. Sessions can be automatically invalidated after a period of inactivity or on demand. By limiting session duration and requiring re-authentication, Mattermost reduces the risk of unauthorized access via unattended sessions (helps address AC 3.1.6 for session lock and IA 3.5.2 for session control). Failed login attempt thresholds can also be set (e.g. lock out after X failed attempts) to mitigate brute-force attacks, aligning with AC 3.1.8.
-**User Agreement and Access Approval**: Mattermost Enterprise supports a :doc:`Custom Terms of Service ` banner that users must accept upon first login. This can be used to remind users of acceptable use policies or consent to monitoring, indirectly supporting training/awareness requirements and ensuring users acknowledge security terms before accessing CUI.
+**User Agreement and Access Approval**: Mattermost Enterprise supports a :doc:`Custom Terms of Service ` banner that users must accept upon first login. This can be used to remind users of acceptable use policies or consent to monitoring, indirectly supporting training/awareness requirements and ensuring users acknowledge security terms before accessing CUI.
Authentication and Multi-Factor Authentication (MFA)
-----------------------------------------------------
Secure authentication is critical for protecting Controlled Unclassified Information (CUI). Mattermost offers several features to strengthen user authentication in alignment with CMMC requirements:
-**Unique User Identification**: Each Mattermost user has a unique account (username/email), satisfying the need for unique IDs (IA 3.5.1). Administrators can :ref:`deactivate accounts ` that are found to be generic or shared, and when integrated with enterprise SSO or LDAP, organizational policies can prevent shared account use.
+**Unique User Identification**: Each Mattermost user has a unique account (username/email), satisfying the need for unique IDs (IA 3.5.1). Administrators can :ref:`deactivate accounts ` that are found to be generic or shared, and when integrated with enterprise SSO or LDAP, organizational policies can prevent shared account use.
-**Password Policy Enforcement**: For built-in authentication, Mattermost administrators can :ref:`enforce strong password requirements ` (minimum length, complexity). This helps meet IA 3.5.2 by requiring robust passwords and reducing the risk of credential compromise.
+**Password Policy Enforcement**: For built-in authentication, Mattermost administrators can :ref:`enforce strong password requirements ` (minimum length, complexity). This helps meet IA 3.5.2 by requiring robust passwords and reducing the risk of credential compromise.
-:doc:`Multi-Factor Authentication `: Mattermost supports MFA for all user accounts. In self-hosted deployments, admins can enable and enforce TOTP-based MFA (e.g. requiring a one-time code from Google Authenticator during login). When Mattermost is integrated with SSO (SAML/OIDC), you can leverage the IdP’s MFA policies (e.g. CAC/PIV or OTP) for Mattermost logins. Requiring two factors for authentication aligns with CMMC practice IA 3.5.3, adding an extra layer of verification to protect accounts even if passwords are compromised.
+:doc:`Multi-Factor Authentication `: Mattermost supports MFA for all user accounts. In self-hosted deployments, admins can enable and enforce TOTP-based MFA (e.g. requiring a one-time code from Google Authenticator during login). When Mattermost is integrated with SSO (SAML/OIDC), you can leverage the IdP’s MFA policies (e.g. CAC/PIV or OTP) for Mattermost logins. Requiring two factors for authentication aligns with CMMC practice IA 3.5.3, adding an extra layer of verification to protect accounts even if passwords are compromised.
-**Account Lockout and Recovery**: Mattermost can limit failed login attempts and lock accounts after a specified number of failures, helping to thwart brute-force attacks (IA 3.5.3, additional aspect). It also provides options for :ref:`secure password reset ` or :ref:`administrator-issued password resets ` to support account recovery while maintaining security controls.
+**Account Lockout and Recovery**: Mattermost can limit failed login attempts and lock accounts after a specified number of failures, helping to thwart brute-force attacks (IA 3.5.3, additional aspect). It also provides options for :ref:`secure password reset ` or :ref:`administrator-issued password resets ` to support account recovery while maintaining security controls.
Audit Logging and Accountability
---------------------------------
CMMC Level 2 (NIST 800-171) places heavy emphasis on audit logging and the ability to track and monitor system activity (Audit & Accountability, AU 3.3.x controls). Mattermost provides built-in logging and monitoring features that help meet these requirements:
-**System and Application Audit Logs**: Mattermost records server and application events in an :ref:`audit log ` (:doc:`JSON format `). This includes security-relevant events such as logins, account creations, permission changes, server configuration changes, and more. Enterprise editions can send logs to external :ref:`syslog or monitoring systems ` in real time. These logs provide the evidence needed for AU.3.3.1 (“generate audit records for user/activity”) and support analysis of incidents.
+**System and Application Audit Logs**: Mattermost records server and application events in an :ref:`audit log ` (:doc:`JSON format `). This includes security-relevant events such as logins, account creations, permission changes, server configuration changes, and more. Enterprise editions can send logs to external :ref:`syslog or monitoring systems ` in real time. These logs provide the evidence needed for AU.3.3.1 (“generate audit records for user/activity”) and support analysis of incidents.
**Message History Retention**: By default, Mattermost retains a complete history of all messages (including edits and deletions) and file uploads in the database. Even if a user deletes a message in the application, the data is still preserved in the backend (unless a retention policy is in place). This ensures actions are traceable to individuals (AU 3.3.2) and meets requirements to retain and archive audit data. Administrators can also :ref:`disable users’ ability to edit or delete messages `, guaranteeing an unalterable record of conversation content for compliance purposes (useful for investigations and meeting audit retention requirements).
-:doc:`Compliance Export ` and :doc:`Electronic Discovery `: Mattermost’s :doc:`Compliance Export ` feature can automatically export message history and metadata on a scheduled basis. This helps organizations produce chat records for audits, e-discovery, or long-term archival outside the application (relevant to AU 3.3.3 on audit record retention and review). Additionally, integration with third-party archiving and e-discovery tools is supported (e.g. Smarsh/Global Relay), enabling centralized analysis of communications for compliance.
+:doc:`Compliance Export ` and :doc:`Electronic Discovery `: Mattermost’s :doc:`Compliance Export ` feature can automatically export message history and metadata on a scheduled basis. This helps organizations produce chat records for audits, e-discovery, or long-term archival outside the application (relevant to AU 3.3.3 on audit record retention and review). Additionally, integration with third-party archiving and e-discovery tools is supported (e.g. Smarsh/Global Relay), enabling centralized analysis of communications for compliance.
-**Automated Monitoring and Alerts**: Administrators can generate daily compliance reports of Mattermost activity or use the audit data for anomaly detection. Mattermost supports integration with Security Information and Event Management (SIEM) systems by sending logs to a :ref:`syslog ` or via the `API `_. This allows organizations to correlate Mattermost events with other security data and receive alerts on suspicious behavior (e.g. multiple failed logins, unexpected user account changes), supporting AU 3.3.4 and RA 3.11.2 (continuous monitoring and risk assessment). Mattermost’s audit log can thus feed into your incident monitoring process for rapid detection of issues.
+**Automated Monitoring and Alerts**: Administrators can generate daily compliance reports of Mattermost activity or use the audit data for anomaly detection. Mattermost supports integration with Security Information and Event Management (SIEM) systems by sending logs to a :ref:`syslog ` or via the `API `_. This allows organizations to correlate Mattermost events with other security data and receive alerts on suspicious behavior (e.g. multiple failed logins, unexpected user account changes), supporting AU 3.3.4 and RA 3.11.2 (continuous monitoring and risk assessment). Mattermost’s audit log can thus feed into your incident monitoring process for rapid detection of issues.
**Protection of Audit Information**: Access to Mattermost logs is restricted to system administrators – regular users cannot view or tamper with audit records. Logs written to files on the server can be further protected by OS-level access controls. This aligns with AU 3.3.5 (prevent unauthorized access/modification of audit records). Additionally, if using Mattermost Cloud or an external log aggregator, you should apply appropriate controls to those environments to safeguard the logs.
@@ -75,15 +75,15 @@ CMMC Level 2 includes controls to safeguard information during storage and trans
:doc:`Encryption in Transit `: All Mattermost client-server communication can be :doc:`encrypted ` using TLS (Transport Layer Security). When configured with HTTPS, Mattermost encrypts data in transit between the server and clients (web, desktop, mobile), preventing eavesdropping on CUI being discussed or transferred. This meets the requirement to protect CUI on networks by encrypting it during transmission (SC 3.13.8). Mattermost supports modern TLS protocols and ciphers; administrators should configure TLS per DoD guidelines (e.g. FIPS 140-2 validated cryptographic modules where applicable) to fully satisfy this control.
-:ref:`Encryption at Rest `: Mattermost supports encryption of data at rest through enterprise database and storage configurations. The application can be deployed on encrypted file systems or use encrypted storage backends. For instance, if using Amazon S3 for file storage, Mattermost Enterprise can enable :ref:`server-side encryption with S3-managed keys `. If using a self-hosted database, administrators can enable disk encryption or TDE on the database server. By encrypting the Mattermost database and storage drives, organizations add a layer of protection for CUI stored in chat messages and files, helping to meet SC 3.13.16 (protect confidentiality of CUI at rest) and MP 3.8.3 (media sanitization if disks are disposed). Mattermost documentation encourages regular key rotation and secure key management for encryption at rest.
+:ref:`Encryption at Rest `: Mattermost supports encryption of data at rest through enterprise database and storage configurations. The application can be deployed on encrypted file systems or use encrypted storage backends. For instance, if using Amazon S3 for file storage, Mattermost Enterprise can enable :ref:`server-side encryption with S3-managed keys `. If using a self-hosted database, administrators can enable disk encryption or TDE on the database server. By encrypting the Mattermost database and storage drives, organizations add a layer of protection for CUI stored in chat messages and files, helping to meet SC 3.13.16 (protect confidentiality of CUI at rest) and MP 3.8.3 (media sanitization if disks are disposed). Mattermost documentation encourages regular key rotation and secure key management for encryption at rest.
-**Network Access Control and Segmentation**: Mattermost can be deployed in a manner that controls network access to the system. In self-hosted deployments, organizations often place Mattermost servers in a secure enclave or DMZ with firewalls controlling ingress/egress. For cloud deployments, Mattermost Cloud offers :doc:`IP allowlisting ` (Enterprise plan) to restrict access to known IP ranges. These configurations address SC 3.13.1 and SC 3.13.2 by allowing Mattermost to reside within a protected network segment and ensuring only trusted networks or VPN users can reach it. Additionally, within Mattermost, data is segmented by :doc:`Teams ` and :doc:`Channels ` – you can create separate teams for different projects or clearance levels, and mark channels as private to restrict membership. This “micro-segmentation” of conversations ensures that sensitive discussions (e.g. about a specific CUI program) are isolated to authorized individuals, reducing inadvertent information exposure.
+**Network Access Control and Segmentation**: Mattermost can be deployed in a manner that controls network access to the system. In self-hosted deployments, organizations often place Mattermost servers in a secure enclave or DMZ with firewalls controlling ingress/egress. For cloud deployments, Mattermost Cloud offers :doc:`IP allowlisting ` (Enterprise plan) to restrict access to known IP ranges. These configurations address SC 3.13.1 and SC 3.13.2 by allowing Mattermost to reside within a protected network segment and ensuring only trusted networks or VPN users can reach it. Additionally, within Mattermost, data is segmented by :doc:`Teams ` and :doc:`Channels ` – you can create separate teams for different projects or clearance levels, and mark channels as private to restrict membership. This “micro-segmentation” of conversations ensures that sensitive discussions (e.g. about a specific CUI program) are isolated to authorized individuals, reducing inadvertent information exposure.
:ref:`Self-Hosted ` and :doc:`Air-Gapped Deployment `: Unlike many collaboration tools, Mattermost can be fully self-hosted on-premises or in a sovereign cloud, giving organizations complete control over data locality. DoD contractors can :doc:`deploy Mattermost in an air-gapped environment ` with no outside internet connectivity if required. This supports compliance when handling CUI that cannot be exposed to external systems. By keeping Mattermost within the same secured IT boundary as other CUI systems, contractors address concerns of SC 3.13.5 (isolate system components from external access). Mattermost’s deployment flexibility (on-prem, GovCloud, etc.) allows alignment with DoD requirements (e.g. hosting at IL4/IL5 for sensitive data, if using cloud infrastructure). All user data resides in the infrastructure you control, aiding data sovereignty and compliance with any `FedRAMP `_ or `ITAR `_ restrictions that may apply in addition to CMMC.
-**Data Loss Prevention Measures**: While Mattermost does not natively include a full DLP suite, administrators can enforce certain restrictions to prevent unauthorized sharing or retention of data. For example, :ref:`public link sharing ` (for files) can be disabled or restricted, ensuring that shared files are not exposed to untrusted users. :ref:`File Upload Settings ` and :ref:`Plugin Whitelisting ` allow you to control what types of files can be shared or which integrations are allowed, supporting SC 3.13.4 (control of information flows). Additionally, the :ref:`Push Notification contents ` can be configured to omit message text, so that if mobile push notifications are used, they do not leak sensitive message content to device lock screens or external services. For more advanced DLP, Mattermost’s open `APIs `_ and `webhooks `_ enable integration with external DLP solutions or content filtering systems (e.g. a script could detect and remove messages containing certain keywords or PII). These measures help fulfill AC 3.1.3 / SC 3.13.4 by controlling the flow of CUI and preventing it from leaving authorized channels.
+**Data Loss Prevention Measures**: While Mattermost does not natively include a full DLP suite, administrators can enforce certain restrictions to prevent unauthorized sharing or retention of data. For example, :ref:`public link sharing ` (for files) can be disabled or restricted, ensuring that shared files are not exposed to untrusted users. :ref:`File Upload Settings ` and :ref:`Plugin Whitelisting ` allow you to control what types of files can be shared or which integrations are allowed, supporting SC 3.13.4 (control of information flows). Additionally, the :ref:`Push Notification contents ` can be configured to omit message text, so that if mobile push notifications are used, they do not leak sensitive message content to device lock screens or external services. For more advanced DLP, Mattermost’s open `APIs `_ and `webhooks `_ enable integration with external DLP solutions or content filtering systems (e.g. a script could detect and remove messages containing certain keywords or PII). These measures help fulfill AC 3.1.3 / SC 3.13.4 by controlling the flow of CUI and preventing it from leaving authorized channels.
-**Sensitive Information Controls**: :doc:`System-wide banners ` can display CUI handling notices such as "⚠️ This system contains CUI. Use authorized accounts only. All activity is monitored." Supports AC.L2-3.1.9, AT.L2-3.2.1, IR.L2-3.6.2, and MP.L2-3.8.2. As well as :doc:`channel-specific banners ` can be used to flag channels containing CUI or incident response data, reinforce workflow integrity, or restrict data sharing. Supports AC.L2-3.1.3, MP.L2-3.8.2, AU.L2-3.3.1/3.3.2, and SC.L2-3.13.4.
+**Sensitive Information Controls**: :doc:`System-wide banners ` can display CUI handling notices such as "⚠️ This system contains CUI. Use authorized accounts only. All activity is monitored." Supports AC.L2-3.1.9, AT.L2-3.2.1, IR.L2-3.6.2, and MP.L2-3.8.2. As well as :doc:`channel-specific banners ` can be used to flag channels containing CUI or incident response data, reinforce workflow integrity, or restrict data sharing. Supports AC.L2-3.1.3, MP.L2-3.8.2, AU.L2-3.3.1/3.3.2, and SC.L2-3.13.4.
**Antivirus Scanning**: To address system integrity requirements (SI 3.14.5 for scanning files for malware), Mattermost can integrate with antivirus tools. A `ClamAV plugin `_ is available that scans files uploaded to Mattermost for viruses and malware. When enabled, this helps ensure that malicious files are detected and quarantined, protecting users and meeting the intent of controls on detecting and protecting against malware (SI 3.14.4 and SI 3.14.5). Administrators should also keep the Mattermost server host up-to-date with security patches and monitor for vulnerabilities (SI 3.14.1/3.14.2), as part of overall system integrity maintenance.
diff --git a/source/security-guide/hipaa-compliance.rst b/source/security-guide/hipaa-compliance.rst
index 1f2ae0a559b..8972cca124c 100644
--- a/source/security-guide/hipaa-compliance.rst
+++ b/source/security-guide/hipaa-compliance.rst
@@ -7,8 +7,8 @@ HIPAA-compliant deployments commonly consider the following:
- Omitting the contents of messages from mobile push and email notifications:
- - If your :ref:`Push Notifications Contents ` option is set to ``Send full message snippet`` there is a chance Personal Health Information (PHI) contained in messages could be displayed on a user's locked phone as a notification. To avoid this, set the option to ``Send generic description with user and channel names`` or ``Send generic description with only sender name``.
- - Similarly, setting :ref:`Email Notifications Contents ` to ``Send generic description with only sender name`` will only send the team name and name of the person who sent the message, with no information about channel name or message contents included in email notifications.
+ - If your :ref:`Push Notifications Contents ` option is set to ``Send full message snippet`` there is a chance Personal Health Information (PHI) contained in messages could be displayed on a user's locked phone as a notification. To avoid this, set the option to ``Send generic description with user and channel names`` or ``Send generic description with only sender name``.
+ - Similarly, setting :ref:`Email Notifications Contents ` to ``Send generic description with only sender name`` will only send the team name and name of the person who sent the message, with no information about channel name or message contents included in email notifications.
- Beyond Technical Safeguards, HIPAA compliance deployments also require:
diff --git a/source/security-guide/mobile-security.rst b/source/security-guide/mobile-security.rst
index 3484eff83eb..0be92949fec 100644
--- a/source/security-guide/mobile-security.rst
+++ b/source/security-guide/mobile-security.rst
@@ -37,7 +37,7 @@ Biometric authentication
Native biometric authentication ensures only the authorized device owner can access the Mattermost application. By utilizing hardware-level security, biometrics significantly enhance data protection, especially in cases of lost or stolen devices. This advanced security measure is far more robust and user-friendly compared to traditional passwords, adding a resilient layer of protection against unauthorized access.
-Administrators can mandate biometric authentication each time users attempt to open the Mattermost application, further safeguarding customer data and mitigating risks. Learn more about Mattermost :ref:`mobile biometric authentication `, and the :ref:`user workflows in which users must authenticate `, when biometric authentication is enabled.
+Administrators can mandate biometric authentication each time users attempt to open the Mattermost application, further safeguarding customer data and mitigating risks. Learn more about Mattermost :ref:`mobile biometric authentication `, and the :ref:`user workflows in which users must authenticate `, when biometric authentication is enabled.
Screenshot and screen recording prevention
-------------------------------------------
@@ -54,7 +54,7 @@ Learn more about how Mattermost leverages robust sandboxing mechanisms on both i
Push notification message visibility
------------------------------------
-Push notifications are a convenient way to stay updated, but they can also pose security risks if sensitive information is displayed. Mattermost provides options to :ref:`control the visibility of message content in push notifications `, ensuring that sensitive information is not inadvertently exposed through locked mobile screens and via relay servers from Apple and Google when sending notifications to iOS or Android mobile apps.
+Push notifications are a convenient way to stay updated, but they can also pose security risks if sensitive information is displayed. Mattermost provides options to :ref:`control the visibility of message content in push notifications `, ensuring that sensitive information is not inadvertently exposed through locked mobile screens and via relay servers from Apple and Google when sending notifications to iOS or Android mobile apps.
Disable downloads
-----------------
@@ -63,7 +63,7 @@ Environments with strict data loss prevention (DLP) policies or where sensitive
Disabling file uploads adds an additional layer of security by reducing the risk of malware or malicious files being introduced into the system, ensuring tighter control over sensitive corporate data, and preventing accidental leaks from unsecure mobile networks.
-Similarly, by disabling downloads, Mattermost ensures that files cannot be saved locally on the device, reducing the risk of unauthorized access or data leakage. Learn more about :ref:`disabling mobile uploads ` and :ref:`disabling mobile downloads ` in the Mattermost mobile app.
+Similarly, by disabling downloads, Mattermost ensures that files cannot be saved locally on the device, reducing the risk of unauthorized access or data leakage. Learn more about :ref:`disabling mobile uploads ` and :ref:`disabling mobile downloads ` in the Mattermost mobile app.
Secure file preview
-------------------
@@ -74,6 +74,6 @@ When secure file preview is enabled, files are stored temporarily in the app's c
Additionally, administrators can control link navigation within PDF files when secure file preview mode is active, allowing links to open in the device browser or supported applications as needed.
-Learn more about :ref:`enabling secure file preview on mobile ` and :ref:`allow PDF link navigation on mobile ` in the Mattermost mobile app.
+Learn more about :ref:`enabling secure file preview on mobile ` and :ref:`allow PDF link navigation on mobile ` in the Mattermost mobile app.
`Book a live demo `_ or `talk to a Mattermost expert `_ to explore tailored solutions for your organization's secure collaboration needs. Or try Mattermost yourself with a `1-hour preview `_ for instant access to a live sandbox environment.
\ No newline at end of file
diff --git a/source/security-guide/secure-mattermost.rst b/source/security-guide/secure-mattermost.rst
index 3fbb41bd6c7..17fd232eb4b 100644
--- a/source/security-guide/secure-mattermost.rst
+++ b/source/security-guide/secure-mattermost.rst
@@ -10,24 +10,24 @@ Mattermost ships with several security features that can help organizations safe
Encryption options
Transport encryption
- Multi-factor authentication
+ Multi-factor authentication
Delegated granular administration
- Custom terms of service
- User and group provisioning via AD/LDAP
- SAML-based SSO
- SAML SSO techical documentation
- Certificate-based authentication
+ Custom terms of service
+ User and group provisioning via AD/LDAP
+ SAML-based SSO
+ SAML SSO techical documentation
+ Certificate-based authentication
* :doc:`Encryption options ` - Setup encryption for data in transit and at rest.
* :doc:`Transport encryption ` - Secure data in transit between Mattermost and other services.
-* :doc:`Multi-factor authentication ` - Require users to provide a secure one-time code in addition to their username and password to log in to Mattermost.
-* :ref:`ID-only push notifications ` - Enable fully private mobile notifications to protect against iOS and Android notification infrastructure breaches.
+* :doc:`Multi-factor authentication ` - Require users to provide a secure one-time code in addition to their username and password to log in to Mattermost.
+* :ref:`ID-only push notifications ` - Enable fully private mobile notifications to protect against iOS and Android notification infrastructure breaches.
* :doc:`Enterprise mobility management ` - Secure mobile endpoints with management application configuration.
* :doc:`Delegated granular administration ` - Grant user access to specific areas of the Mattermost System Console.
-* :doc:`Custom terms of service ` - Increase clarity on legal Mattermost expectations for internal employees and guests.
-* :ref:`Manage session length ` - Control how long user sessions remain active.
-* :doc:`User and group provisioning via AD/LDAP ` - Provision and synchronize users and groups to pre-defined roles.
-* :doc:`SAML-based single sign-on (SSO) ` - Enable login using a single user ID and password managed through a SAML 2.0 Service Provider.
-* :doc:`SAML SSO technical documentation ` - Technical details on SAML SSO.
-* :doc:`Certificate-based authentication ` - Identify a user or a device before granting access to Mattermost.
-* :ref:`Manage file sharing and downloads ` - Control file sharing and downloads in Mattermost.
\ No newline at end of file
+* :doc:`Custom terms of service ` - Increase clarity on legal Mattermost expectations for internal employees and guests.
+* :ref:`Manage session length ` - Control how long user sessions remain active.
+* :doc:`User and group provisioning via AD/LDAP ` - Provision and synchronize users and groups to pre-defined roles.
+* :doc:`SAML-based single sign-on (SSO) ` - Enable login using a single user ID and password managed through a SAML 2.0 Service Provider.
+* :doc:`SAML SSO technical documentation ` - Technical details on SAML SSO.
+* :doc:`Certificate-based authentication ` - Identify a user or a device before granting access to Mattermost.
+* :ref:`Manage file sharing and downloads ` - Control file sharing and downloads in Mattermost.
\ No newline at end of file
diff --git a/source/security-guide/security-guide-index.rst b/source/security-guide/security-guide-index.rst
index badd656268d..e7b00af602b 100644
--- a/source/security-guide/security-guide-index.rst
+++ b/source/security-guide/security-guide-index.rst
@@ -27,7 +27,7 @@ Data-at-Rest Encryption
Encryption-at-rest ensures that messages, files, and other data stored in the Mattermost database and file storage are protected from unauthorized access by safeguarding data on physical storage media (e.g., disks) by encrypting it, making it inaccessible without the appropriate encryption keys. Learn more about Mattermost :ref:`data-at-rest encryption `.
-Encryption-at-rest also available for files stored in Amazon's proprietary S3 system using server-side encryption with :ref:`Amazon S3-managed keys ` (Mattermost Enterprise) when users choose not to use open source options.
+Encryption-at-rest also available for files stored in Amazon's proprietary S3 system using server-side encryption with :ref:`Amazon S3-managed keys ` (Mattermost Enterprise) when users choose not to use open source options.
We strongly recommend regularly rotating and securely storing encryption keys using tools, enabling logging and monitoring for access to encrypted data, and ensuring that backup data is encrypted.
@@ -37,40 +37,40 @@ Authentication and Access Control
Single Sign-On (SSO)
~~~~~~~~~~~~~~~~~~~~
-The mobile application integrates with Single Sign-On providers, allowing users to authenticate using their existing credentials from other trusted systems. This reduces the risk of password-related security breaches and streamlines the login process. Learn more about Mattermost :doc:`SSO `.
+The mobile application integrates with Single Sign-On providers, allowing users to authenticate using their existing credentials from other trusted systems. This reduces the risk of password-related security breaches and streamlines the login process. Learn more about Mattermost :doc:`SSO `.
Multi-Factor Authentication (MFA)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-An additional layer of security beyond username and password. Customers can :doc:`enable and enforce MFA ` to protect accounts from unauthorized access, even if login credentials are compromised.
+An additional layer of security beyond username and password. Customers can :doc:`enable and enforce MFA ` to protect accounts from unauthorized access, even if login credentials are compromised.
User Password Requirements
~~~~~~~~~~~~~~~~~~~~~~~~~~~
System administrators can configure user password settings to help safeguard the platform against a range of common attack vectors while maintaining usability and compliance with enterprise security policies:
-- Enforcing longer passwords ensures a baseline level of strength for every user's credentials. Learn more about configuring a :ref:`minimum password length `.
-- Enforcing character complexity protects against attackers exploiting weak or overly simple passwords by enforcing passwords that resist dictionary attacks and common password vulnerabilities. Learn more about configuring :ref:`password requirements `.
-- Limiting the number of failed authentication attempts before locking the account temporarily or permanently mitigates brute-force, where attackers attempt to guess passwords by repeatedly entering potential combinations. Learn more about configuring the :ref:`maximum number of login attempts `.
-- Enabling the forgot password flow adds a layer of convenience by ensuring users can reset their password when needed while preventing users from being locked out due to legitimate loss of credentials. Learn more about :ref:`enabling a password reset workflow `.
+- Enforcing longer passwords ensures a baseline level of strength for every user's credentials. Learn more about configuring a :ref:`minimum password length `.
+- Enforcing character complexity protects against attackers exploiting weak or overly simple passwords by enforcing passwords that resist dictionary attacks and common password vulnerabilities. Learn more about configuring :ref:`password requirements `.
+- Limiting the number of failed authentication attempts before locking the account temporarily or permanently mitigates brute-force, where attackers attempt to guess passwords by repeatedly entering potential combinations. Learn more about configuring the :ref:`maximum number of login attempts `.
+- Enabling the forgot password flow adds a layer of convenience by ensuring users can reset their password when needed while preventing users from being locked out due to legitimate loss of credentials. Learn more about :ref:`enabling a password reset workflow `.
Session Management
~~~~~~~~~~~~~~~~~~
-System administrators can configure session management settings, including session length, session cache, and idle timeout to ensure user sessions are managed effectively and securely. Session fixation attacks are mitigated as Mattermost sets a new session cookie with each login. Learn more about :ref:`session management configuration settings `.
+System administrators can configure session management settings, including session length, session cache, and idle timeout to ensure user sessions are managed effectively and securely. Session fixation attacks are mitigated as Mattermost sets a new session cookie with each login. Learn more about :ref:`session management configuration settings `.
Protection Against Brute Force Attacks
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-System administrators can :doc:`rate limit Mattermost APIs ` based on query frequency, memory store size, remote address, and headers.
+System administrators can :doc:`rate limit Mattermost APIs ` based on query frequency, memory store size, remote address, and headers.
Remote Session Revocation & Password Reset
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
System administrators can remotely :doc:`revoke user sessions ` across web, mobile devices, and desktop apps.
-User passwords can be remotely :ref:`reset ` to enhance security.
+User passwords can be remotely :ref:`reset ` to enhance security.
-Admins can also enforce re-login after a specified period of time by defining :ref:`session lengths ` and by :ref:`revoking user sessions ` to force users to log back into the system immediately.
+Admins can also enforce re-login after a specified period of time by defining :ref:`session lengths ` and by :ref:`revoking user sessions ` to force users to log back into the system immediately.
Role-Based Access Control (ABAC)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
@@ -80,14 +80,14 @@ Administrators can set granular permissions to control access to sensitive infor
Cross-Origin Requests Control
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-Choose whether to restrict or enable :ref:`cross-origin requests ` for enhanced control.
+Choose whether to restrict or enable :ref:`cross-origin requests ` for enhanced control.
Public Link Management
----------------------
-Public links for account creation, file, and image shares can be invalidated by :ref:`regenerating salts ` to ensure security.
+Public links for account creation, file, and image shares can be invalidated by :ref:`regenerating salts ` to ensure security.
-Public links can also be disabled by setting the :ref:`public link salt ` to an empty string. This prevents the creation of new public links and invalidates existing ones.
+Public links can also be disabled by setting the :ref:`public link salt ` to an empty string. This prevents the creation of new public links and invalidates existing ones.
LLM Context Management
-----------------------
@@ -97,7 +97,7 @@ Mattermost Agents are designed to ensure that only necessary information is sent
Audit Logs and Monitoring
-------------------------
-Mattermost writes logs to both the console and to a log file in a machine-readable JSON format. Commercial customers can additionally log directly to syslog and TCP socket destination targets. Learn more about :doc:`Mattermost logging `.
+Mattermost writes logs to both the console and to a log file in a machine-readable JSON format. Commercial customers can additionally log directly to syslog and TCP socket destination targets. Learn more about :doc:`Mattermost logging `.
Activity Monitoring
~~~~~~~~~~~~~~~~~~~~
@@ -205,7 +205,7 @@ When using username-password authentication, especially with AD/LDAP, there's th
We believe this design increases productivity, speeds up user adoption, and reduces help desk tickets and support costs - and that these benefits outweigh the trade-offs.
-The trade-off with this design is that if physical security is not in effect, network security is not in effect (i.e., no VPN or a malicious user within the private network), and username-password authentication is used, an attacker may be able to enumerate email addresses or usernames by sending HTTP requests to the system, up to the maximum number of requests per second defined in Mattermost's :doc:`API rate limiting settings `.
+The trade-off with this design is that if physical security is not in effect, network security is not in effect (i.e., no VPN or a malicious user within the private network), and username-password authentication is used, an attacker may be able to enumerate email addresses or usernames by sending HTTP requests to the system, up to the maximum number of requests per second defined in Mattermost's :doc:`API rate limiting settings `.
For organizations who choose to deploy in such a configuration, please consider the following mitigations:
diff --git a/source/security-guide/zero-trust.rst b/source/security-guide/zero-trust.rst
index 9bbdd90d5f9..579319b7c11 100644
--- a/source/security-guide/zero-trust.rst
+++ b/source/security-guide/zero-trust.rst
@@ -16,23 +16,23 @@ Mattermost integrates seamlessly with enterprise identity providers (IdPs), enab
By using one of the secure identity mechanisms listed below and enforcing least-privilege access via roles and groups, Mattermost ensures that only verified individuals gain access to the platform and its resources:
-- `SAML `_: Enables seamless Single Sign-On, ensuring centralized authentication to continuously enforce user verification.
-- `LDAP `_: Facilitates integration with enterprise directories to tightly control user access, adhering to granular identity verification.
-- `OpenID Connect `_: Provides secure, standards-based user authentication to verify identities and enforce secure access.
-- `Session Management `_: Strengthens continuous authentication by controlling session lengths and automatically revoking sessions based on inactivity or policy violations, ensuring constant identity verification. By limiting session lifetimes and enforcing strict session policies, Mattermost mitigates the risk of stolen session tokens or extended unauthorized access.
+- `SAML `_: Enables seamless Single Sign-On, ensuring centralized authentication to continuously enforce user verification.
+- `LDAP `_: Facilitates integration with enterprise directories to tightly control user access, adhering to granular identity verification.
+- `OpenID Connect `_: Provides secure, standards-based user authentication to verify identities and enforce secure access.
+- `Session Management `_: Strengthens continuous authentication by controlling session lengths and automatically revoking sessions based on inactivity or policy violations, ensuring constant identity verification. By limiting session lifetimes and enforcing strict session policies, Mattermost mitigates the risk of stolen session tokens or extended unauthorized access.
Authorized users can seamlessly be added and removed from channels utilizing the native AD/LDAP integration based on group memberships:
-- `LDAP Synchronized User Groups `_: Automates user management and access control by dynamically syncing with organizational directories to minimize risks and enforce policies.
+- `LDAP Synchronized User Groups `_: Automates user management and access control by dynamically syncing with organizational directories to minimize risks and enforce policies.
Continuous monitoring
----------------------
Mattermost offers tools for monitoring activity, identifying suspicious behavior, session management, and real-time incident response. Audit trails and performance monitoring ensure the proactive detection of potential issues or breaches, delivering visibility into the activity across the platform.
-- `Audit Logging `_: Tracks detailed activity logs for monitoring and identifying real-time anomaly-detection use cases, such as detecting anomalous behavior from compromised accounts or insider threats, or responding to unusual file-sharing activity within sensitive channels.
+- `Audit Logging `_: Tracks detailed activity logs for monitoring and identifying real-time anomaly-detection use cases, such as detecting anomalous behavior from compromised accounts or insider threats, or responding to unusual file-sharing activity within sensitive channels.
- `SIEM Integrations `_: Streamlines monitoring within existing security systems to detect and respond to lateral movement threats or policy violations consistently.
-- `Performance Monitoring `_: Protects against potential threats by analyzing system and user behaviors via proactive monitoring.
+- `Performance Monitoring `_: Protects against potential threats by analyzing system and user behaviors via proactive monitoring.
Deployment and host control
---------------------------
@@ -42,7 +42,7 @@ Flexibility and control to host Mattermost securely to minimize the risk of vuln
Mattermost's self-hosting enables tailored configurations for on-premises systems with specialized security needs, while cloud IP filtering ensures scalable control for remote or hybrid teams operating across distributed environments:
- :doc:`Self-hosting Mattermost `: Enforces stricter data sovereignty requirements, and complete control over deployment environments, enabling organizations to implement custom Zero Trust security measures.
-- :ref:`Cloud IP Filtering `: Prevents untrusted entities from gaining initial access, restricting platform access to trusted network ranges, enforcing an evaluation of every connection.
+- :ref:`Cloud IP Filtering `: Prevents untrusted entities from gaining initial access, restricting platform access to trusted network ranges, enforcing an evaluation of every connection.
Encryption
----------
@@ -84,9 +84,9 @@ Administrative controls
Enforce logical segmentation through team-level and group-level management, enhancing productivity and security by aligning user access with their specific roles:
- `Delegated Granular Administration `_: Ensures operational security by enabling controlled management access based on responsibilities.
-- `Custom Terms of Service `_: Requires users to acknowledge organization-specific Terms of Service before access ensures alignment with security policies and strengthens compliance, particularly in regulated industries where custom terms may reflect specific mandates.
+- `Custom Terms of Service `_: Requires users to acknowledge organization-specific Terms of Service before access ensures alignment with security policies and strengthens compliance, particularly in regulated industries where custom terms may reflect specific mandates.
- `Granular Permissions `_: Facilitates precise control over user and system permissions, adhering to the principle of least privilege.
-- `Read-Only Permissions for Files `_: Limits file-sharing capabilities to safeguard sensitive information from unauthorized alterations.
+- `Read-Only Permissions for Files `_: Limits file-sharing capabilities to safeguard sensitive information from unauthorized alterations.
Security policies and tokens
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
@@ -100,7 +100,7 @@ Multi-factor authentication (MFA)
Mattermost supports MFA to strengthen authentication practices by adding an extra layer of protection for high-risk workflows beyond passwords:
-- `MFA `_: Enhances user identity verification by requiring multiple factors for authentication. MFA ensures that unauthorized users are denied access even if passwords are compromised, reducing the risk of account breaches.
+- `MFA `_: Enhances user identity verification by requiring multiple factors for authentication. MFA ensures that unauthorized users are denied access even if passwords are compromised, reducing the risk of account breaches.
Alternatively, often enforced through the identity provider (IDP).
@@ -111,10 +111,10 @@ Data management directly addresses how sensitive information is managed, control
By retaining data only for the duration that it is needed and then securely disposing of it, the exposure to malicious activity or unauthorized access is significantly reduced. Even if attackers gain access, their exposure is minimized. The less data stored, the smaller the "footprint" for potential exploitation:
-- `Data Retention Policies `_: Enforces strict retention controls to reduce data exposure and help comply with governance standards.
-- `Compliance Export `_: Ensures data portability for audit and compliance purposes in a secure and controlled manner.
-- `Compliance Monitoring `_: Offers visibility into adherence to security and compliance policies, supporting compliance mandates.
-- `E-Discovery `_: Boosts organizational oversight by ensuring discoverability of stored data for legal and compliance audits under secure protocols. E-Discovery capabilities help organizations meet compliance expectations for legal audits under frameworks like GDPR or HIPAA without sacrificing secure collaboration workflows.
+- `Data Retention Policies `_: Enforces strict retention controls to reduce data exposure and help comply with governance standards.
+- `Compliance Export `_: Ensures data portability for audit and compliance purposes in a secure and controlled manner.
+- `Compliance Monitoring `_: Offers visibility into adherence to security and compliance policies, supporting compliance mandates.
+- `E-Discovery `_: Boosts organizational oversight by ensuring discoverability of stored data for legal and compliance audits under secure protocols. E-Discovery capabilities help organizations meet compliance expectations for legal audits under frameworks like GDPR or HIPAA without sacrificing secure collaboration workflows.
- `Archiving Inactive Teams or Channels `_ & `Unarchive Channels `_: Reduces the potential attack surface by securely deactivating and storing inactive resources, minimizing both live data exposure and the likelihood of exploitation. This approach ensures adherence to security best practices while maintaining the ability to securely restore resources if needed.
Incident response
diff --git a/source/use-case-guide/devops-collaboration.rst b/source/use-case-guide/devops-collaboration.rst
index 73ccbe07429..8c9dfe7adb1 100644
--- a/source/use-case-guide/devops-collaboration.rst
+++ b/source/use-case-guide/devops-collaboration.rst
@@ -30,7 +30,7 @@ Platform teams need streamlined, secure ways to deliver services and enable deve
- **Centralize platform requests and updates** in :doc:`dedicated channels ` that organize provisioning, support, and environment status discussions.
- **Automate ticket triage and escalation workflows** using :doc:`Playbooks ` to track response SLAs and ownership across platform operations.
-- **Monitor infrastructure health and changes** with integrated feeds from :doc:`Prometheus, Grafana `, or custom observability tools—supporting faster feedback loops.
+- **Monitor infrastructure health and changes** with integrated feeds from :doc:`Prometheus, Grafana `, or custom observability tools—supporting faster feedback loops.
- **Support hybrid cloud and edge operations** through :ref:`deployment flexibility ` across public, private, and disconnected environments.
Secure Incident Response for Production Systems
@@ -42,8 +42,8 @@ Real-time visibility and structured collaboration are critical during service de
- **Automate incident handling** with :doc:`Playbooks ` to track diagnostics, assign tasks, and issue updates—supporting NOC, SRE, and AppSec workflows.
- **Accelerate containment and recovery** by :ref:`integrating alerting tools ` like PagerDuty, Opsgenie, and custom webhooks into secure Mattermost channels.
-- **Ensure communication continuity** during outages using :doc:`high availability architecture ` and :doc:`support for disconnected environments `.
-- **Enable forensic review and audit** with :ref:`logging and export capabilities ` that preserve all incident-related communications.
+- **Ensure communication continuity** during outages using :doc:`high availability architecture ` and :doc:`support for disconnected environments `.
+- **Enable forensic review and audit** with :ref:`logging and export capabilities ` that preserve all incident-related communications.
Policy-Driven Collaboration in Regulated Environments
------------------------------------------------------
@@ -54,7 +54,7 @@ Critical infrastructure DevSecOps must align with strict security, audit, and co
- **Apply granular role-based access controls** using :doc:`advanced permissions ` and :ref:`channel-specific configurations ` to protect sensitive workflows.
- **Support supply chain security coordination** by using :doc:`Playbooks ` to manage SBOM reviews, vendor risk analysis, and software intake workflows across internal and external teams.
-- **Enforce secure collaboration behavior** through :doc:`custom Terms of Service `, :doc:`data retention policies `, and user authentication tied to :doc:`SSO and Entra ID `.
+- **Enforce secure collaboration behavior** through :doc:`custom Terms of Service `, :doc:`data retention policies `, and user authentication tied to :doc:`SSO and Entra ID `.
- **Deploy in line** with :doc:`Zero Trust ` principles with :ref:`self-managed, segmented deployments ` that enforce identity, access, and policy boundaries—suitable for classified or sovereign cloud environments.
Get Started
diff --git a/source/use-case-guide/integrated-security-operations.rst b/source/use-case-guide/integrated-security-operations.rst
index 616332205da..996d8596e7d 100644
--- a/source/use-case-guide/integrated-security-operations.rst
+++ b/source/use-case-guide/integrated-security-operations.rst
@@ -21,7 +21,7 @@ SOCs are the front lines of real-time monitoring, triage, and escalation. Coordi
- **Accelerate triage and response workflows** with :doc:`Collaborative Playbooks ` that automate escalations, task assignment, and ticket updates for consistent response execution.
- **Integrate detection pipelines and observability tools** using the :doc:`Mattermost integrations platform ` to surface alerts from SIEM, SOAR, and log analysis systems into dedicated response channels.
-- **Maintain operational security and compliance** through :doc:`role-based permissions ` and :ref:`audit logging ` to safeguard sensitive incident data.
+- **Maintain operational security and compliance** through :doc:`role-based permissions ` and :ref:`audit logging ` to safeguard sensitive incident data.
- **Operate in secure, classified, or hybrid environments** using Kubernetes or Linux on the infrastructure of your choice: Public cloud, organization data center, or fully air-gapped. :ref:`Explore deployment options `.
- **Meet regulatory compliance requirements** with a solution that adapts to your organization's security posture and regulatory requirements, incl. GDPR, FedRAMP, ISO 27001, and more.
@@ -35,7 +35,7 @@ CERTs serve as rapid-response teams during high-risk events, requiring tight coo
- **Orchestrate high-stakes incident response** through :doc:`Collaborative Playbooks ` tailored for malware outbreaks, data exfiltration events, and zero-day exploits.
- **Centralize and structure communication** with :doc:`channel-based collaboration `, including :doc:`file sharing `, :doc:`threaded updates `, and task-tracking across affected teams.
- **Enable coordination across geographies** using :doc:`multi-device access ` and :doc:`mobile EMM support ` for secure participation across locations and devices.
-- **Preserve evidentiary and compliance data** through :ref:`audit logs ` and configurable :doc:`exports ` for legal review or forensic handoff.
+- **Preserve evidentiary and compliance data** through :ref:`audit logs ` and configurable :doc:`exports ` for legal review or forensic handoff.
- **Ensure data sovereignty** with flexible hosting options including EU-resident infrastructure, on-premises deployments, and air-gapped environments that maintain full control over sensitive communications.
Federated Threat Intelligence & Information Sharing
@@ -45,11 +45,11 @@ Cross-organizational threat intelligence teams,spanning sectors, regions, and pu
**Benefits**
-- **Collaborate securely across agencies or organizations** using :doc:`Connected Workspaces ` to synchronize alerts, discussions, and file sharing with trusted external partners.
-- **Support multinational and sectoral collaboration** with :doc:`custom terms of service enforcement ` and :ref:`localized UI settings ` for global partner access.
+- **Collaborate securely across agencies or organizations** using :doc:`Connected Workspaces ` to synchronize alerts, discussions, and file sharing with trusted external partners.
+- **Support multinational and sectoral collaboration** with :doc:`custom terms of service enforcement ` and :ref:`localized UI settings ` for global partner access.
- **Preserve operational trust and compliance** through :doc:`role-based access controls ` and :ref:`channel-specific permissions ` that enforce jurisdictional and information-sharing agreements.
- **Operationalize shared threat intelligence** by integrating IOCs, threat actor profiles, and shared playbooks into your Mattermost instance via the :doc:`integrations platform `.
-- **Scale communication globally** with Mattermost's :doc:`high availability and horizontal scalability architecture `,supporting tens of thousands of users across enterprise, field, government, or classified environments.
+- **Scale communication globally** with Mattermost's :doc:`high availability and horizontal scalability architecture `,supporting tens of thousands of users across enterprise, field, government, or classified environments.
Get Started
-----------
diff --git a/source/use-case-guide/maximize-microsoft-investments.rst b/source/use-case-guide/maximize-microsoft-investments.rst
index 08312dc8fa1..32b2d45fc16 100644
--- a/source/use-case-guide/maximize-microsoft-investments.rst
+++ b/source/use-case-guide/maximize-microsoft-investments.rst
@@ -17,7 +17,7 @@ Agencies and critical infrastructure organizations must often comply with strict
- **Deploy Mattermost on-premise or in sovereign clouds**, fully integrated with Microsoft Teams and Outlook (See :doc:`Mattermost for M365, Teams, and Outlook `) to maintain workflow continuity and secure data storage.
- **Store messages, recordings, and transcriptions in compliance-approved systems**, with :ref:`data-at-rest encryption ` ensuring no leakage of sensitive data to third-party platforms.
- **Enable secure Microsoft Teams interactions via embedded Mattermost collaboration**, supporting operations within familiar interfaces while enforcing regulatory compliance. See :doc:`Mattermost for M365, Teams, and Outlook `.
-- **Enforce agency-specific policies** with :doc:`legal hold `, :doc:`retention policies `, and :doc:`user access controls ` that align with national or sectoral mandates.
+- **Enforce agency-specific policies** with :doc:`legal hold `, :doc:`retention policies `, and :doc:`user access controls ` that align with national or sectoral mandates.
On-Premises Skype for Business Replacement
-------------------------------------------
@@ -28,7 +28,7 @@ As Skype for Business reaches end-of-life, secure organizations require an alter
:alt: Extend Microsoft Enterprise IT investments for edge-based, highly tailored Mission IT workflows with Mattermost.
- **Preserve mission-critical communication workflows** with a self-hosted Mattermost deployment that supports :doc:`1:1 calls `, :ref:`screen sharing `, and :doc:`threaded messaging ` within secure environments.
-- **Integrate Mattermost with Microsoft tools** such as Outlook, Teams, and :doc:`Entra ID Single Sign-On ` to retain user workflows while centralizing identity and access control. See :doc:`Mattermost for M365, Teams, and Outlook `.
+- **Integrate Mattermost with Microsoft tools** such as Outlook, Teams, and :doc:`Entra ID Single Sign-On ` to retain user workflows while centralizing identity and access control. See :doc:`Mattermost for M365, Teams, and Outlook `.
- **Deploy in sovereign, air-gapped, or private cloud environments** such as `Azure Deployment `_ or **Azure Local** (formerly Azure Stack HCI) for on-premises hybrid cloud scenarios while maintaining compliance with STIG, FedRAMP, and NIST 800-53 standards. For Azure Local deployments, we recommend engaging **Mattermost Professional Services** for deployment support. `Talk to an Expert `_ to learn more.
:doc:`Learn more ` about replacing Skype for Business with Mattermost.
@@ -44,9 +44,9 @@ During high-stakes incidents, Microsoft 365 tools can be limited or unavailable,
**Benefits**
- **Maintain operational continuity during M365 outages** with a dedicated, out-of-band Mattermost instance for secure incident response, communication, and collaboration. See :doc:`Mattermost Mission Collaboration for Microsoft `
-- **Accelerate responses** with :doc:`AI-powered workflows `, enabling structured playbooks for triage, escalation, and resolution even when primary systems are compromised.
-- **Integrate with Microsoft Security Suite** and :doc:`Entra ID ` to preserve centralized identity management while keeping sensitive data in a secure secondary system. :doc:`Learn more ` about Mattermost's integration capabilities.
-- **Protect breach-sensitive notifications** using :ref:`ID-only push alerts ` and enhanced mobile security, enabling secure communication without cloud exposure.
+- **Accelerate responses** with :doc:`AI-powered workflows `, enabling structured playbooks for triage, escalation, and resolution even when primary systems are compromised.
+- **Integrate with Microsoft Security Suite** and :doc:`Entra ID ` to preserve centralized identity management while keeping sensitive data in a secure secondary system. :doc:`Learn more ` about Mattermost's integration capabilities.
+- **Protect breach-sensitive notifications** using :ref:`ID-only push alerts ` and enhanced mobile security, enabling secure communication without cloud exposure.
Enterprise to Tactical Edge
----------------------------
@@ -60,7 +60,7 @@ Operational teams need to extend Microsoft capabilities to mission environments
- **Enable mission-critical coordination at the edge** by :ref:`deploying Mattermost in secure, on-prem or air-gapped environments ` :doc:`integrated with Microsoft Teams and Outlook `.
- **Fuse data and decision-making across platforms** with support for :doc:`toolchain integration `, :doc:`audio/screen share `, and :doc:`workflow automation ` embedded into a dedicated Mission Operations Platform.
-- **Maintain coalition and partner alignment** through :doc:`interoperable Connected Workspaces ` supporting collaboration across mission partner networks.
+- **Maintain coalition and partner alignment** through :doc:`interoperable Connected Workspaces ` supporting collaboration across mission partner networks.
- **Accelerate action with mission-tuned AI** using secure Azure AI and :doc:`Mattermost Copilot ` to summarize context, guide decisions, and automate operational tasks.
- **Secure every communication path** with built-in :doc:`Zero Trust controls ` and deploy on Azure or sovereign environments for maximum flexibility and compliance.
@@ -75,9 +75,9 @@ Managing external collaboration within Microsoft Teams can be complex, often req
**Benefits**
- **Integrate Mattermost with Microsoft Teams and Outlook** to enable secure external collaboration with encryption, audit trails, and role-based permissions—without compromising compliance. (See :doc:`Mattermost for M365, Teams, and Outlook `).
-- **Eliminate shadow IT** by providing :doc:`Connected Workspaces ` for sanctioned, policy-enforced engagement with external partners—reducing reliance on consumer-grade tools.
-- **Apply granular policy enforcement for external users**, including :ref:`granular user permissions `, :doc:`legal hold `, :doc:`retention policies `, and :doc:`custom Terms of Service `.
-- **Synchronize user identity** using :doc:`Entra ID ` to maintain scalable, centralized access control across both internal and external collaborators.
+- **Eliminate shadow IT** by providing :doc:`Connected Workspaces ` for sanctioned, policy-enforced engagement with external partners—reducing reliance on consumer-grade tools.
+- **Apply granular policy enforcement for external users**, including :ref:`granular user permissions `, :doc:`legal hold `, :doc:`retention policies `, and :doc:`custom Terms of Service `.
+- **Synchronize user identity** using :doc:`Entra ID ` to maintain scalable, centralized access control across both internal and external collaborators.
Cross-Instance Collaboration Hub
---------------------------------
@@ -87,7 +87,7 @@ Multi-agency, multi-tenant Microsoft 365 environments often hinder seamless coll
**Benefits**
- **Centralize communication across M365 instances** using Mattermost as a neutral, embedded hub for messaging, file sharing, and playbook coordination (See :doc:`Mattermost for M365, Teams, and Outlook `).
-- **Bridge segmented Teams deployments** with :doc:`Connected Workspaces ` and Microsoft presence integration to ensure continuity without duplicative configuration.
+- **Bridge segmented Teams deployments** with :doc:`Connected Workspaces ` and Microsoft presence integration to ensure continuity without duplicative configuration.
- **Deploy flexibly across hybrid, private, or air-gapped environments** such as :doc:`Mattermost for M365, Teams, and Outlook ` to ensure operational consistency no matter the deployment complexity.
- **Secure external communications and maintain control** with segmentation, data governance, and compliance automation across Teams ecosystems.
diff --git a/source/use-case-guide/mission-ready-mobile.rst b/source/use-case-guide/mission-ready-mobile.rst
index 4452f5beca7..a5eed5972c0 100644
--- a/source/use-case-guide/mission-ready-mobile.rst
+++ b/source/use-case-guide/mission-ready-mobile.rst
@@ -20,9 +20,9 @@ Mission teams require trusted mobile access to secure collaboration, ensuring op
**Benefits**
- **Deploy securely with enterprise mobility management (EMM)** using :ref:`AppConfig integrations ` to manage application policies, access controls, and encrypted communication channels.
-- **Maintain control over mission-critical data**: Enable safe delivery of notifications via :ref:`ID-only push notifications ` that prevent exposure of sensitive content to third-party systems like Apple or Google.
+- **Maintain control over mission-critical data**: Enable safe delivery of notifications via :ref:`ID-only push notifications ` that prevent exposure of sensitive content to third-party systems like Apple or Google.
- **Mitigate data compromise risk in personnel transitions**: Protect data with :doc:`remote wipe and deactivation ` capabilities in the event of device loss, theft, or personnel separation.
-- **Enforce strong identity assurance** through :ref:`native biometric authentication ` and :doc:`multi-factor authentication (MFA) ` tied to :doc:`SSO ` or :doc:`AD/LDAP ` provisioning .
+- **Enforce strong identity assurance** through :ref:`native biometric authentication ` and :doc:`multi-factor authentication (MFA) ` tied to :doc:`SSO ` or :doc:`AD/LDAP ` provisioning .
- **Comply with classified mobility mandates** by using :ref:`secure data storage `, :ref:`sandboxing `, and FIPS 140-3-validated TLS in transit* to meet defense-grade standards.
Secure Government Communications on Personal Devices
@@ -35,8 +35,8 @@ When personal devices are the only available channel—whether in partner nation
- **Enable trusted communications on BYOD** using lightweight AppConfig policies with :doc:`EMM optionality ` that avoids intrusive control while ensuring essential security baselines.
- **Prevent unauthorized data sharing**: Mitigate leakage with :ref:`screenshot and screen recording prevention ` and :ref:`jailbreak/root detection ` that block high-risk mobile behaviors.
- **Secure access without cloud dependency** via :ref:`self-hosted deployments ` or :doc:`air-gapped infrastructures ` that prevent sensitive data from touching public networks.
-- **Deliver rapid alerts with low bandwidth impact** using :ref:`ID-only push notifications `, ideal for DDIL (disconnected, intermittent, low-bandwidth) conditions.
-- **Support interagency or coalition workflows** in mission-partner environments through :doc:`Connected Workspaces ` with :doc:`role-based ` and :doc:`attribute-based access controls (ABAC) `.
+- **Deliver rapid alerts with low bandwidth impact** using :ref:`ID-only push notifications `, ideal for DDIL (disconnected, intermittent, low-bandwidth) conditions.
+- **Support interagency or coalition workflows** in mission-partner environments through :doc:`Connected Workspaces ` with :doc:`role-based ` and :doc:`attribute-based access controls (ABAC) `.
Built for Field-Forward Security
---------------------------------
@@ -45,10 +45,10 @@ Mattermost on mobile is hardened to operate under mission-grade security expecta
**Features**
-- **Zero Trust security architecture** with channel- and file-level :doc:`attribute-based access control (ABAC) `.
+- **Zero Trust security architecture** with channel- and file-level :doc:`attribute-based access control (ABAC) `.
- **TLS with post-quantum readiness** and end-to-end* :doc:`encryption options ` for high-assurance deployments.
- **Burn-on-read messaging**: Use secure file viewers*, burn on read messaging*, and advanced data spillage controls* to protect sensitive information and minimize persistent data exposure.
-- **DoD STIG container support** with FIPS 140-3 validation*, and :ref:`audit logging ` to ensure deployment compliance in regulated missions.
+- **DoD STIG container support** with FIPS 140-3 validation*, and :ref:`audit logging ` to ensure deployment compliance in regulated missions.
- **Isolated mobile sessions** from host operating systems by partnering with platforms like Hypori in high-assurance BYOD scenarios.
Features marked with an asterisk above ``*`` will be available in a future 2025 release.
diff --git a/source/use-case-guide/on-prem-skype-for-business-replacement.rst b/source/use-case-guide/on-prem-skype-for-business-replacement.rst
index c663100e9af..f03613b63ee 100644
--- a/source/use-case-guide/on-prem-skype-for-business-replacement.rst
+++ b/source/use-case-guide/on-prem-skype-for-business-replacement.rst
@@ -18,7 +18,7 @@ Organizations operating in fully disconnected or classified environments require
- **Ensure secure communication in fully disconnected networks** using Mattermost's support for private on-premise deployments, including FIPS 140-3 validated and DISA STIG-hardened container images. :doc:`Learn more ` about Mattermost's architecture, components, and backend infrastructure.
- **Maintain operational continuity** with enterprise-grade :doc:`channel-based collaboration `— including :doc:`1:1 audio calls `, :ref:`screen sharing `, :doc:`threaded messaging `, and :doc:`file sharing `—entirely within air-gapped systems.
-- **Scale to mission requirements** with a :doc:`high-availability, horizontally scalable architecture ` that supports tens of thousands of users in secure on-prem environments.
+- **Scale to mission requirements** with a :doc:`high-availability, horizontally scalable architecture ` that supports tens of thousands of users in secure on-prem environments.
- **Preserve data sovereignty and eliminate external dependencies** with a self-hosted :doc:`Kubernetes deployment model ` that integrates into classified networks, sovereign data centers, or **Azure Local** (formerly Azure Stack HCI) for hybrid cloud on-premises scenarios.
Modernize Secure Collaboration Workflows
@@ -32,7 +32,7 @@ Legacy communication tools lack the flexibility, automation, and usability deman
- **Streamline mission-critical processes** with :doc:`Collaborative Playbooks ` that automate and track workflows like incident response, shift turnover, and logistics planning.
- **Embed secure video conferencing into daily operations** using the `Pexip integration `_, allowing real-time video engagement from within your air-gapped or secure infrastructure.
- **Support operational task management** through optional Kanban-style `Boards `_ for structured, accountable planning—hosted securely within your own network.
-- **Align the user experience with your operational identity** using :doc:`custom branding `, :doc:`theming `, and :ref:`product localization ` across more than 20 languages to support multinational teams.
+- **Align the user experience with your operational identity** using :doc:`custom branding `, :doc:`theming `, and :ref:`product localization ` across more than 20 languages to support multinational teams.
Enterprise-Controlled External Collaboration
--------------------------------------------
@@ -45,9 +45,9 @@ Collaborating across organizational boundaries must not compromise compliance or
**Benefits**
- **Collaborate securely with third parties** via Connected Workspaces that allow messaging, :doc:`file sharing `, and :doc:`thread-based discussions ` with external teams—without exposing internal systems.
-- **Apply fine-grained access controls and retention policies** to external users through enterprise-managed :doc:`permissions `, :ref:`audit logging `, and :ref:`channel-specific configurations `.
+- **Apply fine-grained access controls and retention policies** to external users through enterprise-managed :doc:`permissions `, :ref:`audit logging `, and :ref:`channel-specific configurations `.
- **Integrate with Microsoft Teams, Exchange, and M365** to maintain centralized workflows and extend secure communication to external stakeholders without leaving policy-aligned platforms. See :doc:`Mattermost for M365, Teams, and Outlook `.
-- **Manage user identity and access** across internal and external roles using Microsoft :doc:`Entra ID ` (Azure AD) synchronization for scalable and compliant provisioning.
+- **Manage user identity and access** across internal and external roles using Microsoft :doc:`Entra ID ` (Azure AD) synchronization for scalable and compliant provisioning.
Get Started
-----------
diff --git a/source/use-case-guide/out-of-band-incident-response.rst b/source/use-case-guide/out-of-band-incident-response.rst
index f1b9e7359e8..2ab393a4aa5 100644
--- a/source/use-case-guide/out-of-band-incident-response.rst
+++ b/source/use-case-guide/out-of-band-incident-response.rst
@@ -23,7 +23,7 @@ Out-of-band collaboration provides a persistent, independent channel for coordin
- **Meet regulatory compliance requirements** with a solution that adapts to your organization's security posture and regulatory requirements, incl. GDPR, FedRAMP, ISO 27001, and more.
- **Ensure data sovereignty** with flexible hosting options including EU-resident infrastructure, on-premises deployments, and air-gapped environments that maintain full control over sensitive communications.
- **Maintain continuity across platforms** with :doc:`multi-device access `, including web, desktop, and mobile experiences, even when primary tools are offline.
-- **Enforce strict access controls** using :doc:`role-based permissions ` and :ref:`audit logging ` to limit risk exposure during high-stakes operations.
+- **Enforce strict access controls** using :doc:`role-based permissions ` and :ref:`audit logging ` to limit risk exposure during high-stakes operations.
Business Continuity at Scale
----------------------------
@@ -32,7 +32,7 @@ Outages and downtime threaten both productivity and revenue. In large enterprise
**Benefits**
-- **Scale communication globally** with Mattermost's :doc:`high availability and horizontal scalability architecture `, supporting tens of thousands of users across enterprise, field, government, or classified environments.
+- **Scale communication globally** with Mattermost's :doc:`high availability and horizontal scalability architecture `, supporting tens of thousands of users across enterprise, field, government, or classified environments.
- **Accelerate outage recovery** using :doc:`Collaborative Playbooks ` that automate response steps and ensure team accountability during time-critical events, reducing mean time to recovery (MTTR) by up to 50%.
- **Demonstrate ROI through measurable outcomes** with built-in metrics tracking incident response times, team coordination efficiency, and compliance audit trails.
diff --git a/source/use-case-guide/purpose-built-collaboration.rst b/source/use-case-guide/purpose-built-collaboration.rst
index 45e29d89153..c0b6b608c71 100644
--- a/source/use-case-guide/purpose-built-collaboration.rst
+++ b/source/use-case-guide/purpose-built-collaboration.rst
@@ -19,7 +19,7 @@ Coordinating logistics across continents, agencies, and time zones requires a se
- **Enable real-time coordination** across supply chains, procurement, and field units with :doc:`channel-based messaging ` and :doc:`playbook-driven workflows ` that standardize communication and reduce friction.
- **Connect systems across logistics networks** by integrating ERP, fleet tracking, maintenance management, and transportation tools via :doc:`webhooks, APIs, and plugins `.
-- **Preserve operational continuity** during outages or disruptions using :ref:`self-hosted deployments ` and :doc:`high availability architecture ` that eliminate reliance on third-party cloud services.
+- **Preserve operational continuity** during outages or disruptions using :ref:`self-hosted deployments ` and :doc:`high availability architecture ` that eliminate reliance on third-party cloud services.
- **Support multilingual coordination** with :ref:`localized UI options ` in 20+ languages to ensure inclusive collaboration across global teams.
Operational Technology and ICS Collaboration
@@ -32,7 +32,7 @@ Mattermost enables secure collaboration across OT environments and field operati
**Benefits**
- **Enable compliant, real-time OT communications** across operational zones and facilities using :ref:`secure, on-prem collaboration ` that keeps data within your control perimeter.
-- **Support field teams with hardened mobile access** using :doc:`EMM-based app provisioning `, :ref:`biometric authentication `, :ref:`jailbreak detection `, and :ref:`ID-only push notifications `—ensuring that only authorized, uncompromised devices can access operational data.
+- **Support field teams with hardened mobile access** using :doc:`EMM-based app provisioning `, :ref:`biometric authentication `, :ref:`jailbreak detection `, and :ref:`ID-only push notifications `—ensuring that only authorized, uncompromised devices can access operational data.
- **Integrate with industrial monitoring systems** like SCADA, PI historians, and plant analytics using :doc:`alert-driven webhook and plugin integrations ` that push system events to relevant mobile or desktop channels.
- **Ensure system and network isolation** with :doc:`air-gapped deployment support ` that allows full collaboration within OT enclaves and disconnected environments.
- **Prevent mobile data leakage** via :ref:`remote wipe capabilities ` and :ref:`screenshot/screen recording prevention ` for mobile devices used in the field.
@@ -45,7 +45,7 @@ Engineering, infrastructure, and security teams manage increasingly complex envi
**Benefits**
- **Accelerate decision-making and incident response** using :doc:`Collaborative Playbooks ` to automate workflows for triage, patching, code releases, and security alerts.
-- **Customize your collaboration environment** with :doc:`theming `, :doc:`custom branding `, and :doc:`channel templates ` to mirror internal teams and operational domains.
+- **Customize your collaboration environment** with :doc:`theming `, :doc:`custom branding `, and :doc:`channel templates ` to mirror internal teams and operational domains.
- **Extend platform capabilities** with :doc:`slash commands, bots, and custom plugins ` that connect Mattermost to CI/CD systems, alerting frameworks, ticketing platforms, and internal tools.
- **Increase usability and team cohesion** with :ref:`custom emojis `, shared terminology, and :doc:`real-time messaging ` optimized for platform engineers, DevSecOps teams, and field service managers.
diff --git a/source/use-case-guide/secure-command-and-control.rst b/source/use-case-guide/secure-command-and-control.rst
index cf265b2d3c9..523cab0d0c6 100644
--- a/source/use-case-guide/secure-command-and-control.rst
+++ b/source/use-case-guide/secure-command-and-control.rst
@@ -34,11 +34,11 @@ Disconnected environments demand resilient tools that work without cloud access,
**Benefits**
- **Operate in air-gapped and disconnected networks** using :doc:`self-hosted Kubernetes deployments ` and STIG-hardened container images for secure offline operations.
-- **Ensure secure mobile access on managed or BYOD devices** with :doc:`mobile security features `, Zero Trust enforcement, and :ref:`ID-only push notifications ` for sensitive alerts.
+- **Ensure secure mobile access on managed or BYOD devices** with :doc:`mobile security features `, Zero Trust enforcement, and :ref:`ID-only push notifications ` for sensitive alerts.
- **Integrate with legacy and mission-specific systems** to maintain decision advantage in disconnected environments through :doc:`custom-built, self-hosted integrations ` tailored to your operational infrastructure.
-- **Maintain command resilience** using :doc:`high availability cluster-based deployment ` and :doc:`horizontal scalability ` to support operational continuity at scale.
+- **Maintain command resilience** using :doc:`high availability cluster-based deployment ` and :doc:`horizontal scalability ` to support operational continuity at scale.
- **Automate field workflows** with :doc:`Collaborative Playbooks ` that track tasks, manage field updates, and orchestrate responses under DDIL constraints.
-- **Enable secure real-time collaboration with headquarters** using :doc:`Connected Workspaces ` to synchronize discussions, files, and reactions if connectivity is restored.
+- **Enable secure real-time collaboration with headquarters** using :doc:`Connected Workspaces ` to synchronize discussions, files, and reactions if connectivity is restored.
Bring Your Own Device (BYOD) with Sensitive Information Protections
--------------------------------------------------------------------
@@ -51,7 +51,7 @@ Mattermost provides enterprise-grade mobile protections to enable secure BYOD ac
- **Mitigate unauthorized access** with :ref:`biometric authentication ` and :ref:`jailbreak/root detection `, ensuring only secure and uncompromised devices can access mission data.
- **Control information sharing** with :ref:`screenshot and screen recording prevention `, blocking unauthorized capture of sensitive content during classified or time-sensitive discussions.
-- **Protect data at rest and in motion** using encrypted mobile storage, :ref:`secure sandboxing `, and :ref:`ID-only push notifications ` that never expose message content to third-party cloud services.
+- **Protect data at rest and in motion** using encrypted mobile storage, :ref:`secure sandboxing `, and :ref:`ID-only push notifications ` that never expose message content to third-party cloud services.
- **Segment mission access by role or project** with :ref:`attribute-based access controls (ABAC) ` and scoped channel access, ensuring users only see data aligned with their permissions and operational role.
- **Ensure continuous mobile compliance** with secure SDLC practices and proactive vulnerability management baked into the Mattermost mobile application lifecycle.
@@ -66,7 +66,7 @@ Coordinating across departments, agencies, and external stakeholders—especiall
- **Unify mission stakeholders on a common-use platform** that supports :ref:`hybrid deployments ` across private cloud, edge environments, and :doc:`air-gapped infrastructure `.
- **Maintain data sovereignty and mission alignment** with deployments that avoid consumer infrastructure and retain control over all communications and file transfers—even in classified operations.
- **Apply role-based separation of access** through :doc:`advanced permissions ` and :ref:`channel-level controls ` to protect mission integrity across organizational boundaries.
-- **Enable secure real-time collaboration across entities** using :doc:`Connected Workspaces ` to synchronize discussions, files, and reactions between teams without compromising internal governance.
+- **Enable secure real-time collaboration across entities** using :doc:`Connected Workspaces ` to synchronize discussions, files, and reactions between teams without compromising internal governance.
- **Reduce personal device risk** by offering secure enterprise communication options that eliminate the need for unauthorized messaging apps.
Get Started
diff --git a/source/use-case-guide/self-sovereign-collaboration.rst b/source/use-case-guide/self-sovereign-collaboration.rst
index f3549f0824f..42586f49b84 100644
--- a/source/use-case-guide/self-sovereign-collaboration.rst
+++ b/source/use-case-guide/self-sovereign-collaboration.rst
@@ -19,8 +19,8 @@ Managing global operations means adhering to regional regulations—without comp
- **Meet global compliance mandates** like GDPR and data localization laws by deploying Mattermost in :doc:`public, private, or sovereign cloud environments ` tailored to national regulatory frameworks.
- **Ensure full data control and transparency** with :ref:`self-hosted deployment options ` that eliminate exposure to vendor-controlled infrastructure or telemetry.
-- **Audit and enforce compliance behavior** with :ref:`role-based access controls `, :doc:`custom Terms of Service `, and :ref:`audit logging ` to align with internal and regulatory standards.
-- **Protect identity and access** using :doc:`SSO integrations `, :doc:`AD/LDAP synchronization `, and :doc:`MFA enforcement ` for secure authentication across geographies and operational roles.
+- **Audit and enforce compliance behavior** with :ref:`role-based access controls `, :doc:`custom Terms of Service `, and :ref:`audit logging ` to align with internal and regulatory standards.
+- **Protect identity and access** using :doc:`SSO integrations `, :doc:`AD/LDAP synchronization `, and :doc:`MFA enforcement ` for secure authentication across geographies and operational roles.
Secure, Sovereign Deployment at Any Scale
-----------------------------------------
@@ -31,7 +31,7 @@ From national critical infrastructure to defense-grade networks, Mattermost offe
- **Deploy in classified, air-gapped, or disconnected environments** using :doc:`Kubernetes-based deployments ` and STIG-hardened container images to support classified operations and sensitive data workflows.
- **Eliminate third-party monitoring** with full control over infrastructure, encryption keys, access policies, and system-level logging.
-- **Scale to meet operational growth** with :doc:`horizontal scalability architecture ` that supports tens of thousands of users in sovereign environments without degrading performance or control.
+- **Scale to meet operational growth** with :doc:`horizontal scalability architecture ` that supports tens of thousands of users in sovereign environments without degrading performance or control.
- **Maintain operational continuity under cyber or supply chain disruption** using fully self-managed infrastructure that ensures collaboration continues even during cloud outages or external service failures.
Interoperable Mission-Partner Collaboration
@@ -41,7 +41,7 @@ Cross-agency, multinational, or coalition collaboration requires sovereignty wit
**Benefits**
-- **Create secure shared workspaces** with :doc:`Connected Workspaces Channels ` that synchronize discussions, reactions, and file sharing across trusted organizations—without exposing internal systems.
+- **Create secure shared workspaces** with :doc:`Connected Workspaces Channels ` that synchronize discussions, reactions, and file sharing across trusted organizations—without exposing internal systems.
- **Control access across organizations** with :doc:`attribute-based permissions ` and scoped identity policies to ensure mission alignment and sensitive information segmentation.
- **Deploy sovereign AI and workflow automation** in isolated environments using :doc:`air-gapped AI operations ` and :doc:`Collaborative Playbooks `—enabling intelligence and speed without compromising data control.
- **Upgrade legacy platforms** like Skype for Business with modern, compliant tools for secure messaging, screen sharing, and team coordination. :doc:`See Skype for Business replacement options `.
From e0a72598bac08a8c4b8a2161f4ab8a0038e44153 Mon Sep 17 00:00:00 2001
From: "Carrie Warner (Mattermost)"
<74422101+cwarnermm@users.noreply.github.com>
Date: Tue, 23 Sep 2025 16:35:19 -0400
Subject: [PATCH 2/4] Next iteration on AG landing page
---
.../administration-guide-index.rst | 274 +++++++++---
.../admin-onboarding-tasks.rst | 401 +++++++++++++++++
.../enterprise-roll-out-checklist.rst | 405 ------------------
.../ad-ldap-groups-synchronization.rst | 0
.../ad-ldap}/ad-ldap.rst | 10 +-
...l-membership-using-ad-ldap-sync-groups.rst | 0
.../authentication-methods-index.rst | 16 -
.../identity-access/identity-access-index.rst | 20 -
8 files changed, 631 insertions(+), 495 deletions(-)
delete mode 100644 source/administration-guide/getting-started/enterprise-roll-out-checklist.rst
rename source/administration-guide/identity-access/{ => authentication-methods/ad-ldap}/ad-ldap-groups-synchronization.rst (100%)
rename source/administration-guide/identity-access/{ => authentication-methods/ad-ldap}/ad-ldap.rst (97%)
rename source/administration-guide/identity-access/{ => authentication-methods/ad-ldap}/managing-team-channel-membership-using-ad-ldap-sync-groups.rst (100%)
delete mode 100644 source/administration-guide/identity-access/authentication-methods/authentication-methods-index.rst
delete mode 100644 source/administration-guide/identity-access/identity-access-index.rst
diff --git a/source/administration-guide/administration-guide-index.rst b/source/administration-guide/administration-guide-index.rst
index 23a36d99b70..a6a9d45e631 100644
--- a/source/administration-guide/administration-guide-index.rst
+++ b/source/administration-guide/administration-guide-index.rst
@@ -1,74 +1,242 @@
Administration Guide
=====================
-A prescriptive onboarding journey for Mattermost administrators after the server is deployed and live.
+This guide helps system administrators run a secure, reliable, and scalable Mattermost deployment. It’s organized as a clear journey, showing the outcomes you need to achieve and the tasks required to get there, from onboarding and identity management, to feature enablement, monitoring, scaling, compliance, and ongoing workspace management.
-.. toctree::
- :caption: Getting Started
- :maxdepth: 2
- :titlesonly:
+Get Started
+-------------
- getting-started/getting-started-index
+Migrate users and data, connect workspaces, and establish initial governance and readiness.
-.. toctree::
- :caption: Identity & Access Management
- :maxdepth: 2
- :titlesonly:
+- `Migrate users from Slack or HipChat `_
+- `Import data in bulk `_
+- `Connect multiple workspaces `_
+- `Follow the rollout checklist `_
+- `Complete administrator onboarding `_
- identity-access/identity-access-index
+Learn about the first steps to take after your Mattermost server is live, including :doc:`migrating to Mattermost `, :doc:`bulk loading data `, :doc:`installing license key `, :doc:`connecting Mattermost workspaces `, and :doc:`initial rollout planning ` to ensure a successful start with Mattermost.
-.. toctree::
- :caption: Platform Features
- :maxdepth: 2
- :titlesonly:
+- :doc:`Email templates `
- platform-features/platform-features-index
-.. toctree::
- :caption: User Experience & Engagement
- :maxdepth: 2
- :titlesonly:
+Identity & Access Management
+----------------------------
- user-experience/user-experience-index
+Secure sign-in through centralized identity providers, map attributes, and govern access and membership.
-.. toctree::
- :caption: Monitoring & Observability
- :maxdepth: 2
- :titlesonly:
+- `Set up Active Directory (AD) or LDAP `_
+- `Configure SSO (SAML: Okta, ADFS, OneLogin, Keycloak; OIDC: GitLab, Google, Entra ID) `_
+- `Enforce multi-factor authentication (MFA) `_
+- `Enable client certificates `_
+- `Sync groups and manage membership `_
- monitoring-observability/monitoring-observability-index
+Mattermost supports multiple authentication methods to meet your enterprise requirements. Choose from :doc:`SAML-based SSO `, :doc:`OIDC-based SSO `, and :doc:`AD/LDAP `.
-.. toctree::
- :caption: Operations & Scaling
- :maxdepth: 2
- :titlesonly:
+You can additionally increase your organization's secure collaboration posture by enabling :doc:`multi-factor authentication ` and :doc:`enabling SSL client certificates `.
- operations-scaling/operations-scaling-index
+Platform Features
+-----------------
+
+Expand your deployment with core features, improve search relevance, and enable real-time voice and video.
+
+- `Configure integrations and install plugins `_
+
+- :doc:`Install Boards for project management `
+- :doc:`Deploy Calls for real-time voice and video `_
+- :doc:`Deploy Agents `
+- deploy enterprise search
+- :doc:`Enabling Chinese, Japanese, Korean search `
+
+
+User Experience & Engagement
+----------------------------
+
+Deliver a consistent, branded workspace that drives adoption, engagement, and structured feedback.
+
+- `Apply branding and customize the UI `_
+- `Manage in-product notices `_
+- `Run user satisfaction surveys `_
+- `Optimize workspace configuration `_
+- `Customize email templates `_
+
+Monitoring & Observability
+--------------------------
+
+Gain visibility into system health, define alerts, and proactively prevent incidents.
+
+- `Configure logging, telemetry, and system statistics `_
+- `Set health probes `_
+- `Deploy Prometheus and Grafana `_
+- `Define alerting rules `_
+- `Request health checks `_
+
+Operations & Scaling
+--------------------
+
+Keep your deployment reliable and performant, scale as needed, and upgrade safely with minimal downtime.
+
+- `Plan and perform upgrades or downgrades `_
+- `Deploy high availability (HA) clusters `_
+- `Scale horizontally with Redis `_
+- `Configure Elasticsearch or OpenSearch `_
+- `Tune system performance and plan storage capacity `_
+- `Monitor push notification health `_
+
+
+
+
+- :doc:`Additional HA considerations `
+- :doc:`Backing storage benchmarks `
+- :doc:`Collect performance metrics `
+- :doc:`Common: Configure Mattermost for Enterprise Search `
+- :doc:`Communicate scheduled maintenance `
+- :doc:`Deploy Prometheus and Grafana for performance monitoring `
+- :doc:`Downgrading Mattermost Server `
+- :doc:`Elasticsearch setup `
+- :doc:`Enterprise install and upgrade `
+- :doc:`Enterprise search `
+- :doc:`Ensuring releases perform at scale `
+- :doc:`Estimated storage per user per month `
+- :doc:`High availability cluster-based deployment `
+- :doc:`Important upgrade notes `
+- :doc:`Lifetime storage `
+- :doc:`Notify admin `
+- :doc:`Open source components `
+- :doc:`OpenSearch setup `
+- :doc:`Performance alerting `
+- :doc:`Performance monitoring metrics `
+- :doc:`Prepare to upgrade Mattermost `
+- :doc:`Push notification health targets `
+- :doc:`Redis `
+- :doc:`Scale to 100000 users `
+- :doc:`Scale to 15000 users `
+- :doc:`Scale to 200 users `
+- :doc:`Scale to 2000 users `
+- :doc:`Scale to 200000 users `
+- :doc:`Scale to 30000 users `
+- :doc:`Scale to 50000 users `
+- :doc:`Scale to 80000 users `
+- :doc:`Scale to 90000 users `
+- :doc:`Scaling for enterprise `
+- :doc:`Upgrade Mattermost `
+- :doc:`Upgrade Mattermost (Kubernetes HA) `
+- :doc:`Upgrading Mattermost Server `
+
+Compliance, Security & Auditing
+-------------------------------
+
+Align with compliance requirements, enforce retention and holds, and ensure complete auditability.
+
+- `Define data retention policies `_
+- `Enable legal holds `_
+- `Run eDiscovery and generate exports `_
+- `Review and analyze audit logs `_
+- `Set and enforce custom terms of service `_
+- `Follow compliance guidelines `_
+
+- :doc:`Compliance export `
+- :doc:`Compliance monitoring `
+- :doc:`Compliance with Mattermost `
+- :doc:`Custom terms of service `
+- :doc:`Data retention policy `
+- :doc:`Electronic discovery `
+- :doc:`Embedded JSON audit log schema `
+- :doc:`Export Mattermost channel data `
+- :doc:`Legal hold `
+
+Administration Tools & Utilities
+--------------------------------
+
+Streamline administration with automation tools, simplify troubleshooting, and maintain operational hygiene.
+
+- `Use mmctl or the CLI for automation `_
+- `Generate and review support packets `_
+- `Manage system notices `_
+- `Track product limits and usage statistics `_
+- `Configure automated health checks `_
+- `Manage teams and channels `_
+
+- :doc:`Attribute-based access control `
+- :doc:`Bulk export tool `
+- :doc:`Cloud BYOK `
+- :doc:`Cloud data export `
+- :doc:`Cloud data residency `
+- :doc:`Cloud IP filtering `
+- :doc:`Code signing custom builds `
+- :doc:`Command line tools `
+- :doc:`Configure health check probes `
+- :doc:`Customize branding `
+- :doc:`Error codes `
+- :doc:`Feature labels `
+- :doc:`Generating support packet `
+- :doc:`In-product notices `
+- :doc:`Logging `
+- :doc:`Migration `
+- :doc:`mmctl command line tool `
+- :doc:`Monitoring and performance `
+- :doc:`Product limits `
+- :doc:`Request server health check `
+- :doc:`Server configuration `
+- :doc:`Server maintenance `
+- :doc:`Statistics `
+- :doc:`System-wide notifications `
+- :doc:`Team and channel members `
+- :doc:`Telemetry `
+- :doc:`User attributes `
+- :doc:`User management `
+- :doc:`User provisioning `
+- :doc:`User satisfaction surveys `
+
+Licensing & Workspace Management
+--------------------------------
+
+Govern your workspace, control data residency and billing, and enable licensed features.
+
+- `Manage license keys for self-hosted deployments `_
+- `Administer Cloud workspaces `_
+- `Configure BYOK, data residency, and IP filtering `_
+- `Set account details and billing information `_
+
+- :doc:`Cloud workspace management `
+- :doc:`Self-hosted billing `
+
+Configuration Settings (Reference)
+---------------------------------
+
+Apply precise configuration changes with confidence, using fully documented and traceable settings.
+
+- `Reference and update System Console settings `_
+- `Modify config.json parameters `_
+- `Configure environment variables `_
+- `Apply advanced options across all areas `_
+
+- :doc:`Authentication configuration settings `
+- :doc:`Bleve search `
+- :doc:`Cloud billing account settings `
+- :doc:`Compliance configuration settings `
+- :doc:`Configuration in your database `
+- :doc:`Configuration settings `
+- :doc:`Custom branding tools `
+- :doc:`Customize Mattermost `
+- :doc:`Deprecated configuration settings `
+- :doc:`Environment configuration settings `
+- :doc:`Environment variables `
+- :doc:`Experimental configuration settings `
+- :doc:`Integrations configuration settings `
+- :doc:`Manage user surveys `
+- :doc:`Optimize your workspace `
+- :doc:`Plugins configuration settings `
+- :doc:`Push notification server configuration settings `
+- :doc:`Rate limiting configuration settings `
+- :doc:`Reporting configuration settings `
+- :doc:`Self-hosted account settings `
+- :doc:`Site configuration settings `
+- :doc:`SMTP email `
+- :doc:`System attributes `
+- :doc:`User management configuration settings `
-.. toctree::
- :caption: Compliance, Security & Auditing
- :maxdepth: 2
- :titlesonly:
- compliance-security-auditing/compliance-security-auditing-index
-.. toctree::
- :caption: Administration Tools & Utilities
- :maxdepth: 2
- :titlesonly:
- admin-tools/admin-tools-index
-.. toctree::
- :caption: Licensing & Workspace Management
- :maxdepth: 2
- :titlesonly:
- licensing/licensing-index
-
-.. toctree::
- :caption: Configuration Settings (Reference)
- :maxdepth: 2
- :titlesonly:
-
- configuration-reference/configuration-reference-index
\ No newline at end of file
diff --git a/source/administration-guide/getting-started/admin-onboarding-tasks.rst b/source/administration-guide/getting-started/admin-onboarding-tasks.rst
index 26c4b586877..03ee7295965 100644
--- a/source/administration-guide/getting-started/admin-onboarding-tasks.rst
+++ b/source/administration-guide/getting-started/admin-onboarding-tasks.rst
@@ -146,3 +146,404 @@ Then, enable batched email notifications by setting **System Console > Notificat
Mattermost Enterprise customers can enable :doc:`enterprise search ` for optimized search performance at enterprise-scale. Both Elasticsearch and AWS OpenSearch solve many known issues with full text database search, such as dots, dashes, and email addresses returning unexpected results.
Enable Elasticsearch by setting **System Console > Elasticsearch > Enable Indexing** to **true**. See the :ref:`Elasticsearch ` configuration settings documentation for details. Enabling Elasticsearch requires :ref:`setting up an Elasticsearch server `.
+
+Checklist overview
+-------------------
+
+Prepare for the roll out
+~~~~~~~~~~~~~~~~~~~~~~~~
+
+- `1. Define the roll out project`_
+- `2. Validate essential security and compliance requirements`_
+- `3. Create development, staging, and production environments`_
+- `4. Configure and customize your Mattermost site`_
+- `5. Test production performance and redundancy`_
+
+Roll out Mattermost
+~~~~~~~~~~~~~~~~~~~~
+
+- `1. Define your team and channel strategy`_
+- `2. Enable key integrations`_
+- `3. Prepare for user onboarding`_
+- `4. Deploy client apps`_
+- `5. Roll out to groups of users`_
+- `6. Drive adoption`_
+
+Review the roll out
+~~~~~~~~~~~~~~~~~~~
+
+- `1. Review project charter success metrics`_
+- `2. Review and analyze usage`_
+- `3. Analyze system performance`_
+- `4. Harden security`_
+- `5. Perform maintenance tasks`_
+
+Checklist details
+-------------------
+
+Prepare for the roll out
+~~~~~~~~~~~~~~~~~~~~~~~~
+
+Much of the preparation work is focused on ensuring the environment is deployed and secured prior to onboarding users.
+
+1. Define the roll out project
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+- Define key stakeholders and project team members
+
+ - Example project team members: Project Manager, Network Administrator, Database Administrator, Corporate Directory Administrator, Security & Compliance Administrator(s), User Support, User Champions, User Trainers
+
+- Define use cases and requirements for teams, their workflows and their integrations
+
+ - Resource: https://mattermost.com/blog/27-things-enterprises-can-learn-startups-increase-productivity/
+
+- Define success criteria, goals and metrics to measure success
+
+- Create a Project Charter to document goals, tasks, deliverables, and decisions
+
+ - Get buy-in from project team members and key stakeholders on the project charter
+
+2. Validate essential security and compliance requirements
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+- Review Mattermost security features
+
+ - Resource: https://docs.mattermost.com/security-guide/security-guide-index.html
+
+- Determine monitoring requirements
+
+ - Database, network, storage, log integrity
+ - Identify fields for log management tools (e.g. Splunk Enterprise event data)
+
+- Determine environment access policies
+
+ - Network access, physical access, group controlled access
+
+- Determine encryption policies
+
+ - Resource: https://docs.mattermost.com/deployment-guide/encryption-options.html
+ - Resource: https://docs.mattermost.com/deployment-guide/transport-encryption.html
+
+- Determine system administration access policies
+
+ - Identify the list of users or groups who need administrative access for Mattermost System Console, Command Line Tools, and API privileges
+
+- Define and configure authentication policies
+
+ - Resource: https://docs.mattermost.com/product-overview/corporate-directory-integration.html
+
+- Determine requirements for multi-factor authentication
+
+ - Resource: https://docs.mattermost.com/administration-guide/identity-access/multi-factor-authentication.html
+
+- Configure and test SSO or Corporate Directory integration (SAML or AD/LDAP)
+
+ - Resource: https://docs.mattermost.com/administration-guide/identity-access/authentication-methods/saml-based-sso/sso-saml.html
+ - Resource: https://docs.mattermost.com/administration-guide/identity-access/ad-ldap.html
+
+- Define your mobile usage policy
+
+ - Resource: https://docs.mattermost.com/deployment-guide/mobile/mobile-app-deployment.html
+
+- Evaluate external network access requirements
+
+ - The `Mattermost Marketplace `_ is a service hosted by Mattermost that functions as a central place to store the current versions of available Mattermost integrations. See :ref:`Enable Remote Marketplace ` documentation for details about required external network access.
+ - Mattermost supports external GIF providers. See :ref:`GIF Commands ` configuration documentation for details about required external network access.
+
+3. Create development, staging, and production environments
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+- Finalize production environment design basing hardware on expected usage and requirements for high availability
+
+ - Resource: https://docs.mattermost.com/deployment-guide/application-architecture.html
+ - Resource: https://docs.mattermost.com/deployment-guide/deployment-guide-index.html
+ - Resource: https://docs.mattermost.com/administration-guide/operations-scaling/scaling-for-enterprise.html
+ - Resource: https://docs.mattermost.com/administration-guide/operations-scaling/high-availability-cluster-based-deployment.html
+
+- Create development and staging environments
+
+ - Recommend using to test early configurations for database, authentication, file storage, Elasticsearch, prior to setting up high availability and load balancing
+ - Recommend configuring staging to be an identical replication of your production environment
+
+- Create a production environment
+
+ - Install Mattermost
+
+ - Install the number of nodes based on your high availability requirements outlined in your production environment design
+ - Recommendation: Use Kubernetes and the Mattermost Operator, with external supported external database and file storage solutions. This will also provide blue/green deployment, rolling upgrades, and canary builds
+
+ - Resource: https://docs.mattermost.com/deployment-guide/server/deploy-kubernetes.html
+
+ - Install and configure database
+
+ - Install the number of read and search replicas based on your high availability requirements outlined in your production environment design
+
+ - Resource: https://docs.mattermost.com/deployment-guide/server/server-architecture.html#database-with-virtual-ips
+
+ - (Optional) Set up configuration management via the database instead of a config file for high available environments
+
+ - Resource: https://docs.mattermost.com/administration-guide/configuration-reference/configuration-in-your-database.html
+
+ - Install and configure File Storage
+
+ - Resource: https://docs.mattermost.com/deployment-guide/server/preparations.html#file-storage-preparation
+
+ - Install and configure proxy or load balancers
+
+ - Note: If running Kubernetes and the Mattermost Operator, proxies will be created automatically.
+ - Add SSL Cert
+
+ - Resource: https://docs.mattermost.com/administration-guide/identity-access/ssl-client-certificate.html
+ - Resource: https://docs.mattermost.com/administration-guide/operations-scaling/high-availability-cluster-based-deployment.html#proxy-server-configuration
+
+ - (Optional) Set up certificate-based authentication (CBA) for user or device-based authentication with a digital certificate
+
+ - Resource: https://docs.mattermost.com/administration-guide/identity-access/certificate-based-authentication.html
+
+ - Configure SMTP for email notifications
+
+ - Resource: https://docs.mattermost.com/administration-guide/configuration-reference/smtp-email.html
+
+ - Set up Elasticsearch (highly recommended if your organization anticipates over two million posts)
+
+ - Resource: https://docs.mattermost.com/administration-guide/operations-scaling/elasticsearch-setup.html
+
+- Document network configuration
+
+ - Example: https://docs.mattermost.com/administration-guide/operations-scaling/backing-storage-benchmarks.html
+
+4. Configure and customize your Mattermost site
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+- Login to Mattermost and access the System Console to connect your environment to Mattermost
+
+ - Resource: https://docs.mattermost.com/administration-guide/configuration-reference/configuration-settings.html#environment-variables
+ - Upload your valid Enterprise License under Edition and License
+ - Ensure site URL is set appropriately for your production, dev and staging environments
+ - Add your database configuration to **System Console > Environment > Database**
+ - Add your Elasticsearch or AWS OpenSearch configuration to **System Console > Environment > Elasticsearch**
+ - Add your file storage system configuration to **System Console > Environment > File Storage**
+ - Add your proxy configuration to **System Console > Environment > Image Proxy**
+ - Add your SMTP configuration to **System Console > Environment > SMTP**
+ - Enable Push Notifications by adding your server to **System Console > Environment > Push Notification Server**
+ - Add your cluster configuration to **System Console > Environment > High Availability**
+
+- Configure your site within the System Console
+
+ - Resource: https://docs.mattermost.com/administration-guide/configuration-reference/configuration-settings.html#site-configuration
+
+- Set site access policies including permissions for roles and guest access
+
+ - Permissions Resource: https://docs.mattermost.com/administration-guide/onboard/advanced-permissions.html
+ - Guest Access Resource: https://docs.mattermost.com/administration-guide/onboard/guest-accounts.html
+
+5. Test production performance and redundancy
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+- Define and test disaster recovery policy and processes
+
+ - Resource: https://docs.mattermost.com/deployment-guide/server/deploy-kubernetes.html
+ - Resource: https://docs.mattermost.com/administration-guide/operations-scaling/high-availability-cluster-based-deployment.html#upgrade-guide
+
+- Performance test production environment
+
+ - Load test production environment to verify that it will handle anticipated user load
+
+ - Resource: https://github.com/mattermost/mattermost-load-test
+
+ - Set up Prometheus and Grafana to monitor performance
+
+ - Resource: https://docs.mattermost.com/administration-guide/operations-scaling/deploy-prometheus-grafana-for-performance-monitoring.html
+
+ - Set up alerts in Grafana
+
+ - Resource: https://docs.mattermost.com/administration-guide/operations-scaling/deploy-prometheus-grafana-for-performance-monitoring.html
+
+Roll out Mattermost
+~~~~~~~~~~~~~~~~~~~
+Now that you have an environment in place, we recommend working through the following items in an iterative process. You may need to cycle through each of these topics multiple times to make adjustments to suit your organization as you onboard groups of users.
+
+1. Define your team and channel strategy
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+- Determine and create a team structure for your environment
+
+ - Recommendation: Start with fewer teams in your early roll out
+ - Resource: https://docs.mattermost.com/end-user-guide/collaborate/channel-naming-conventions.html
+
+- Determine and create key channels to support your users. A default Town Square channel is created automatically and available on every team.
+
+ - Recommendation: Add a “Support” channel for your users to escalate questions
+
+- (Optional) Migrate messages and channels from legacy systems
+
+ - Resource: https://docs.mattermost.com/administration-guide/getting-started/migrating-to-mattermost.html
+
+2. Enable key integrations
+^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+- Build the list of key integrations and tools used by your teams
+
+ - Resource: https://developers.mattermost.com/integrate/getting-started/
+
+- Define use cases and requirements for plugins, bots, webhooks, slash commands
+
+ - Resource: https://developers.mattermost.com/integrate/other-integrations/
+
+- Set up key integrations (or migrate from POC environments)
+
+ - Resource: https://mattermost.com/marketplace/
+
+- Understand Mattermost API capabilities
+
+ - Resource: https://api.mattermost.com/
+
+3. Prepare for user onboarding
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+- Onboard champion users
+
+- Onboard trainers and support team
+- Create a training plan
+
+ - Resource: https://academy.mattermost.com/
+
+- Define user escalation and support processes
+
+ - Ensure you have set the site’s support URL to your own support team under **System Console > Site Configuration > Customization**
+
+- Notify users in advance of roll out
+
+ - Sample email: https://docs.mattermost.com/administration-guide/operations-scaling/welcome-email-to-end-users.html
+
+4. Deploy client apps
+^^^^^^^^^^^^^^^^^^^^^
+
+- Roll out desktop app
+
+ - Resource: https://docs.mattermost.com/deployment-guide/desktop/desktop-app-deployment.html
+ - (Optional) Use the MSI installer to install on Windows machines
+
+ - Resource: https://docs.mattermost.com/deployment-guide/desktop/desktop-msi-installer-and-group-policy-install.html
+
+- Roll out mobile app
+
+ - Resource: https://docs.mattermost.com/deployment-guide/mobile/mobile-app-deployment.html
+ - (Optional) Use an EMM provider
+
+ - Resource: https://docs.mattermost.com/deployment-guide/mobile/deploy-mobile-apps-using-emm-provider.html
+
+5. Roll out to groups of users
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+- Provision user accounts
+
+ - Resource: https://docs.mattermost.com/administration-guide/onboard/user-provisioning-workflows.html
+
+- (Optional) Bulk Load users
+
+ - Resource: https://docs.mattermost.com/administration-guide/getting-started/bulk-loading-data.html
+
+- Onboard users to teams and channels
+
+ - Recommendation: Use LDAP Group Sync to automate this process
+
+ - Resource: https://docs.mattermost.com/administration-guide/identity-access/ad-ldap-groups-synchronization.html
+
+- Implement your training plan to end users on how to use Mattermost
+
+ - Train on using Mattermost
+ - Train on how to use integrations
+
+6. Drive adoption
+^^^^^^^^^^^^^^^^^
+
+- Incrementally roll out to additional user groups
+
+ - See “Roll Out to Groups of Users”
+
+- Manage support requests and product requests from your end users
+
+ - Resource: https://mattermost.com/support/
+ - See the process below for escalating to Mattermost
+
+- Enable additional integrations and plugins to support user workflows
+
+ - Resource: https://mattermost.com/marketplace/
+
+- Understand management tools available to support users
+
+ - mmctl Command Line Tool Resource: https://docs.mattermost.com/administration-guide/admin-tools/mmctl-command-line-tool.html
+ - Command Line Tools Resource: https://docs.mattermost.com/administration-guide/admin-tools/command-line-tools.html
+
+Review the roll out
+~~~~~~~~~~~~~~~~~~~
+
+We recommend that you review your rollout on a cadence that matches your iterative approach to rolling out to users. Below are some areas to consider.
+
+1. Review project charter success metrics
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+- Perform end-user surveys and measure satisfaction
+
+- Verify use case fulfillment from original requirements gathering
+
+- Measure your response time and resolution rate for user support issues
+
+- Identify usage gaps and address or create a plan for addressing
+
+2. Review and analyze usage
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+- Review Project Charter success metrics - identify usage gaps and address or create a plan for addressing
+
+- Monitor site and team statistics
+
+ - Resource: https://docs.mattermost.com/administration-guide/admin-tools/statistics.html
+ - Review: Total posts, total teams, total channels, total group chats, total direct chats, top channels, top teams
+
+- Analyze usage by lines of business and peak usage times
+
+3. Analyze system performance
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+- Monitor trends in CPU/memory usage
+
+- Review trends in database connections
+
+- Review trends in Go routines
+
+- Review trends in concurrent sessions
+
+4. Harden security
+^^^^^^^^^^^^^^^^^^
+
+- Harden security controls around the web, desktop, and mobile security
+
+- Harden configuration management
+
+- Harden network security
+
+ - Identify additional tests and scans
+ - (Optional) Enable Compliance Reporting
+
+ - Resource: https://docs.mattermost.com/administration-guide/compliance-security-auditing/compliance-export.html
+
+5. Perform maintenance tasks
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+- Monitor for security updates (or sign up for email updates)
+
+ - Resource: https://mattermost.com/security-updates/
+
+- Perform the first upgrade
+
+ - Resource: https://docs.mattermost.com/administration-guide/operations-scaling/upgrading-mattermost-server.html
+
+- Determine upgrade schedule based on Mattermost release schedules and life cycle
+
+ - Resource: https://docs.mattermost.com/product-overview/releases-lifecycle.html
+
+- Run System checks and either address or set address-by date
+
+
+- :doc:`Welcome email to end users `
diff --git a/source/administration-guide/getting-started/enterprise-roll-out-checklist.rst b/source/administration-guide/getting-started/enterprise-roll-out-checklist.rst
deleted file mode 100644
index 2868a979766..00000000000
--- a/source/administration-guide/getting-started/enterprise-roll-out-checklist.rst
+++ /dev/null
@@ -1,405 +0,0 @@
-Enterprise roll out checklist
-==============================
-
-.. include:: ../../_static/badges/ent-selfhosted.rst
- :start-after: :nosearch:
-
-This checklist is intended to serve as a guide to Enterprises who are rolling out Mattermost to thousands of users.
-
-Checklist overview
--------------------
-
-Prepare for the roll out
-~~~~~~~~~~~~~~~~~~~~~~~~
-
-- `1. Define the roll out project`_
-- `2. Validate essential security and compliance requirements`_
-- `3. Create development, staging, and production environments`_
-- `4. Configure and customize your Mattermost site`_
-- `5. Test production performance and redundancy`_
-
-Roll out Mattermost
-~~~~~~~~~~~~~~~~~~~~
-
-- `1. Define your team and channel strategy`_
-- `2. Enable key integrations`_
-- `3. Prepare for user onboarding`_
-- `4. Deploy client apps`_
-- `5. Roll out to groups of users`_
-- `6. Drive adoption`_
-
-Review the roll out
-~~~~~~~~~~~~~~~~~~~
-
-- `1. Review project charter success metrics`_
-- `2. Review and analyze usage`_
-- `3. Analyze system performance`_
-- `4. Harden security`_
-- `5. Perform maintenance tasks`_
-
-Checklist details
--------------------
-
-Prepare for the roll out
-~~~~~~~~~~~~~~~~~~~~~~~~
-
-Much of the preparation work is focused on ensuring the environment is deployed and secured prior to onboarding users.
-
-1. Define the roll out project
-^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
-
-- Define key stakeholders and project team members
-
- - Example project team members: Project Manager, Network Administrator, Database Administrator, Corporate Directory Administrator, Security & Compliance Administrator(s), User Support, User Champions, User Trainers
-
-- Define use cases and requirements for teams, their workflows and their integrations
-
- - Resource: https://mattermost.com/blog/27-things-enterprises-can-learn-startups-increase-productivity/
-
-- Define success criteria, goals and metrics to measure success
-
-- Create a Project Charter to document goals, tasks, deliverables, and decisions
-
- - Get buy-in from project team members and key stakeholders on the project charter
-
-2. Validate essential security and compliance requirements
-^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
-
-- Review Mattermost security features
-
- - Resource: https://docs.mattermost.com/security-guide/security-guide-index.html
-
-- Determine monitoring requirements
-
- - Database, network, storage, log integrity
- - Identify fields for log management tools (e.g. Splunk Enterprise event data)
-
-- Determine environment access policies
-
- - Network access, physical access, group controlled access
-
-- Determine encryption policies
-
- - Resource: https://docs.mattermost.com/deployment-guide/encryption-options.html
- - Resource: https://docs.mattermost.com/deployment-guide/transport-encryption.html
-
-- Determine system administration access policies
-
- - Identify the list of users or groups who need administrative access for Mattermost System Console, Command Line Tools, and API privileges
-
-- Define and configure authentication policies
-
- - Resource: https://docs.mattermost.com/product-overview/corporate-directory-integration.html
-
-- Determine requirements for multi-factor authentication
-
- - Resource: https://docs.mattermost.com/administration-guide/identity-access/multi-factor-authentication.html
-
-- Configure and test SSO or Corporate Directory integration (SAML or AD/LDAP)
-
- - Resource: https://docs.mattermost.com/administration-guide/identity-access/authentication-methods/saml-based-sso/sso-saml.html
- - Resource: https://docs.mattermost.com/administration-guide/identity-access/ad-ldap.html
-
-- Define your mobile usage policy
-
- - Resource: https://docs.mattermost.com/deployment-guide/mobile/mobile-app-deployment.html
-
-- Evaluate external network access requirements
-
- - The `Mattermost Marketplace `_ is a service hosted by Mattermost that functions as a central place to store the current versions of available Mattermost integrations. See :ref:`Enable Remote Marketplace ` documentation for details about required external network access.
- - Mattermost supports external GIF providers. See :ref:`GIF Commands ` configuration documentation for details about required external network access.
-
-3. Create development, staging, and production environments
-^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
-
-- Finalize production environment design basing hardware on expected usage and requirements for high availability
-
- - Resource: https://docs.mattermost.com/deployment-guide/application-architecture.html
- - Resource: https://docs.mattermost.com/deployment-guide/deployment-guide-index.html
- - Resource: https://docs.mattermost.com/administration-guide/operations-scaling/scaling-for-enterprise.html
- - Resource: https://docs.mattermost.com/administration-guide/operations-scaling/high-availability-cluster-based-deployment.html
-
-- Create development and staging environments
-
- - Recommend using to test early configurations for database, authentication, file storage, Elasticsearch, prior to setting up high availability and load balancing
- - Recommend configuring staging to be an identical replication of your production environment
-
-- Create a production environment
-
- - Install Mattermost
-
- - Install the number of nodes based on your high availability requirements outlined in your production environment design
- - Recommendation: Use Kubernetes and the Mattermost Operator, with external supported external database and file storage solutions. This will also provide blue/green deployment, rolling upgrades, and canary builds
-
- - Resource: https://docs.mattermost.com/deployment-guide/server/deploy-kubernetes.html
-
- - Install and configure database
-
- - Install the number of read and search replicas based on your high availability requirements outlined in your production environment design
-
- - Resource: https://docs.mattermost.com/deployment-guide/server/server-architecture.html#database-with-virtual-ips
-
- - (Optional) Set up configuration management via the database instead of a config file for high available environments
-
- - Resource: https://docs.mattermost.com/administration-guide/configuration-reference/configuration-in-your-database.html
-
- - Install and configure File Storage
-
- - Resource: https://docs.mattermost.com/deployment-guide/server/preparations.html#file-storage-preparation
-
- - Install and configure proxy or load balancers
-
- - Note: If running Kubernetes and the Mattermost Operator, proxies will be created automatically.
- - Add SSL Cert
-
- - Resource: https://docs.mattermost.com/administration-guide/identity-access/ssl-client-certificate.html
- - Resource: https://docs.mattermost.com/administration-guide/operations-scaling/high-availability-cluster-based-deployment.html#proxy-server-configuration
-
- - (Optional) Set up certificate-based authentication (CBA) for user or device-based authentication with a digital certificate
-
- - Resource: https://docs.mattermost.com/administration-guide/identity-access/certificate-based-authentication.html
-
- - Configure SMTP for email notifications
-
- - Resource: https://docs.mattermost.com/administration-guide/configuration-reference/smtp-email.html
-
- - Set up Elasticsearch (highly recommended if your organization anticipates over two million posts)
-
- - Resource: https://docs.mattermost.com/administration-guide/operations-scaling/elasticsearch-setup.html
-
-- Document network configuration
-
- - Example: https://docs.mattermost.com/administration-guide/operations-scaling/backing-storage-benchmarks.html
-
-4. Configure and customize your Mattermost site
-^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
-
-- Login to Mattermost and access the System Console to connect your environment to Mattermost
-
- - Resource: https://docs.mattermost.com/administration-guide/configuration-reference/configuration-settings.html#environment-variables
- - Upload your valid Enterprise License under Edition and License
- - Ensure site URL is set appropriately for your production, dev and staging environments
- - Add your database configuration to **System Console > Environment > Database**
- - Add your Elasticsearch or AWS OpenSearch configuration to **System Console > Environment > Elasticsearch**
- - Add your file storage system configuration to **System Console > Environment > File Storage**
- - Add your proxy configuration to **System Console > Environment > Image Proxy**
- - Add your SMTP configuration to **System Console > Environment > SMTP**
- - Enable Push Notifications by adding your server to **System Console > Environment > Push Notification Server**
- - Add your cluster configuration to **System Console > Environment > High Availability**
-
-- Configure your site within the System Console
-
- - Resource: https://docs.mattermost.com/administration-guide/configuration-reference/configuration-settings.html#site-configuration
-
-- Set site access policies including permissions for roles and guest access
-
- - Permissions Resource: https://docs.mattermost.com/administration-guide/onboard/advanced-permissions.html
- - Guest Access Resource: https://docs.mattermost.com/administration-guide/onboard/guest-accounts.html
-
-5. Test production performance and redundancy
-^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
-
-- Define and test disaster recovery policy and processes
-
- - Resource: https://docs.mattermost.com/deployment-guide/server/deploy-kubernetes.html
- - Resource: https://docs.mattermost.com/administration-guide/operations-scaling/high-availability-cluster-based-deployment.html#upgrade-guide
-
-- Performance test production environment
-
- - Load test production environment to verify that it will handle anticipated user load
-
- - Resource: https://github.com/mattermost/mattermost-load-test
-
- - Set up Prometheus and Grafana to monitor performance
-
- - Resource: https://docs.mattermost.com/administration-guide/operations-scaling/deploy-prometheus-grafana-for-performance-monitoring.html
-
- - Set up alerts in Grafana
-
- - Resource: https://docs.mattermost.com/administration-guide/operations-scaling/deploy-prometheus-grafana-for-performance-monitoring.html
-
-Roll out Mattermost
-~~~~~~~~~~~~~~~~~~~
-Now that you have an environment in place, we recommend working through the following items in an iterative process. You may need to cycle through each of these topics multiple times to make adjustments to suit your organization as you onboard groups of users.
-
-1. Define your team and channel strategy
-^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
-
-- Determine and create a team structure for your environment
-
- - Recommendation: Start with fewer teams in your early roll out
- - Resource: https://docs.mattermost.com/end-user-guide/collaborate/channel-naming-conventions.html
-
-- Determine and create key channels to support your users. A default Town Square channel is created automatically and available on every team.
-
- - Recommendation: Add a “Support” channel for your users to escalate questions
-
-- (Optional) Migrate messages and channels from legacy systems
-
- - Resource: https://docs.mattermost.com/administration-guide/getting-started/migrating-to-mattermost.html
-
-2. Enable key integrations
-^^^^^^^^^^^^^^^^^^^^^^^^^^
-
-- Build the list of key integrations and tools used by your teams
-
- - Resource: https://developers.mattermost.com/integrate/getting-started/
-
-- Define use cases and requirements for plugins, bots, webhooks, slash commands
-
- - Resource: https://developers.mattermost.com/integrate/other-integrations/
-
-- Set up key integrations (or migrate from POC environments)
-
- - Resource: https://mattermost.com/marketplace/
-
-- Understand Mattermost API capabilities
-
- - Resource: https://api.mattermost.com/
-
-3. Prepare for user onboarding
-^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
-
-- Onboard champion users
-
-- Onboard trainers and support team
-- Create a training plan
-
- - Resource: https://academy.mattermost.com/
-
-- Define user escalation and support processes
-
- - Ensure you have set the site’s support URL to your own support team under **System Console > Site Configuration > Customization**
-
-- Notify users in advance of roll out
-
- - Sample email: https://docs.mattermost.com/administration-guide/operations-scaling/welcome-email-to-end-users.html
-
-4. Deploy client apps
-^^^^^^^^^^^^^^^^^^^^^
-
-- Roll out desktop app
-
- - Resource: https://docs.mattermost.com/deployment-guide/desktop/desktop-app-deployment.html
- - (Optional) Use the MSI installer to install on Windows machines
-
- - Resource: https://docs.mattermost.com/deployment-guide/desktop/desktop-msi-installer-and-group-policy-install.html
-
-- Roll out mobile app
-
- - Resource: https://docs.mattermost.com/deployment-guide/mobile/mobile-app-deployment.html
- - (Optional) Use an EMM provider
-
- - Resource: https://docs.mattermost.com/deployment-guide/mobile/deploy-mobile-apps-using-emm-provider.html
-
-5. Roll out to groups of users
-^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
-
-- Provision user accounts
-
- - Resource: https://docs.mattermost.com/administration-guide/onboard/user-provisioning-workflows.html
-
-- (Optional) Bulk Load users
-
- - Resource: https://docs.mattermost.com/administration-guide/getting-started/bulk-loading-data.html
-
-- Onboard users to teams and channels
-
- - Recommendation: Use LDAP Group Sync to automate this process
-
- - Resource: https://docs.mattermost.com/administration-guide/identity-access/ad-ldap-groups-synchronization.html
-
-- Implement your training plan to end users on how to use Mattermost
-
- - Train on using Mattermost
- - Train on how to use integrations
-
-6. Drive adoption
-^^^^^^^^^^^^^^^^^
-
-- Incrementally roll out to additional user groups
-
- - See “Roll Out to Groups of Users”
-
-- Manage support requests and product requests from your end users
-
- - Resource: https://mattermost.com/support/
- - See the process below for escalating to Mattermost
-
-- Enable additional integrations and plugins to support user workflows
-
- - Resource: https://mattermost.com/marketplace/
-
-- Understand management tools available to support users
-
- - mmctl Command Line Tool Resource: https://docs.mattermost.com/administration-guide/admin-tools/mmctl-command-line-tool.html
- - Command Line Tools Resource: https://docs.mattermost.com/administration-guide/admin-tools/command-line-tools.html
-
-Review the roll out
-~~~~~~~~~~~~~~~~~~~
-
-We recommend that you review your rollout on a cadence that matches your iterative approach to rolling out to users. Below are some areas to consider.
-
-1. Review project charter success metrics
-^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
-
-- Perform end-user surveys and measure satisfaction
-
-- Verify use case fulfillment from original requirements gathering
-
-- Measure your response time and resolution rate for user support issues
-
-- Identify usage gaps and address or create a plan for addressing
-
-2. Review and analyze usage
-^^^^^^^^^^^^^^^^^^^^^^^^^^^^
-
-- Review Project Charter success metrics - identify usage gaps and address or create a plan for addressing
-
-- Monitor site and team statistics
-
- - Resource: https://docs.mattermost.com/administration-guide/admin-tools/statistics.html
- - Review: Total posts, total teams, total channels, total group chats, total direct chats, top channels, top teams
-
-- Analyze usage by lines of business and peak usage times
-
-3. Analyze system performance
-^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
-
-- Monitor trends in CPU/memory usage
-
-- Review trends in database connections
-
-- Review trends in Go routines
-
-- Review trends in concurrent sessions
-
-4. Harden security
-^^^^^^^^^^^^^^^^^^
-
-- Harden security controls around the web, desktop, and mobile security
-
-- Harden configuration management
-
-- Harden network security
-
- - Identify additional tests and scans
- - (Optional) Enable Compliance Reporting
-
- - Resource: https://docs.mattermost.com/administration-guide/compliance-security-auditing/compliance-export.html
-
-5. Perform maintenance tasks
-^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
-- Monitor for security updates (or sign up for email updates)
-
- - Resource: https://mattermost.com/security-updates/
-
-- Perform the first upgrade
-
- - Resource: https://docs.mattermost.com/administration-guide/operations-scaling/upgrading-mattermost-server.html
-
-- Determine upgrade schedule based on Mattermost release schedules and life cycle
-
- - Resource: https://docs.mattermost.com/product-overview/releases-lifecycle.html
-
-- Run System checks and either address or set address-by date
diff --git a/source/administration-guide/identity-access/ad-ldap-groups-synchronization.rst b/source/administration-guide/identity-access/authentication-methods/ad-ldap/ad-ldap-groups-synchronization.rst
similarity index 100%
rename from source/administration-guide/identity-access/ad-ldap-groups-synchronization.rst
rename to source/administration-guide/identity-access/authentication-methods/ad-ldap/ad-ldap-groups-synchronization.rst
diff --git a/source/administration-guide/identity-access/ad-ldap.rst b/source/administration-guide/identity-access/authentication-methods/ad-ldap/ad-ldap.rst
similarity index 97%
rename from source/administration-guide/identity-access/ad-ldap.rst
rename to source/administration-guide/identity-access/authentication-methods/ad-ldap/ad-ldap.rst
index bc6e978fdba..cdadb4afaa0 100644
--- a/source/administration-guide/identity-access/ad-ldap.rst
+++ b/source/administration-guide/identity-access/authentication-methods/ad-ldap/ad-ldap.rst
@@ -4,6 +4,13 @@ AD/LDAP setup
.. include:: ../../_static/badges/ent-pro-cloud-selfhosted.rst
:start-after: :nosearch:
+.. toctree::
+ :maxdepth: 1
+ :titlesonly:
+
+ /identity-access/ad-ldap-groups-synchronization
+ /identity-access/managing-team-channel-membership-using-ad-ldap-sync-groups
+
Overview
--------
@@ -18,7 +25,8 @@ Benefits of integrating AD/LDAP with Mattermost include:
- **Single sign-on.** Users can log in to Mattermost with their AD/LDAP credentials.
- **Centralized identity management.** Mattermost accounts can display user information from AD/LDAP, such as first and last name, email, and username.
- **Automatic account provisioning.** A Mattermost user account is automatically created the first time a user signs in with their AD/LDAP credentials.
-- **Sync groups to predefined roles in Mattermost.** Assign team and channel roles to groups via AD/LDAP Group Sync.
+- **Sync groups to predefined roles in Mattermost.** Create groups by synchronizing with AD/LDAP system groups and syncing those groups to pre-defined roles in Mattermost.
+- **Manage team and channel membership** Manage the membership of private teams and private channels where users are added and removed based on their membership to the synchronized AD/LDAP group.
- **Compliance alignment with administrator management.** Manage Administrator access to Mattermost in the System Console using AD/LDAP filters.
Pre-installation notes
diff --git a/source/administration-guide/identity-access/managing-team-channel-membership-using-ad-ldap-sync-groups.rst b/source/administration-guide/identity-access/authentication-methods/ad-ldap/managing-team-channel-membership-using-ad-ldap-sync-groups.rst
similarity index 100%
rename from source/administration-guide/identity-access/managing-team-channel-membership-using-ad-ldap-sync-groups.rst
rename to source/administration-guide/identity-access/authentication-methods/ad-ldap/managing-team-channel-membership-using-ad-ldap-sync-groups.rst
diff --git a/source/administration-guide/identity-access/authentication-methods/authentication-methods-index.rst b/source/administration-guide/identity-access/authentication-methods/authentication-methods-index.rst
deleted file mode 100644
index b4569975d23..00000000000
--- a/source/administration-guide/identity-access/authentication-methods/authentication-methods-index.rst
+++ /dev/null
@@ -1,16 +0,0 @@
-Authentication Methods
-======================
-
-Mattermost supports multiple authentication methods to meet enterprise requirements. Choose from SAML-based SSO, OIDC-based SSO, AD/LDAP, MFA, client certificates, and more.
-
-Use the guides below to select and implement the right method for your environment.
-
-.. toctree::
- :maxdepth: 1
- :titlesonly:
-
- saml-based-sso/saml-based-sso-index
- sso/sso-index
- /administration-guide/identity-access/ad-ldap
- /administration-guide/identity-access/multi-factor-authentication
- /administration-guide/identity-access/certificate-based-authentication
diff --git a/source/administration-guide/identity-access/identity-access-index.rst b/source/administration-guide/identity-access/identity-access-index.rst
deleted file mode 100644
index 2dfd20b00c3..00000000000
--- a/source/administration-guide/identity-access/identity-access-index.rst
+++ /dev/null
@@ -1,20 +0,0 @@
-Identity & Access Management
-=============================
-
-Control who can access your workspace and what they can do. Configure directories and identity providers, set up single sign-on, and apply permissions to align access with organizational requirements.
-
-Start with authentication methods, then layer MFA, certificates, and role-based access controls.
-
-.. toctree::
- :maxdepth: 1
- :titlesonly:
-
- authentication-methods/authentication-methods-index
- ad-ldap
- ad-ldap-groups-synchronization
- managing-team-channel-membership-using-ad-ldap-sync-groups
- multi-factor-authentication
- certificate-based-authentication
- ssl-client-certificate
- /administration-guide/admin-tools/user-attributes
- /administration-guide/admin-tools/attribute-based-access-control
From e4794f2ba252e4608a558a904723bbd1eba19b7f Mon Sep 17 00:00:00 2001
From: "Carrie Warner (Mattermost)"
<74422101+cwarnermm@users.noreply.github.com>
Date: Fri, 26 Sep 2025 17:18:38 -0400
Subject: [PATCH 3/4] Next iteration of AG nav restructure; includes CRITICAL
build failures
---
.../admin-tools/admin-tools-index.rst | 21 +
.../request-server-health-check.rst | 2 +-
.../admin-tools/user-management.rst | 21 -
.../administration-guide-index.rst | 237 ++-------
.../compliance-configuration-settings.rst | 0
.../compliance-security-auditing-index.rst | 13 +
.../logging.rst | 0
.../configuration-reference-index.rst | 22 +
.../deprecated-configuration-settings.rst | 14 +-
.../integrations-configuration-settings.rst | 2 +-
.../server-configuration.rst | 4 +-
.../admin-onboarding-tasks.rst | 405 +---------------
.../authentication-configuration-settings.rst | 0
.../environment-configuration-settings.rst | 0
.../getting-started/getting-started-index.rst | 11 +-
.../migration-announcement-email.rst | 0
.../migration.rst | 4 +-
.../getting-started/roll-out-checklist.rst | 456 ++++++++++++++++++
.../site-configuration-settings.rst | 4 +-
...user-management-configuration-settings.rst | 0
.../attribute-based-access-control.rst | 0
.../attributes}/system-attributes.rst | 0
.../attributes}/user-attributes.rst | 0
.../ad-ldap-groups-synchronization.rst | 0
.../{ad-ldap => active-directory}/ad-ldap.rst | 6 +-
...l-membership-using-ad-ldap-sync-groups.rst | 0
.../saml-based-sso/saml-based-sso-index.rst | 6 +-
...mmon-converting-oauth-to-openidconnect.rst | 0
...h20-service-providers-to-openidconnect.rst | 4 +-
.../sso/sso-entraid.rst | 4 +-
.../authentication-methods/sso/sso-gitlab.rst | 2 +-
.../authentication-methods/sso/sso-google.rst | 4 +-
.../authentication-methods/sso/sso-index.rst | 6 +-
.../identity-access/identity-access-index.rst | 33 ++
...ced-permissions-backend-infrastructure.rst | 2 +-
.../advanced-permissions.rst | 18 +-
.../delegated-granular-administration.rst | 2 +-
.../permissions-and-roles}/guest-accounts.rst | 2 +-
.../permissions-and-roles-index.rst | 0
.../team-channel-members.rst | 0
.../identity-access/user-management.rst | 21 +
.../user-provisioning-workflows.rst | 0
.../user-provisioning.rst | 0
.../cloud-billing-account-settings.rst | 0
.../{admin-tools => licensing}/cloud-byok.rst | 0
.../cloud-data-residency.rst | 0
.../cloud-ip-filtering.rst | 0
.../code-signing-custom-builds.rst | 0
.../licensing/licensing-index.rst | 11 +
.../self-hosted-account-settings.rst | 0
.../collect-performance-metrics.rst | 0
...eus-grafana-for-performance-monitoring.rst | 0
.../monitoring-and-performance.rst | 0
.../monitoring-observability-index.rst | 9 +
.../performance-alerting.rst | 0
.../performance-monitoring-metrics.rst | 0
.../push-notification-health-targets.rst | 0
.../statistics.rst | 0
.../operations-scaling-index.rst | 9 +
.../product-limits.rst | 0
.../welcome-email-to-end-users.rst | 55 ---
.../agents-admin-guide.rst | 0
.../bleve-search.rst | 0
...igure-mattermost-for-enterprise-search.rst | 0
.../connected-workspaces.rst | 2 +-
.../elasticsearch-setup.rst | 2 +-
...nabling-chinese-japanese-korean-search.rst | 0
.../enterprise-search.rst | 8 +-
.../install-boards.rst | 2 +-
.../installing-license-key.rst | 0
.../opensearch-setup.rst | 2 +-
.../optimize-your-workspace.rst | 0
.../platform-features-index.rst | 29 +-
.../smtp-email.rst | 0
.../bulk-export-tool.rst | 2 +-
.../downgrading-mattermost-server.rst | 0
.../enterprise-install-upgrade.rst | 0
.../important-upgrade-notes.rst | 8 +-
.../open-source-components.rst | 0
.../prepare-to-upgrade-mattermost.rst | 0
.../upgrade-mattermost-kubernetes-ha.rst | 0
.../upgrade-mattermost.rst | 0
.../upgrading-mattermost-server.rst | 0
.../communicate-scheduled-maintenance.rst | 0
.../custom-branding-tools.rst | 0
.../customize-branding.rst | 0
.../customize-mattermost.rst | 0
.../email-templates.rst | 0
.../in-product-notices.rst | 0
.../manage-user-surveys.rst | 0
.../notify-admin.rst | 0
.../system-wide-notifications.rst | 0
.../user-experience/user-experience-index.rst | 23 +-
.../user-satisfaction-surveys.rst | 0
source/redirects.py | 8 +-
.../integrated-security-operations.rst | 2 +-
.../maximize-microsoft-investments.rst | 6 +-
.../use-case-guide/mission-ready-mobile.rst | 2 +-
.../secure-command-and-control.rst | 4 +-
.../self-sovereign-collaboration.rst | 2 +-
100 files changed, 750 insertions(+), 762 deletions(-)
delete mode 100644 source/administration-guide/admin-tools/user-management.rst
rename source/administration-guide/{configuration-reference => compliance-security-auditing}/compliance-configuration-settings.rst (100%)
rename source/administration-guide/{admin-tools => compliance-security-auditing}/logging.rst (100%)
rename source/administration-guide/{admin-tools => configuration-reference}/server-configuration.rst (94%)
rename source/administration-guide/{configuration-reference => getting-started}/authentication-configuration-settings.rst (100%)
rename source/administration-guide/{configuration-reference => getting-started}/environment-configuration-settings.rst (100%)
rename source/administration-guide/{onboard => getting-started}/migration-announcement-email.rst (100%)
rename source/administration-guide/{admin-tools => getting-started}/migration.rst (90%)
create mode 100644 source/administration-guide/getting-started/roll-out-checklist.rst
rename source/administration-guide/{configuration-reference => getting-started}/site-configuration-settings.rst (99%)
rename source/administration-guide/{configuration-reference => getting-started}/user-management-configuration-settings.rst (100%)
rename source/administration-guide/{admin-tools => identity-access/attributes}/attribute-based-access-control.rst (100%)
rename source/administration-guide/{configuration-reference => identity-access/attributes}/system-attributes.rst (100%)
rename source/administration-guide/{admin-tools => identity-access/attributes}/user-attributes.rst (100%)
rename source/administration-guide/identity-access/authentication-methods/{ad-ldap => active-directory}/ad-ldap-groups-synchronization.rst (100%)
rename source/administration-guide/identity-access/authentication-methods/{ad-ldap => active-directory}/ad-ldap.rst (98%)
rename source/administration-guide/identity-access/authentication-methods/{ad-ldap => active-directory}/managing-team-channel-membership-using-ad-ldap-sync-groups.rst (100%)
rename source/administration-guide/{onboard => identity-access/authentication-methods/sso}/common-converting-oauth-to-openidconnect.rst (100%)
create mode 100644 source/administration-guide/identity-access/identity-access-index.rst
rename source/administration-guide/{onboard => identity-access/permissions-and-roles}/advanced-permissions-backend-infrastructure.rst (99%)
rename source/administration-guide/{onboard => identity-access/permissions-and-roles}/advanced-permissions.rst (94%)
rename source/administration-guide/{onboard => identity-access/permissions-and-roles}/delegated-granular-administration.rst (99%)
rename source/administration-guide/{onboard => identity-access/permissions-and-roles}/guest-accounts.rst (99%)
create mode 100644 source/administration-guide/identity-access/permissions-and-roles/permissions-and-roles-index.rst
rename source/administration-guide/{admin-tools => identity-access}/team-channel-members.rst (100%)
create mode 100644 source/administration-guide/identity-access/user-management.rst
rename source/administration-guide/{onboard => identity-access}/user-provisioning-workflows.rst (100%)
rename source/administration-guide/{admin-tools => identity-access}/user-provisioning.rst (100%)
rename source/administration-guide/{configuration-reference => licensing}/cloud-billing-account-settings.rst (100%)
rename source/administration-guide/{admin-tools => licensing}/cloud-byok.rst (100%)
rename source/administration-guide/{admin-tools => licensing}/cloud-data-residency.rst (100%)
rename source/administration-guide/{admin-tools => licensing}/cloud-ip-filtering.rst (100%)
rename source/administration-guide/{admin-tools => licensing}/code-signing-custom-builds.rst (100%)
rename source/administration-guide/{configuration-reference => licensing}/self-hosted-account-settings.rst (100%)
rename source/administration-guide/{operations-scaling => monitoring-observability}/collect-performance-metrics.rst (100%)
rename source/administration-guide/{operations-scaling => monitoring-observability}/deploy-prometheus-grafana-for-performance-monitoring.rst (100%)
rename source/administration-guide/{admin-tools => monitoring-observability}/monitoring-and-performance.rst (100%)
rename source/administration-guide/{operations-scaling => monitoring-observability}/performance-alerting.rst (100%)
rename source/administration-guide/{operations-scaling => monitoring-observability}/performance-monitoring-metrics.rst (100%)
rename source/administration-guide/{operations-scaling => monitoring-observability}/push-notification-health-targets.rst (100%)
rename source/administration-guide/{admin-tools => monitoring-observability}/statistics.rst (100%)
rename source/administration-guide/{admin-tools => operations-scaling}/product-limits.rst (100%)
delete mode 100644 source/administration-guide/operations-scaling/welcome-email-to-end-users.rst
rename source/administration-guide/{configuration-reference => platform-features}/agents-admin-guide.rst (100%)
rename source/administration-guide/{configuration-reference => platform-features}/bleve-search.rst (100%)
rename source/administration-guide/{operations-scaling => platform-features}/common-configure-mattermost-for-enterprise-search.rst (100%)
rename source/administration-guide/{getting-started => platform-features}/connected-workspaces.rst (99%)
rename source/administration-guide/{operations-scaling => platform-features}/elasticsearch-setup.rst (97%)
rename source/administration-guide/{configuration-reference => platform-features}/enabling-chinese-japanese-korean-search.rst (100%)
rename source/administration-guide/{operations-scaling => platform-features}/enterprise-search.rst (96%)
rename source/administration-guide/{configuration-reference => platform-features}/install-boards.rst (99%)
rename source/administration-guide/{admin-tools => platform-features}/installing-license-key.rst (100%)
rename source/administration-guide/{operations-scaling => platform-features}/opensearch-setup.rst (98%)
rename source/administration-guide/{configuration-reference => platform-features}/optimize-your-workspace.rst (100%)
rename source/administration-guide/{configuration-reference => platform-features}/smtp-email.rst (100%)
rename source/administration-guide/{admin-tools => upgrade}/bulk-export-tool.rst (99%)
rename source/administration-guide/{operations-scaling => upgrade}/downgrading-mattermost-server.rst (100%)
rename source/administration-guide/{operations-scaling => upgrade}/enterprise-install-upgrade.rst (100%)
rename source/administration-guide/{operations-scaling => upgrade}/important-upgrade-notes.rst (99%)
rename source/administration-guide/{operations-scaling => upgrade}/open-source-components.rst (100%)
rename source/administration-guide/{operations-scaling => upgrade}/prepare-to-upgrade-mattermost.rst (100%)
rename source/administration-guide/{operations-scaling => upgrade}/upgrade-mattermost-kubernetes-ha.rst (100%)
rename source/administration-guide/{operations-scaling => upgrade}/upgrade-mattermost.rst (100%)
rename source/administration-guide/{operations-scaling => upgrade}/upgrading-mattermost-server.rst (100%)
rename source/administration-guide/{operations-scaling => user-experience}/communicate-scheduled-maintenance.rst (100%)
rename source/administration-guide/{configuration-reference => user-experience}/custom-branding-tools.rst (100%)
rename source/administration-guide/{admin-tools => user-experience}/customize-branding.rst (100%)
rename source/administration-guide/{configuration-reference => user-experience}/customize-mattermost.rst (100%)
rename source/administration-guide/{configuration-reference => user-experience}/email-templates.rst (100%)
rename source/administration-guide/{admin-tools => user-experience}/in-product-notices.rst (100%)
rename source/administration-guide/{configuration-reference => user-experience}/manage-user-surveys.rst (100%)
rename source/administration-guide/{operations-scaling => user-experience}/notify-admin.rst (100%)
rename source/administration-guide/{admin-tools => user-experience}/system-wide-notifications.rst (100%)
rename source/administration-guide/{admin-tools => user-experience}/user-satisfaction-surveys.rst (100%)
diff --git a/source/administration-guide/admin-tools/admin-tools-index.rst b/source/administration-guide/admin-tools/admin-tools-index.rst
index 61c650de1c2..235ab6f7a07 100644
--- a/source/administration-guide/admin-tools/admin-tools-index.rst
+++ b/source/administration-guide/admin-tools/admin-tools-index.rst
@@ -19,3 +19,24 @@ Use administrative tools and utilities to automate tasks, export data, and troub
request-server-health-check
telemetry
team-channel-members
+
+Streamline administration with automation tools, simplify troubleshooting, and maintain operational hygiene.
+
+- `Use mmctl or the CLI for automation `_
+- `Generate and review support packets `_
+- `Manage system notices `_
+- `Track product limits and usage statistics `_
+- `Configure automated health checks `_
+- `Manage teams and channels `_
+
+- :doc:`Cloud data export `
+- :doc:`Command line tools `
+- :doc:`Configure health check probes `
+- :doc:`Error codes `
+- :doc:`Feature labels `
+- :doc:`Generating support packet `
+- :doc:`mmctl command line tool `
+- :doc:`Product limits `
+- :doc:`Request server health check `
+- :doc:`Server maintenance `
+- :doc:`Telemetry `
\ No newline at end of file
diff --git a/source/administration-guide/admin-tools/request-server-health-check.rst b/source/administration-guide/admin-tools/request-server-health-check.rst
index 2c5b19754f2..b4d43d04913 100644
--- a/source/administration-guide/admin-tools/request-server-health-check.rst
+++ b/source/administration-guide/admin-tools/request-server-health-check.rst
@@ -10,7 +10,7 @@ This evaluation provides you with insights based on your system’s configuratio
.. tip::
- Want to configure your own server health check probes for your self-hosted Mattermost deployment? See the :doc:`configure server health check probes ` documentation for details.
+ Want to configure your own server health check probes for your self-hosted Mattermost deployment? See the :doc:`configure server health check probes ` documentation for details.
Why request a Mattermost Health Check?
--------------------------------------
diff --git a/source/administration-guide/admin-tools/user-management.rst b/source/administration-guide/admin-tools/user-management.rst
deleted file mode 100644
index 7204fbc431d..00000000000
--- a/source/administration-guide/admin-tools/user-management.rst
+++ /dev/null
@@ -1,21 +0,0 @@
-User management
-===============
-
-Welcome to the Mattermost User Management Guide. This User Management Guide is organized into sections to help you manage users, permissions, and roles effectively in your Mattermost workspace.
-
-Whether you’re configuring team and channel settings, managing guest accounts, or leveraging advanced permissions infrastructure, this guide provides the resources and instructions necessary to tailor user management to your organization’s needs. Use the navigation below to explore detailed guidance for each area.
-
-.. toctree::
- :maxdepth: 1
- :hidden:
- :titlesonly:
-
- Permissions
- Manage team and channel configuration
- Advanced permissions infrastructure
- Guest accounts
-
-* :doc:`Permissions ` - Learn about permissions in Mattermost.
-* :doc:`Manage team and channel configuration ` - Learn about managing team and channel configuration in Mattermost.
-* :doc:`Advanced permissions infrastructure ` - Learn about advanced permissions infrastructure in Mattermost.
-* :doc:`Guest accounts ` - Learn about guest accounts in Mattermost.
\ No newline at end of file
diff --git a/source/administration-guide/administration-guide-index.rst b/source/administration-guide/administration-guide-index.rst
index a6a9d45e631..7ca41e2463b 100644
--- a/source/administration-guide/administration-guide-index.rst
+++ b/source/administration-guide/administration-guide-index.rst
@@ -1,242 +1,79 @@
Administration Guide
=====================
-This guide helps system administrators run a secure, reliable, and scalable Mattermost deployment. It’s organized as a clear journey, showing the outcomes you need to achieve and the tasks required to get there, from onboarding and identity management, to feature enablement, monitoring, scaling, compliance, and ongoing workspace management.
-
-Get Started
--------------
-
-Migrate users and data, connect workspaces, and establish initial governance and readiness.
+.. toctree::
+ :maxdepth: 1
+ :hidden:
+ :titlesonly:
+
+ Getting Started
+ Identity & Access Management
+ Enable Platform Features
+ User Experience & Engagement
+ Monitoring & Observability
+ Operations & Scaling
+ Compliance, Security & Auditing
+ Administration Tools
+ Licensing & Workspace Management
+ Configuration Settings Reference
-- `Migrate users from Slack or HipChat `_
-- `Import data in bulk `_
-- `Connect multiple workspaces `_
-- `Follow the rollout checklist `_
-- `Complete administrator onboarding `_
+This guide helps system administrators run a secure, reliable, and scalable Mattermost deployment. It’s organized as a clear journey, showing the outcomes you need to achieve and the tasks required to get there, from onboarding and identity management, to feature enablement, monitoring, scaling, compliance, and ongoing workspace management.
-Learn about the first steps to take after your Mattermost server is live, including :doc:`migrating to Mattermost `, :doc:`bulk loading data `, :doc:`installing license key `, :doc:`connecting Mattermost workspaces `, and :doc:`initial rollout planning ` to ensure a successful start with Mattermost.
+Getting Started
+---------------
-- :doc:`Email templates `
+Move from a functional server to an evaluated and planned rollout. Learn migrations, initial governance, and early readiness tasks. :doc:`Explore the first steps `
Identity & Access Management
----------------------------
-Secure sign-in through centralized identity providers, map attributes, and govern access and membership.
-
-- `Set up Active Directory (AD) or LDAP `_
-- `Configure SSO (SAML: Okta, ADFS, OneLogin, Keycloak; OIDC: GitLab, Google, Entra ID) `_
-- `Enforce multi-factor authentication (MFA) `_
-- `Enable client certificates `_
-- `Sync groups and manage membership `_
-
-Mattermost supports multiple authentication methods to meet your enterprise requirements. Choose from :doc:`SAML-based SSO `, :doc:`OIDC-based SSO `, and :doc:`AD/LDAP `.
+Centralize authentication, map attributes, provision users, and control access across teams and channels. :doc:`Set up identity and access `
-You can additionally increase your organization's secure collaboration posture by enabling :doc:`multi-factor authentication ` and :doc:`enabling SSL client certificates `.
-Platform Features
------------------
+Enable Platform Features
+------------------------
-Expand your deployment with core features, improve search relevance, and enable real-time voice and video.
-
-- `Configure integrations and install plugins `_
-
-- :doc:`Install Boards for project management `
-- :doc:`Deploy Calls for real-time voice and video `_
-- :doc:`Deploy Agents `
-- deploy enterprise search
-- :doc:`Enabling Chinese, Japanese, Korean search `
+Turn on collaboration features, plugins, and integrations that unlock key use cases for your organization. :doc:`Enable the right features `
User Experience & Engagement
----------------------------
-Deliver a consistent, branded workspace that drives adoption, engagement, and structured feedback.
+Shape how users work in Mattermost—optimize notifications, onboarding, and engagement for adoption. :doc:`Tune the user experience `
-- `Apply branding and customize the UI `_
-- `Manage in-product notices `_
-- `Run user satisfaction surveys `_
-- `Optimize workspace configuration `_
-- `Customize email templates `_
Monitoring & Observability
--------------------------
-Gain visibility into system health, define alerts, and proactively prevent incidents.
+Instrument your deployment to detect issues early. Configure logging, metrics, dashboards, and health probes. :doc:`Build observability `
-- `Configure logging, telemetry, and system statistics `_
-- `Set health probes `_
-- `Deploy Prometheus and Grafana `_
-- `Define alerting rules `_
-- `Request health checks `_
Operations & Scaling
--------------------
-Keep your deployment reliable and performant, scale as needed, and upgrade safely with minimal downtime.
-
-- `Plan and perform upgrades or downgrades `_
-- `Deploy high availability (HA) clusters `_
-- `Scale horizontally with Redis `_
-- `Configure Elasticsearch or OpenSearch `_
-- `Tune system performance and plan storage capacity `_
-- `Monitor push notification health `_
-
-
-
-
-- :doc:`Additional HA considerations `
-- :doc:`Backing storage benchmarks `
-- :doc:`Collect performance metrics `
-- :doc:`Common: Configure Mattermost for Enterprise Search `
-- :doc:`Communicate scheduled maintenance `
-- :doc:`Deploy Prometheus and Grafana for performance monitoring `
-- :doc:`Downgrading Mattermost Server `
-- :doc:`Elasticsearch setup `
-- :doc:`Enterprise install and upgrade `
-- :doc:`Enterprise search `
-- :doc:`Ensuring releases perform at scale `
-- :doc:`Estimated storage per user per month `
-- :doc:`High availability cluster-based deployment `
-- :doc:`Important upgrade notes `
-- :doc:`Lifetime storage `
-- :doc:`Notify admin `
-- :doc:`Open source components `
-- :doc:`OpenSearch setup `
-- :doc:`Performance alerting `
-- :doc:`Performance monitoring metrics `
-- :doc:`Prepare to upgrade Mattermost `
-- :doc:`Push notification health targets `
-- :doc:`Redis `
-- :doc:`Scale to 100000 users `
-- :doc:`Scale to 15000 users `
-- :doc:`Scale to 200 users `
-- :doc:`Scale to 2000 users `
-- :doc:`Scale to 200000 users `
-- :doc:`Scale to 30000 users `
-- :doc:`Scale to 50000 users `
-- :doc:`Scale to 80000 users `
-- :doc:`Scale to 90000 users `
-- :doc:`Scaling for enterprise `
-- :doc:`Upgrade Mattermost `
-- :doc:`Upgrade Mattermost (Kubernetes HA) `
-- :doc:`Upgrading Mattermost Server `
+Harden and scale for reliability and growth. Optimize performance, plan capacity, and design for resilience. :doc:`Operate and scale `
+
Compliance, Security & Auditing
-------------------------------
-Align with compliance requirements, enforce retention and holds, and ensure complete auditability.
-
-- `Define data retention policies `_
-- `Enable legal holds `_
-- `Run eDiscovery and generate exports `_
-- `Review and analyze audit logs `_
-- `Set and enforce custom terms of service `_
-- `Follow compliance guidelines `_
-
-- :doc:`Compliance export `
-- :doc:`Compliance monitoring `
-- :doc:`Compliance with Mattermost `
-- :doc:`Custom terms of service `
-- :doc:`Data retention policy `
-- :doc:`Electronic discovery `
-- :doc:`Embedded JSON audit log schema `
-- :doc:`Export Mattermost channel data `
-- :doc:`Legal hold `
-
-Administration Tools & Utilities
---------------------------------
-
-Streamline administration with automation tools, simplify troubleshooting, and maintain operational hygiene.
-
-- `Use mmctl or the CLI for automation `_
-- `Generate and review support packets `_
-- `Manage system notices `_
-- `Track product limits and usage statistics `_
-- `Configure automated health checks `_
-- `Manage teams and channels `_
-
-- :doc:`Attribute-based access control `
-- :doc:`Bulk export tool `
-- :doc:`Cloud BYOK `
-- :doc:`Cloud data export `
-- :doc:`Cloud data residency `
-- :doc:`Cloud IP filtering `
-- :doc:`Code signing custom builds `
-- :doc:`Command line tools `
-- :doc:`Configure health check probes `
-- :doc:`Customize branding `
-- :doc:`Error codes `
-- :doc:`Feature labels `
-- :doc:`Generating support packet `
-- :doc:`In-product notices `
-- :doc:`Logging `
-- :doc:`Migration `
-- :doc:`mmctl command line tool `
-- :doc:`Monitoring and performance `
-- :doc:`Product limits `
-- :doc:`Request server health check `
-- :doc:`Server configuration `
-- :doc:`Server maintenance `
-- :doc:`Statistics `
-- :doc:`System-wide notifications `
-- :doc:`Team and channel members `
-- :doc:`Telemetry `
-- :doc:`User attributes `
-- :doc:`User management `
-- :doc:`User provisioning `
-- :doc:`User satisfaction surveys `
+Meet regulatory and organizational requirements with data retention, eDiscovery, audit logging, and policies. :doc:`Implement compliance controls `
-Licensing & Workspace Management
---------------------------------
-
-Govern your workspace, control data residency and billing, and enable licensed features.
-
-- `Manage license keys for self-hosted deployments `_
-- `Administer Cloud workspaces `_
-- `Configure BYOK, data residency, and IP filtering `_
-- `Set account details and billing information `_
-
-- :doc:`Cloud workspace management `
-- :doc:`Self-hosted billing `
-
-Configuration Settings (Reference)
----------------------------------
-Apply precise configuration changes with confidence, using fully documented and traceable settings.
-
-- `Reference and update System Console settings `_
-- `Modify config.json parameters `_
-- `Configure environment variables `_
-- `Apply advanced options across all areas `_
+Administration Tools
+--------------------
-- :doc:`Authentication configuration settings `
-- :doc:`Bleve search `
-- :doc:`Cloud billing account settings `
-- :doc:`Compliance configuration settings `
-- :doc:`Configuration in your database `
-- :doc:`Configuration settings `
-- :doc:`Custom branding tools `
-- :doc:`Customize Mattermost `
-- :doc:`Deprecated configuration settings `
-- :doc:`Environment configuration settings `
-- :doc:`Environment variables `
-- :doc:`Experimental configuration settings `
-- :doc:`Integrations configuration settings `
-- :doc:`Manage user surveys `
-- :doc:`Optimize your workspace `
-- :doc:`Plugins configuration settings `
-- :doc:`Push notification server configuration settings `
-- :doc:`Rate limiting configuration settings `
-- :doc:`Reporting configuration settings `
-- :doc:`Self-hosted account settings `
-- :doc:`Site configuration settings `
-- :doc:`SMTP email `
-- :doc:`System attributes `
-- :doc:`User management configuration settings `
+Use admin utilities to manage, troubleshoot, and maintain your deployment efficiently. :doc:`Work with admin tools `
+Licensing & Workspace Management
+--------------------------------
+Manage plans, billing, and workspace settings to align cost and capabilities with your needs. :doc:`Manage licensing and workspaces `
+Configuration Settings Reference
+--------------------------------
+Look up every configuration setting and environment variable when you need precise details. :doc:`Browse all configuration options `
\ No newline at end of file
diff --git a/source/administration-guide/configuration-reference/compliance-configuration-settings.rst b/source/administration-guide/compliance-security-auditing/compliance-configuration-settings.rst
similarity index 100%
rename from source/administration-guide/configuration-reference/compliance-configuration-settings.rst
rename to source/administration-guide/compliance-security-auditing/compliance-configuration-settings.rst
diff --git a/source/administration-guide/compliance-security-auditing/compliance-security-auditing-index.rst b/source/administration-guide/compliance-security-auditing/compliance-security-auditing-index.rst
index 488fc84c286..0944f4f4d19 100644
--- a/source/administration-guide/compliance-security-auditing/compliance-security-auditing-index.rst
+++ b/source/administration-guide/compliance-security-auditing/compliance-security-auditing-index.rst
@@ -16,3 +16,16 @@ Meet organizational and regulatory requirements with policies, retention, legal
compliance-monitoring
embedded-json-audit-log-schema
custom-terms-of-service
+
+Align with compliance requirements, enforce retention and holds, and ensure complete auditability.
+
+
+- :doc:`Compliance export `
+- :doc:`Compliance monitoring `
+- :doc:`Compliance with Mattermost `
+- :doc:`Custom terms of service `
+- :doc:`Data retention policy `
+- :doc:`Electronic discovery `
+- :doc:`Embedded JSON audit log schema `
+- :doc:`Export Mattermost channel data `
+- :doc:`Legal hold `
\ No newline at end of file
diff --git a/source/administration-guide/admin-tools/logging.rst b/source/administration-guide/compliance-security-auditing/logging.rst
similarity index 100%
rename from source/administration-guide/admin-tools/logging.rst
rename to source/administration-guide/compliance-security-auditing/logging.rst
diff --git a/source/administration-guide/configuration-reference/configuration-reference-index.rst b/source/administration-guide/configuration-reference/configuration-reference-index.rst
index 6baf2ff32c9..3fef1b6ef3a 100644
--- a/source/administration-guide/configuration-reference/configuration-reference-index.rst
+++ b/source/administration-guide/configuration-reference/configuration-reference-index.rst
@@ -22,3 +22,25 @@ Reference documentation for all Mattermost configuration settings. Use these pag
rate-limiting-configuration-settings
push-notification-server-configuration-settings
configuration-in-your-database
+
+
+Apply precise configuration changes with confidence, using fully documented and traceable settings.
+
+- `Reference and update System Console settings `_
+- `Modify config.json parameters `_
+- `Configure environment variables `_
+- `Apply advanced options across all areas `_
+
+- :doc:`Server configuration `
+- :doc:`Configuration settings `
+- :doc:`Configuration in your database `
+- :doc:`Deprecated configuration settings `
+- :doc:`Environment variables `
+- :doc:`Experimental configuration settings `
+- :doc:`Push notification server configuration settings `
+- :doc:`Rate limiting configuration settings `
+- :doc:`Reporting configuration settings `
+
+
+- :doc:`Integrations configuration settings `
+- :doc:`Plugins configuration settings `
\ No newline at end of file
diff --git a/source/administration-guide/configuration-reference/deprecated-configuration-settings.rst b/source/administration-guide/configuration-reference/deprecated-configuration-settings.rst
index 9e263273c63..d694db2c392 100644
--- a/source/administration-guide/configuration-reference/deprecated-configuration-settings.rst
+++ b/source/administration-guide/configuration-reference/deprecated-configuration-settings.rst
@@ -493,7 +493,7 @@ Permission policy settings
.. note::
- From Mattermost v5.0, these settings are found in the :doc:`Advanced Permissions ` page instead of configuration settings.
+ From Mattermost v5.0, these settings are found in the :doc:`Advanced Permissions ` page instead of configuration settings.
Enable sending team invites from
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
@@ -502,7 +502,7 @@ Enable sending team invites from
.. note::
- From v5.0 this has been replaced by advanced permissions which offers Admins a way to restrict actions in Mattermost to authorized users only. See the :doc:`Advanced Permissions documentation ` for more details.
+ From v5.0 this has been replaced by advanced permissions which offers Admins a way to restrict actions in Mattermost to authorized users only. See the :doc:`Advanced Permissions documentation ` for more details.
Set policy on who can invite others to a team using the **Send Email Invite**, **Get Team Invite Link**, and **Add Members to Team** options on the product menu. If **Get Team Invite Link** is used to share a link, you can expire the invite code from **Team Settings > Invite Code** after the desired users have joined the team. Options include:
@@ -590,7 +590,7 @@ Enable private channel creation for
.. note::
- From v5.0 this has been replaced by advanced permissions which offers Admins a way to restrict actions in Mattermost to authorized users only. See the :doc:`Advanced Permissions documentation ` for more details.
+ From v5.0 this has been replaced by advanced permissions which offers Admins a way to restrict actions in Mattermost to authorized users only. See the :doc:`Advanced Permissions documentation ` for more details.
Restrict the permission level required to create private channels.
@@ -611,7 +611,7 @@ Enable private channel renaming for
.. note::
- From v5.0 this has been replaced by advanced permissions which offers Admins a way to restrict actions in Mattermost to authorized users only. See the :doc:`Advanced Permissions documentation ` for more details.
+ From v5.0 this has been replaced by advanced permissions which offers Admins a way to restrict actions in Mattermost to authorized users only. See the :doc:`Advanced Permissions documentation ` for more details.
Restrict the permission level required to rename and set the header or purpose for Private channels.
@@ -634,7 +634,7 @@ Enable managing of private channel members for
.. note::
- From v5.0 this has been replaced by advanced permissions which offers Admins a way to restrict actions in Mattermost to authorized users only. See the :doc:`Advanced Permissions documentation ` for more details.
+ From v5.0 this has been replaced by advanced permissions which offers Admins a way to restrict actions in Mattermost to authorized users only. See the :doc:`Advanced Permissions documentation ` for more details.
Set policy on who can add and remove members from Private channels.
@@ -680,7 +680,7 @@ Allow which users to delete messages
.. note::
- From v5.0 this has been replaced by advanced permissions which offers Admins a way to restrict actions in Mattermost to authorized users only. See the :doc:`Advanced Permissions documentation ` for more details.
+ From v5.0 this has been replaced by advanced permissions which offers Admins a way to restrict actions in Mattermost to authorized users only. See the :doc:`Advanced Permissions documentation ` for more details.
Restrict the permission level required to delete messages. Team admins, channel admins, and system admins can delete messages only in channels where they are members. Messages can be deleted any time.
@@ -701,7 +701,7 @@ Allow users to edit their messages
.. note::
- From v5.0 this has been replaced by advanced permissions which offers Admins a way to restrict actions in Mattermost to authorized users only. See the :doc:`Advanced Permissions documentation ` for more details.
+ From v5.0 this has been replaced by advanced permissions which offers Admins a way to restrict actions in Mattermost to authorized users only. See the :doc:`Advanced Permissions documentation ` for more details.
Set the time limit that users have to edit their messages after posting.
diff --git a/source/administration-guide/configuration-reference/integrations-configuration-settings.rst b/source/administration-guide/configuration-reference/integrations-configuration-settings.rst
index 3bc8077b242..fb6374c670e 100644
--- a/source/administration-guide/configuration-reference/integrations-configuration-settings.rst
+++ b/source/administration-guide/configuration-reference/integrations-configuration-settings.rst
@@ -177,7 +177,7 @@ Enable integrations to override usernames
:configjson: .ServiceSettings.EnablePostIconOverride
:environment: MM_SERVICESETTINGS_ENABLEPOSTICONOVERRIDE
- - **true**: Webhooks, slash commands, and other integrations, such as `Zapier `_, will be allowed to change the profile picture they post with.
+ - **true**: Webhooks, slash commands, and other integrations, such as :doc:`Zapier `, will be allowed to change the profile picture they post with.
- **false**: **(Default)** Webhooks, slash commands, and OAuth 2.0 apps can only post with the profile picture of the account they were set up with.
Enable integrations to override profile picture icons
diff --git a/source/administration-guide/admin-tools/server-configuration.rst b/source/administration-guide/configuration-reference/server-configuration.rst
similarity index 94%
rename from source/administration-guide/admin-tools/server-configuration.rst
rename to source/administration-guide/configuration-reference/server-configuration.rst
index 599de4f3616..88819371a4e 100644
--- a/source/administration-guide/admin-tools/server-configuration.rst
+++ b/source/administration-guide/configuration-reference/server-configuration.rst
@@ -22,7 +22,7 @@ Whether you’re setting up email notifications, optimizing search capabilities,
Email templates
Chinese, Japanese, and Korean search
SSL client certificate setup
- Connected workspaces
+ Connected workspaces
Telemetry
* :doc:`Store configuration in your database ` - Learn how to store configuration information in your Mattermost database rather than as a JSON file.
@@ -37,5 +37,5 @@ Whether you’re setting up email notifications, optimizing search capabilities,
* :doc:`Email templates ` - Learn about customizing email templates for Mattermost.
* :doc:`Chinese, Japanese, and Korean search ` - Learn about enabling Chinese, Japanese, and Korean search for Mattermost.
* :doc:`SSL client certificate setup ` - Learn how to set up SSL client certificates for Mattermost.
-* :doc:`Connected workspaces ` - Learn how to connect Mattermost workspaces.
+* :doc:`Connected workspaces ` - Learn how to connect Mattermost workspaces.
* :doc:`Telemetry ` - Learn about Mattermost telemetry and data collection.
\ No newline at end of file
diff --git a/source/administration-guide/getting-started/admin-onboarding-tasks.rst b/source/administration-guide/getting-started/admin-onboarding-tasks.rst
index 03ee7295965..d509249f2c5 100644
--- a/source/administration-guide/getting-started/admin-onboarding-tasks.rst
+++ b/source/administration-guide/getting-started/admin-onboarding-tasks.rst
@@ -28,10 +28,10 @@ These settings can also be set in the ``config.json`` file. Please see our :doc
3. Begin to onboard users by enabling account creation or by connecting an authentication service to assist with user provisioning.
-- Users can be pre-provisioned with migration and bulk loading data processes based on prior collaboration systems. Please see our :ref:`migration guide ` and :doc:`bulk loading documentation ` for additional details.
+ - Users can be pre-provisioned with migration and bulk loading data processes based on prior collaboration systems. Please see our :doc:`migration guide ` and :doc:`bulk loading documentation ` for additional details.
- :doc:`AD/LDAP authentication ` and :doc:`SAML authentication ` are available for some subscription plans, providing identity management, single sign-on, and automatic account provisioning.
-If your organization requires more structure and project management artifacts for the implementation of Mattermost, please see our :doc:`Enterprise roll out checklist `.
+If your organization requires more structure and project management artifacts for the implementation of Mattermost, please see our :doc:`Enterprise roll out checklist `.
Important administration notes
------------------------------
@@ -146,404 +146,3 @@ Then, enable batched email notifications by setting **System Console > Notificat
Mattermost Enterprise customers can enable :doc:`enterprise search ` for optimized search performance at enterprise-scale. Both Elasticsearch and AWS OpenSearch solve many known issues with full text database search, such as dots, dashes, and email addresses returning unexpected results.
Enable Elasticsearch by setting **System Console > Elasticsearch > Enable Indexing** to **true**. See the :ref:`Elasticsearch ` configuration settings documentation for details. Enabling Elasticsearch requires :ref:`setting up an Elasticsearch server `.
-
-Checklist overview
--------------------
-
-Prepare for the roll out
-~~~~~~~~~~~~~~~~~~~~~~~~
-
-- `1. Define the roll out project`_
-- `2. Validate essential security and compliance requirements`_
-- `3. Create development, staging, and production environments`_
-- `4. Configure and customize your Mattermost site`_
-- `5. Test production performance and redundancy`_
-
-Roll out Mattermost
-~~~~~~~~~~~~~~~~~~~~
-
-- `1. Define your team and channel strategy`_
-- `2. Enable key integrations`_
-- `3. Prepare for user onboarding`_
-- `4. Deploy client apps`_
-- `5. Roll out to groups of users`_
-- `6. Drive adoption`_
-
-Review the roll out
-~~~~~~~~~~~~~~~~~~~
-
-- `1. Review project charter success metrics`_
-- `2. Review and analyze usage`_
-- `3. Analyze system performance`_
-- `4. Harden security`_
-- `5. Perform maintenance tasks`_
-
-Checklist details
--------------------
-
-Prepare for the roll out
-~~~~~~~~~~~~~~~~~~~~~~~~
-
-Much of the preparation work is focused on ensuring the environment is deployed and secured prior to onboarding users.
-
-1. Define the roll out project
-^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
-
-- Define key stakeholders and project team members
-
- - Example project team members: Project Manager, Network Administrator, Database Administrator, Corporate Directory Administrator, Security & Compliance Administrator(s), User Support, User Champions, User Trainers
-
-- Define use cases and requirements for teams, their workflows and their integrations
-
- - Resource: https://mattermost.com/blog/27-things-enterprises-can-learn-startups-increase-productivity/
-
-- Define success criteria, goals and metrics to measure success
-
-- Create a Project Charter to document goals, tasks, deliverables, and decisions
-
- - Get buy-in from project team members and key stakeholders on the project charter
-
-2. Validate essential security and compliance requirements
-^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
-
-- Review Mattermost security features
-
- - Resource: https://docs.mattermost.com/security-guide/security-guide-index.html
-
-- Determine monitoring requirements
-
- - Database, network, storage, log integrity
- - Identify fields for log management tools (e.g. Splunk Enterprise event data)
-
-- Determine environment access policies
-
- - Network access, physical access, group controlled access
-
-- Determine encryption policies
-
- - Resource: https://docs.mattermost.com/deployment-guide/encryption-options.html
- - Resource: https://docs.mattermost.com/deployment-guide/transport-encryption.html
-
-- Determine system administration access policies
-
- - Identify the list of users or groups who need administrative access for Mattermost System Console, Command Line Tools, and API privileges
-
-- Define and configure authentication policies
-
- - Resource: https://docs.mattermost.com/product-overview/corporate-directory-integration.html
-
-- Determine requirements for multi-factor authentication
-
- - Resource: https://docs.mattermost.com/administration-guide/identity-access/multi-factor-authentication.html
-
-- Configure and test SSO or Corporate Directory integration (SAML or AD/LDAP)
-
- - Resource: https://docs.mattermost.com/administration-guide/identity-access/authentication-methods/saml-based-sso/sso-saml.html
- - Resource: https://docs.mattermost.com/administration-guide/identity-access/ad-ldap.html
-
-- Define your mobile usage policy
-
- - Resource: https://docs.mattermost.com/deployment-guide/mobile/mobile-app-deployment.html
-
-- Evaluate external network access requirements
-
- - The `Mattermost Marketplace `_ is a service hosted by Mattermost that functions as a central place to store the current versions of available Mattermost integrations. See :ref:`Enable Remote Marketplace ` documentation for details about required external network access.
- - Mattermost supports external GIF providers. See :ref:`GIF Commands ` configuration documentation for details about required external network access.
-
-3. Create development, staging, and production environments
-^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
-
-- Finalize production environment design basing hardware on expected usage and requirements for high availability
-
- - Resource: https://docs.mattermost.com/deployment-guide/application-architecture.html
- - Resource: https://docs.mattermost.com/deployment-guide/deployment-guide-index.html
- - Resource: https://docs.mattermost.com/administration-guide/operations-scaling/scaling-for-enterprise.html
- - Resource: https://docs.mattermost.com/administration-guide/operations-scaling/high-availability-cluster-based-deployment.html
-
-- Create development and staging environments
-
- - Recommend using to test early configurations for database, authentication, file storage, Elasticsearch, prior to setting up high availability and load balancing
- - Recommend configuring staging to be an identical replication of your production environment
-
-- Create a production environment
-
- - Install Mattermost
-
- - Install the number of nodes based on your high availability requirements outlined in your production environment design
- - Recommendation: Use Kubernetes and the Mattermost Operator, with external supported external database and file storage solutions. This will also provide blue/green deployment, rolling upgrades, and canary builds
-
- - Resource: https://docs.mattermost.com/deployment-guide/server/deploy-kubernetes.html
-
- - Install and configure database
-
- - Install the number of read and search replicas based on your high availability requirements outlined in your production environment design
-
- - Resource: https://docs.mattermost.com/deployment-guide/server/server-architecture.html#database-with-virtual-ips
-
- - (Optional) Set up configuration management via the database instead of a config file for high available environments
-
- - Resource: https://docs.mattermost.com/administration-guide/configuration-reference/configuration-in-your-database.html
-
- - Install and configure File Storage
-
- - Resource: https://docs.mattermost.com/deployment-guide/server/preparations.html#file-storage-preparation
-
- - Install and configure proxy or load balancers
-
- - Note: If running Kubernetes and the Mattermost Operator, proxies will be created automatically.
- - Add SSL Cert
-
- - Resource: https://docs.mattermost.com/administration-guide/identity-access/ssl-client-certificate.html
- - Resource: https://docs.mattermost.com/administration-guide/operations-scaling/high-availability-cluster-based-deployment.html#proxy-server-configuration
-
- - (Optional) Set up certificate-based authentication (CBA) for user or device-based authentication with a digital certificate
-
- - Resource: https://docs.mattermost.com/administration-guide/identity-access/certificate-based-authentication.html
-
- - Configure SMTP for email notifications
-
- - Resource: https://docs.mattermost.com/administration-guide/configuration-reference/smtp-email.html
-
- - Set up Elasticsearch (highly recommended if your organization anticipates over two million posts)
-
- - Resource: https://docs.mattermost.com/administration-guide/operations-scaling/elasticsearch-setup.html
-
-- Document network configuration
-
- - Example: https://docs.mattermost.com/administration-guide/operations-scaling/backing-storage-benchmarks.html
-
-4. Configure and customize your Mattermost site
-^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
-
-- Login to Mattermost and access the System Console to connect your environment to Mattermost
-
- - Resource: https://docs.mattermost.com/administration-guide/configuration-reference/configuration-settings.html#environment-variables
- - Upload your valid Enterprise License under Edition and License
- - Ensure site URL is set appropriately for your production, dev and staging environments
- - Add your database configuration to **System Console > Environment > Database**
- - Add your Elasticsearch or AWS OpenSearch configuration to **System Console > Environment > Elasticsearch**
- - Add your file storage system configuration to **System Console > Environment > File Storage**
- - Add your proxy configuration to **System Console > Environment > Image Proxy**
- - Add your SMTP configuration to **System Console > Environment > SMTP**
- - Enable Push Notifications by adding your server to **System Console > Environment > Push Notification Server**
- - Add your cluster configuration to **System Console > Environment > High Availability**
-
-- Configure your site within the System Console
-
- - Resource: https://docs.mattermost.com/administration-guide/configuration-reference/configuration-settings.html#site-configuration
-
-- Set site access policies including permissions for roles and guest access
-
- - Permissions Resource: https://docs.mattermost.com/administration-guide/onboard/advanced-permissions.html
- - Guest Access Resource: https://docs.mattermost.com/administration-guide/onboard/guest-accounts.html
-
-5. Test production performance and redundancy
-^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
-
-- Define and test disaster recovery policy and processes
-
- - Resource: https://docs.mattermost.com/deployment-guide/server/deploy-kubernetes.html
- - Resource: https://docs.mattermost.com/administration-guide/operations-scaling/high-availability-cluster-based-deployment.html#upgrade-guide
-
-- Performance test production environment
-
- - Load test production environment to verify that it will handle anticipated user load
-
- - Resource: https://github.com/mattermost/mattermost-load-test
-
- - Set up Prometheus and Grafana to monitor performance
-
- - Resource: https://docs.mattermost.com/administration-guide/operations-scaling/deploy-prometheus-grafana-for-performance-monitoring.html
-
- - Set up alerts in Grafana
-
- - Resource: https://docs.mattermost.com/administration-guide/operations-scaling/deploy-prometheus-grafana-for-performance-monitoring.html
-
-Roll out Mattermost
-~~~~~~~~~~~~~~~~~~~
-Now that you have an environment in place, we recommend working through the following items in an iterative process. You may need to cycle through each of these topics multiple times to make adjustments to suit your organization as you onboard groups of users.
-
-1. Define your team and channel strategy
-^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
-
-- Determine and create a team structure for your environment
-
- - Recommendation: Start with fewer teams in your early roll out
- - Resource: https://docs.mattermost.com/end-user-guide/collaborate/channel-naming-conventions.html
-
-- Determine and create key channels to support your users. A default Town Square channel is created automatically and available on every team.
-
- - Recommendation: Add a “Support” channel for your users to escalate questions
-
-- (Optional) Migrate messages and channels from legacy systems
-
- - Resource: https://docs.mattermost.com/administration-guide/getting-started/migrating-to-mattermost.html
-
-2. Enable key integrations
-^^^^^^^^^^^^^^^^^^^^^^^^^^
-
-- Build the list of key integrations and tools used by your teams
-
- - Resource: https://developers.mattermost.com/integrate/getting-started/
-
-- Define use cases and requirements for plugins, bots, webhooks, slash commands
-
- - Resource: https://developers.mattermost.com/integrate/other-integrations/
-
-- Set up key integrations (or migrate from POC environments)
-
- - Resource: https://mattermost.com/marketplace/
-
-- Understand Mattermost API capabilities
-
- - Resource: https://api.mattermost.com/
-
-3. Prepare for user onboarding
-^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
-
-- Onboard champion users
-
-- Onboard trainers and support team
-- Create a training plan
-
- - Resource: https://academy.mattermost.com/
-
-- Define user escalation and support processes
-
- - Ensure you have set the site’s support URL to your own support team under **System Console > Site Configuration > Customization**
-
-- Notify users in advance of roll out
-
- - Sample email: https://docs.mattermost.com/administration-guide/operations-scaling/welcome-email-to-end-users.html
-
-4. Deploy client apps
-^^^^^^^^^^^^^^^^^^^^^
-
-- Roll out desktop app
-
- - Resource: https://docs.mattermost.com/deployment-guide/desktop/desktop-app-deployment.html
- - (Optional) Use the MSI installer to install on Windows machines
-
- - Resource: https://docs.mattermost.com/deployment-guide/desktop/desktop-msi-installer-and-group-policy-install.html
-
-- Roll out mobile app
-
- - Resource: https://docs.mattermost.com/deployment-guide/mobile/mobile-app-deployment.html
- - (Optional) Use an EMM provider
-
- - Resource: https://docs.mattermost.com/deployment-guide/mobile/deploy-mobile-apps-using-emm-provider.html
-
-5. Roll out to groups of users
-^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
-
-- Provision user accounts
-
- - Resource: https://docs.mattermost.com/administration-guide/onboard/user-provisioning-workflows.html
-
-- (Optional) Bulk Load users
-
- - Resource: https://docs.mattermost.com/administration-guide/getting-started/bulk-loading-data.html
-
-- Onboard users to teams and channels
-
- - Recommendation: Use LDAP Group Sync to automate this process
-
- - Resource: https://docs.mattermost.com/administration-guide/identity-access/ad-ldap-groups-synchronization.html
-
-- Implement your training plan to end users on how to use Mattermost
-
- - Train on using Mattermost
- - Train on how to use integrations
-
-6. Drive adoption
-^^^^^^^^^^^^^^^^^
-
-- Incrementally roll out to additional user groups
-
- - See “Roll Out to Groups of Users”
-
-- Manage support requests and product requests from your end users
-
- - Resource: https://mattermost.com/support/
- - See the process below for escalating to Mattermost
-
-- Enable additional integrations and plugins to support user workflows
-
- - Resource: https://mattermost.com/marketplace/
-
-- Understand management tools available to support users
-
- - mmctl Command Line Tool Resource: https://docs.mattermost.com/administration-guide/admin-tools/mmctl-command-line-tool.html
- - Command Line Tools Resource: https://docs.mattermost.com/administration-guide/admin-tools/command-line-tools.html
-
-Review the roll out
-~~~~~~~~~~~~~~~~~~~
-
-We recommend that you review your rollout on a cadence that matches your iterative approach to rolling out to users. Below are some areas to consider.
-
-1. Review project charter success metrics
-^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
-
-- Perform end-user surveys and measure satisfaction
-
-- Verify use case fulfillment from original requirements gathering
-
-- Measure your response time and resolution rate for user support issues
-
-- Identify usage gaps and address or create a plan for addressing
-
-2. Review and analyze usage
-^^^^^^^^^^^^^^^^^^^^^^^^^^^^
-
-- Review Project Charter success metrics - identify usage gaps and address or create a plan for addressing
-
-- Monitor site and team statistics
-
- - Resource: https://docs.mattermost.com/administration-guide/admin-tools/statistics.html
- - Review: Total posts, total teams, total channels, total group chats, total direct chats, top channels, top teams
-
-- Analyze usage by lines of business and peak usage times
-
-3. Analyze system performance
-^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
-
-- Monitor trends in CPU/memory usage
-
-- Review trends in database connections
-
-- Review trends in Go routines
-
-- Review trends in concurrent sessions
-
-4. Harden security
-^^^^^^^^^^^^^^^^^^
-
-- Harden security controls around the web, desktop, and mobile security
-
-- Harden configuration management
-
-- Harden network security
-
- - Identify additional tests and scans
- - (Optional) Enable Compliance Reporting
-
- - Resource: https://docs.mattermost.com/administration-guide/compliance-security-auditing/compliance-export.html
-
-5. Perform maintenance tasks
-^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
-- Monitor for security updates (or sign up for email updates)
-
- - Resource: https://mattermost.com/security-updates/
-
-- Perform the first upgrade
-
- - Resource: https://docs.mattermost.com/administration-guide/operations-scaling/upgrading-mattermost-server.html
-
-- Determine upgrade schedule based on Mattermost release schedules and life cycle
-
- - Resource: https://docs.mattermost.com/product-overview/releases-lifecycle.html
-
-- Run System checks and either address or set address-by date
-
-
-- :doc:`Welcome email to end users `
diff --git a/source/administration-guide/configuration-reference/authentication-configuration-settings.rst b/source/administration-guide/getting-started/authentication-configuration-settings.rst
similarity index 100%
rename from source/administration-guide/configuration-reference/authentication-configuration-settings.rst
rename to source/administration-guide/getting-started/authentication-configuration-settings.rst
diff --git a/source/administration-guide/configuration-reference/environment-configuration-settings.rst b/source/administration-guide/getting-started/environment-configuration-settings.rst
similarity index 100%
rename from source/administration-guide/configuration-reference/environment-configuration-settings.rst
rename to source/administration-guide/getting-started/environment-configuration-settings.rst
diff --git a/source/administration-guide/getting-started/getting-started-index.rst b/source/administration-guide/getting-started/getting-started-index.rst
index 47063049e94..2ed5e4dd30e 100644
--- a/source/administration-guide/getting-started/getting-started-index.rst
+++ b/source/administration-guide/getting-started/getting-started-index.rst
@@ -12,7 +12,12 @@ Use these guides to move from evaluation to rollout, migrate from other tools, a
migrating-to-mattermost
migrate-from-slack
migrating-from-hipchat-to-mattermost
- /administration-guide/getting-started/enterprise-roll-out-checklist
+ /administration-guide/getting-started/roll-out-checklist
/administration-guide/getting-started/admin-onboarding-tasks
- connected-workspaces
- bulk-loading-data
+
+Migrate users and data, connect workspaces, and establish initial governance and readiness.
+
+- :doc:`Migrate to Mattermost `
+- :doc:`Import data in bulk `
+- :doc:`Follow the rollout checklist `
+- :doc:`Complete administrator onboarding tasks `
\ No newline at end of file
diff --git a/source/administration-guide/onboard/migration-announcement-email.rst b/source/administration-guide/getting-started/migration-announcement-email.rst
similarity index 100%
rename from source/administration-guide/onboard/migration-announcement-email.rst
rename to source/administration-guide/getting-started/migration-announcement-email.rst
diff --git a/source/administration-guide/admin-tools/migration.rst b/source/administration-guide/getting-started/migration.rst
similarity index 90%
rename from source/administration-guide/admin-tools/migration.rst
rename to source/administration-guide/getting-started/migration.rst
index 283583e76f9..2e0653403fe 100644
--- a/source/administration-guide/admin-tools/migration.rst
+++ b/source/administration-guide/getting-started/migration.rst
@@ -15,11 +15,11 @@ Whether you’re migrating from another platform, upgrading your database, or us
Migrate from Slack
Bulk export tool
Bulk loading tool
- Migration announcement email template
+ Migration announcement email template
* :doc:`Migrate from MySQL to PostgreSQL ` - Learn how to migrate from MySQL to PostgreSQL.
* :doc:`Server migration guide ` - Learn about about migrating to Mattermost.
* :doc:`Migrate from Slack ` - Learn how to migrate from Slack to Mattermost.
* :doc:`Bulk export tool ` - Learn about the bulk export tool for Mattermost.
* :doc:`Bulk loading tool ` - Learn about the bulk loading tool for Mattermost.
-* :doc:`Migration announcement email template ` - Use this email template to notify your users that you've migrated to Mattermost.
\ No newline at end of file
+* :doc:`Migration announcement email template ` - Use this email template to notify your users that you've migrated to Mattermost.
\ No newline at end of file
diff --git a/source/administration-guide/getting-started/roll-out-checklist.rst b/source/administration-guide/getting-started/roll-out-checklist.rst
new file mode 100644
index 00000000000..f641ab21158
--- /dev/null
+++ b/source/administration-guide/getting-started/roll-out-checklist.rst
@@ -0,0 +1,456 @@
+Roll Out Checklist
+====================
+
+The following checklist provides a recommended approach to rolling out Mattermost in your organization. It is divided into three phases: Prepare for the roll out, Roll out Mattermost, and Review the roll out. Each phase contains a list of tasks to complete along with links to relevant documentation.
+
+Prepare
+----------
+
+- `1. Define the roll out project`_
+- `2. Validate essential security and compliance requirements`_
+- `3. Create development, staging, and production environments`_
+- `4. Configure and customize your Mattermost site`_
+- `5. Test production performance and redundancy`_
+
+Roll out Mattermost
+-------------------
+
+- `1. Define your team and channel strategy`_
+- `2. Enable key integrations`_
+- `3. Prepare for user onboarding`_
+- `4. Deploy client apps`_
+- `5. Roll out to groups of users`_
+- `6. Drive adoption`_
+
+Review
+-------
+
+- `1. Review project charter success metrics`_
+- `2. Review and analyze usage`_
+- `3. Analyze system performance`_
+- `4. Harden security`_
+- `5. Perform maintenance tasks`_
+
+Checklist details
+-------------------
+
+Prepare for the roll out
+~~~~~~~~~~~~~~~~~~~~~~~~
+
+Much of the preparation work is focused on ensuring the environment is deployed and secured prior to onboarding users.
+
+1. Define the roll out project
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+- Define key stakeholders and project team members
+
+ - Example project team members: Project Manager, Network Administrator, Database Administrator, Corporate Directory Administrator, Security & Compliance Administrator(s), User Support, User Champions, User Trainers
+
+- Define use cases and requirements for teams, their workflows and their integrations
+
+ - Resource: https://mattermost.com/blog/27-things-enterprises-can-learn-startups-increase-productivity/
+
+- Define success criteria, goals and metrics to measure success
+
+- Create a Project Charter to document goals, tasks, deliverables, and decisions
+
+ - Get buy-in from project team members and key stakeholders on the project charter
+
+2. Validate essential security and compliance requirements
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+- Review Mattermost security features
+
+ - Resource: https://docs.mattermost.com/security-guide/security-guide-index.html
+
+- Determine monitoring requirements
+
+ - Database, network, storage, log integrity
+ - Identify fields for log management tools (e.g. Splunk Enterprise event data)
+
+- Determine environment access policies
+
+ - Network access, physical access, group controlled access
+
+- Determine encryption policies
+
+ - Resource: https://docs.mattermost.com/deployment-guide/encryption-options.html
+ - Resource: https://docs.mattermost.com/deployment-guide/transport-encryption.html
+
+- Determine system administration access policies
+
+ - Identify the list of users or groups who need administrative access for Mattermost System Console, Command Line Tools, and API privileges
+
+- Define and configure authentication policies
+
+ - Resource: https://docs.mattermost.com/product-overview/corporate-directory-integration.html
+
+- Determine requirements for multi-factor authentication
+
+ - Resource: https://docs.mattermost.com/administration-guide/identity-access/multi-factor-authentication.html
+
+- Configure and test SSO or Corporate Directory integration (SAML or AD/LDAP)
+
+ - Resource: https://docs.mattermost.com/administration-guide/identity-access/authentication-methods/saml-based-sso/sso-saml.html
+ - Resource: https://docs.mattermost.com/administration-guide/identity-access/ad-ldap.html
+
+- Define your mobile usage policy
+
+ - Resource: https://docs.mattermost.com/deployment-guide/mobile/mobile-app-deployment.html
+
+- Evaluate external network access requirements
+
+ - The `Mattermost Marketplace `_ is a service hosted by Mattermost that functions as a central place to store the current versions of available Mattermost integrations. See :ref:`Enable Remote Marketplace ` documentation for details about required external network access.
+ - Mattermost supports external GIF providers. See :ref:`GIF Commands ` configuration documentation for details about required external network access.
+
+3. Create development, staging, and production environments
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+- Finalize production environment design basing hardware on expected usage and requirements for high availability
+
+ - Resource: https://docs.mattermost.com/deployment-guide/application-architecture.html
+ - Resource: https://docs.mattermost.com/deployment-guide/deployment-guide-index.html
+ - Resource: https://docs.mattermost.com/administration-guide/operations-scaling/scaling-for-enterprise.html
+ - Resource: https://docs.mattermost.com/administration-guide/operations-scaling/high-availability-cluster-based-deployment.html
+
+- Create development and staging environments
+
+ - Recommend using to test early configurations for database, authentication, file storage, Elasticsearch, prior to setting up high availability and load balancing
+ - Recommend configuring staging to be an identical replication of your production environment
+
+- Create a production environment
+
+ - Install Mattermost
+
+ - Install the number of nodes based on your high availability requirements outlined in your production environment design
+ - Recommendation: Use Kubernetes and the Mattermost Operator, with external supported external database and file storage solutions. This will also provide blue/green deployment, rolling upgrades, and canary builds
+
+ - Resource: https://docs.mattermost.com/deployment-guide/server/deploy-kubernetes.html
+
+ - Install and configure database
+
+ - Install the number of read and search replicas based on your high availability requirements outlined in your production environment design
+
+ - Resource: https://docs.mattermost.com/deployment-guide/server/server-architecture.html#database-with-virtual-ips
+
+ - (Optional) Set up configuration management via the database instead of a config file for high available environments
+
+ - Resource: https://docs.mattermost.com/administration-guide/configuration-reference/configuration-in-your-database.html
+
+ - Install and configure File Storage
+
+ - Resource: https://docs.mattermost.com/deployment-guide/server/preparations.html#file-storage-preparation
+
+ - Install and configure proxy or load balancers
+
+ - Note: If running Kubernetes and the Mattermost Operator, proxies will be created automatically.
+ - Add SSL Cert
+
+ - Resource: https://docs.mattermost.com/administration-guide/identity-access/ssl-client-certificate.html
+ - Resource: https://docs.mattermost.com/administration-guide/operations-scaling/high-availability-cluster-based-deployment.html#proxy-server-configuration
+
+ - (Optional) Set up certificate-based authentication (CBA) for user or device-based authentication with a digital certificate
+
+ - Resource: https://docs.mattermost.com/administration-guide/identity-access/certificate-based-authentication.html
+
+ - Configure SMTP for email notifications
+
+ - Resource: https://docs.mattermost.com/administration-guide/configuration-reference/smtp-email.html
+
+ - Set up Elasticsearch (highly recommended if your organization anticipates over two million posts)
+
+ - Resource: https://docs.mattermost.com/administration-guide/operations-scaling/elasticsearch-setup.html
+
+- Document network configuration
+
+ - Example: https://docs.mattermost.com/administration-guide/operations-scaling/backing-storage-benchmarks.html
+
+4. Configure and customize your Mattermost site
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+- Login to Mattermost and access the System Console to connect your environment to Mattermost
+
+ - Resource: https://docs.mattermost.com/administration-guide/configuration-reference/configuration-settings.html#environment-variables
+ - Upload your valid Enterprise License under Edition and License
+ - Ensure site URL is set appropriately for your production, dev and staging environments
+ - Add your database configuration to **System Console > Environment > Database**
+ - Add your Elasticsearch or AWS OpenSearch configuration to **System Console > Environment > Elasticsearch**
+ - Add your file storage system configuration to **System Console > Environment > File Storage**
+ - Add your proxy configuration to **System Console > Environment > Image Proxy**
+ - Add your SMTP configuration to **System Console > Environment > SMTP**
+ - Enable Push Notifications by adding your server to **System Console > Environment > Push Notification Server**
+ - Add your cluster configuration to **System Console > Environment > High Availability**
+
+- Configure your site within the System Console
+
+ - Resource: https://docs.mattermost.com/administration-guide/configuration-reference/configuration-settings.html#site-configuration
+
+- Set site access policies including permissions for roles and guest access
+
+ - Permissions Resource: https://docs.mattermost.com/administration-guide/onboard/advanced-permissions.html
+ - Guest Access Resource: https://docs.mattermost.com/administration-guide/onboard/guest-accounts.html
+
+5. Test production performance and redundancy
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+- Define and test disaster recovery policy and processes
+
+ - Resource: https://docs.mattermost.com/deployment-guide/server/deploy-kubernetes.html
+ - Resource: https://docs.mattermost.com/administration-guide/operations-scaling/high-availability-cluster-based-deployment.html#upgrade-guide
+
+- Performance test production environment
+
+ - Load test production environment to verify that it will handle anticipated user load
+
+ - Resource: https://github.com/mattermost/mattermost-load-test
+
+ - Set up Prometheus and Grafana to monitor performance
+
+ - Resource: https://docs.mattermost.com/administration-guide/operations-scaling/deploy-prometheus-grafana-for-performance-monitoring.html
+
+ - Set up alerts in Grafana
+
+ - Resource: https://docs.mattermost.com/administration-guide/operations-scaling/deploy-prometheus-grafana-for-performance-monitoring.html
+
+Roll out Mattermost
+~~~~~~~~~~~~~~~~~~~
+Now that you have an environment in place, we recommend working through the following items in an iterative process. You may need to cycle through each of these topics multiple times to make adjustments to suit your organization as you onboard groups of users.
+
+1. Define your team and channel strategy
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+- Determine and create a team structure for your environment
+
+ - Recommendation: Start with fewer teams in your early roll out
+ - Resource: https://docs.mattermost.com/end-user-guide/collaborate/channel-naming-conventions.html
+
+- Determine and create key channels to support your users. A default Town Square channel is created automatically and available on every team.
+
+ - Recommendation: Add a “Support” channel for your users to escalate questions
+
+- (Optional) Migrate messages and channels from legacy systems
+
+ - Resource: :doc:`Migrating to Mattermost `
+
+2. Enable key integrations
+^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+- Build the list of key integrations and tools used by your teams
+
+ - Resource: https://developers.mattermost.com/integrate/getting-started/
+
+- Define use cases and requirements for plugins, bots, webhooks, slash commands
+
+ - Resource: https://developers.mattermost.com/integrate/other-integrations/
+
+- Set up key integrations (or migrate from POC environments)
+
+ - Resource: https://mattermost.com/marketplace/
+
+- Understand Mattermost API capabilities
+
+ - Resource: https://api.mattermost.com/
+
+3. Prepare for user onboarding
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+- Onboard champion users
+
+- Onboard trainers and support team
+- Create a training plan
+
+ - Resource: https://academy.mattermost.com/
+
+- Define user escalation and support processes
+
+ - Ensure you have set the site’s support URL to your own support team under **System Console > Site Configuration > Customization**
+
+- Notify users in advance of roll out
+
+ - Sample email: https://docs.mattermost.com/administration-guide/operations-scaling/welcome-email-to-end-users.html
+
+4. Deploy client apps
+^^^^^^^^^^^^^^^^^^^^^
+
+- Roll out desktop app
+
+ - Resource: https://docs.mattermost.com/deployment-guide/desktop/desktop-app-deployment.html
+ - (Optional) Use the MSI installer to install on Windows machines
+
+ - Resource: https://docs.mattermost.com/deployment-guide/desktop/desktop-msi-installer-and-group-policy-install.html
+
+- Roll out mobile app
+
+ - Resource: https://docs.mattermost.com/deployment-guide/mobile/mobile-app-deployment.html
+ - (Optional) Use an EMM provider
+
+ - Resource: https://docs.mattermost.com/deployment-guide/mobile/deploy-mobile-apps-using-emm-provider.html
+
+5. Roll out to groups of users
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+- Provision user accounts
+
+ - Resource: https://docs.mattermost.com/administration-guide/onboard/user-provisioning-workflows.html
+
+- (Optional) Bulk Load users
+
+ - Resource: :doc:`Bulk loading data `
+
+- Onboard users to teams and channels
+
+ - Recommendation: Use LDAP Group Sync to automate this process
+
+ - Resource: https://docs.mattermost.com/administration-guide/identity-access/ad-ldap-groups-synchronization.html
+
+- Implement your training plan to end users on how to use Mattermost
+
+ - Train on using Mattermost
+ - Train on how to use integrations
+
+6. Drive adoption
+^^^^^^^^^^^^^^^^^
+
+- Incrementally roll out to additional user groups
+
+ - See “Roll Out to Groups of Users”
+
+- Manage support requests and product requests from your end users
+
+ - Resource: https://mattermost.com/support/
+ - See the process below for escalating to Mattermost
+
+- Enable additional integrations and plugins to support user workflows
+
+ - Resource: https://mattermost.com/marketplace/
+
+- Understand management tools available to support users
+
+ - mmctl Command Line Tool Resource: :doc:`mmctl `
+ - Command Line Tools Resource: :doc:`CLI `
+
+Review the roll out
+~~~~~~~~~~~~~~~~~~~
+
+We recommend that you review your rollout on a cadence that matches your iterative approach to rolling out to users. Below are some areas to consider.
+
+1. Review project charter success metrics
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+- Perform end-user surveys and measure satisfaction
+
+- Verify use case fulfillment from original requirements gathering
+
+- Measure your response time and resolution rate for user support issues
+
+- Identify usage gaps and address or create a plan for addressing
+
+2. Review and analyze usage
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+- Review Project Charter success metrics - identify usage gaps and address or create a plan for addressing
+
+- Monitor site and team statistics
+
+ - Resource: :doc:`Statistics `
+ - Review: Total posts, total teams, total channels, total group chats, total direct chats, top channels, top teams
+
+- Analyze usage by lines of business and peak usage times
+
+3. Analyze system performance
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+- Monitor trends in CPU/memory usage
+
+- Review trends in database connections
+
+- Review trends in Go routines
+
+- Review trends in concurrent sessions
+
+4. Harden security
+^^^^^^^^^^^^^^^^^^
+
+- Harden security controls around the web, desktop, and mobile security
+
+- Harden configuration management
+
+- Harden network security
+
+ - Identify additional tests and scans
+ - (Optional) Enable Compliance Reporting
+
+ - Resource: https://docs.mattermost.com/administration-guide/compliance-security-auditing/compliance-export.html
+
+5. Perform maintenance tasks
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+- Monitor for security updates (or sign up for email updates)
+
+ - Resource: https://mattermost.com/security-updates/
+
+- Perform the first upgrade
+
+ - Resource: https://docs.mattermost.com/administration-guide/operations-scaling/upgrading-mattermost-server.html
+
+- Determine upgrade schedule based on Mattermost release schedules and life cycle
+
+ - Resource: https://docs.mattermost.com/product-overview/releases-lifecycle.html
+
+- Run System checks and either address or set address-by date
+
+
+Send a welcome email to end users
+----------------------------------
+
+.. include:: ../../_static/badges/allplans-cloud-selfhosted.rst
+ :start-after: :nosearch:
+
+To make it easy for your end users to start using Mattermost right away, we created a sample email template that you can use.
+
+Remember to replace all the items below in bold with your information.
+
+Email template
+---------------
+
+From: **[company name]** IT Team
+
+To: End users
+
+Subject: New Collaboration Platform - Mattermost
+
+
+Hi all,
+
+As some of you already know, we are moving to Mattermost as our collaboration platform. Mattermost is collaboration software you can use to talk, share files, and collaborate on projects or initiatives. Mattermost also integrates with many of the apps that you use every day, like **[add apps]**.
+
+We are moving to Mattermost because it will host all our collaboration in one place, is instantly searchable and available from all your devices.
+
+Some of the major benefits of using Mattermost are:
+
+- Direct 1:1 and group messaging
+
+- Channels for topic-based, group-based, or meeting-based chat
+
+- Streamlined collaboration on projects
+
+- Reduced email clutter
+
+- Searching across messages and channels
+
+- Sharing files
+
+To get started:
+
+1. Open a browser on your computer, go to **[Mattermost URL]** and log in with your **[LDAP/AD, SAML, Google, etc]** credentials. Remember to bookmark the URL so you can use it to log in next time.
+
+2. `Download `__ the Mattermost apps for desktop and mobile. See the :doc:`End User Guide ` for details on how to get up and running with Mattermost quickly.
+
+3. Start messaging!
+
+
+Questions?
+If you have any questions, feel free to post in the **[~Mattermost channel]** or email us at **[IT email]**.
+
+Happy collaborating!
+
+**[company name]** IT Team
diff --git a/source/administration-guide/configuration-reference/site-configuration-settings.rst b/source/administration-guide/getting-started/site-configuration-settings.rst
similarity index 99%
rename from source/administration-guide/configuration-reference/site-configuration-settings.rst
rename to source/administration-guide/getting-started/site-configuration-settings.rst
index 1d413fbb8f2..094ba211458 100644
--- a/source/administration-guide/configuration-reference/site-configuration-settings.rst
+++ b/source/administration-guide/getting-started/site-configuration-settings.rst
@@ -1927,7 +1927,7 @@ Access the following configuration settings in the System Console by going to **
:configjson: .AnnouncementSettings.AdminNoticesEnabled
:environment: MM_ANNOUNCEMENTSETTINGS_ADMINNOTICESENABLED
- - **true**: **(Default)** System admins will receive `in-product notices `__ about server upgrades and administration features.
+ - **true**: **(Default)** System admins will receive :doc:`in-product notices ` about server upgrades and administration features.
- **false**: System admins will not receive specific notices. Admins will still receive notices for all users (see **Enable end user notices**).
Enable admin notices
@@ -1945,7 +1945,7 @@ Enable admin notices
:configjson: .AnnouncementSettings.UserNoticesEnabled
:environment: MM_ANNOUNCEMENTSETTINGS_USERNOTICESENABLED
- - **true**: **(Default)** All users receive `in-product notices `__ about client upgrades and end user features.
+ - **true**: **(Default)** All users receive :doc:`in-product notices ` about client upgrades and end user features.
- **false**: Users will not receive in-product notices.
Enable end user notices
diff --git a/source/administration-guide/configuration-reference/user-management-configuration-settings.rst b/source/administration-guide/getting-started/user-management-configuration-settings.rst
similarity index 100%
rename from source/administration-guide/configuration-reference/user-management-configuration-settings.rst
rename to source/administration-guide/getting-started/user-management-configuration-settings.rst
diff --git a/source/administration-guide/admin-tools/attribute-based-access-control.rst b/source/administration-guide/identity-access/attributes/attribute-based-access-control.rst
similarity index 100%
rename from source/administration-guide/admin-tools/attribute-based-access-control.rst
rename to source/administration-guide/identity-access/attributes/attribute-based-access-control.rst
diff --git a/source/administration-guide/configuration-reference/system-attributes.rst b/source/administration-guide/identity-access/attributes/system-attributes.rst
similarity index 100%
rename from source/administration-guide/configuration-reference/system-attributes.rst
rename to source/administration-guide/identity-access/attributes/system-attributes.rst
diff --git a/source/administration-guide/admin-tools/user-attributes.rst b/source/administration-guide/identity-access/attributes/user-attributes.rst
similarity index 100%
rename from source/administration-guide/admin-tools/user-attributes.rst
rename to source/administration-guide/identity-access/attributes/user-attributes.rst
diff --git a/source/administration-guide/identity-access/authentication-methods/ad-ldap/ad-ldap-groups-synchronization.rst b/source/administration-guide/identity-access/authentication-methods/active-directory/ad-ldap-groups-synchronization.rst
similarity index 100%
rename from source/administration-guide/identity-access/authentication-methods/ad-ldap/ad-ldap-groups-synchronization.rst
rename to source/administration-guide/identity-access/authentication-methods/active-directory/ad-ldap-groups-synchronization.rst
diff --git a/source/administration-guide/identity-access/authentication-methods/ad-ldap/ad-ldap.rst b/source/administration-guide/identity-access/authentication-methods/active-directory/ad-ldap.rst
similarity index 98%
rename from source/administration-guide/identity-access/authentication-methods/ad-ldap/ad-ldap.rst
rename to source/administration-guide/identity-access/authentication-methods/active-directory/ad-ldap.rst
index cdadb4afaa0..3e95a9743b2 100644
--- a/source/administration-guide/identity-access/authentication-methods/ad-ldap/ad-ldap.rst
+++ b/source/administration-guide/identity-access/authentication-methods/active-directory/ad-ldap.rst
@@ -8,8 +8,8 @@ AD/LDAP setup
:maxdepth: 1
:titlesonly:
- /identity-access/ad-ldap-groups-synchronization
- /identity-access/managing-team-channel-membership-using-ad-ldap-sync-groups
+ /identity-access/authentication-methods/active-directory/ad-ldap-groups-synchronization
+ /identity-access/authentication-methods/active-directory/managing-team-channel-membership-using-ad-ldap-sync-groups
Overview
--------
@@ -170,7 +170,7 @@ If this filter is removed/changed, active guests will not be promoted to a membe
When a guest logs in for the first time they are presented with a default landing page until they are added to channels.
-See the :doc:`Guest Accounts documentation ` for more information about this feature.
+See the :doc:`Guest Accounts documentation ` for more information about this feature.
Admin filter
~~~~~~~~~~~~
diff --git a/source/administration-guide/identity-access/authentication-methods/ad-ldap/managing-team-channel-membership-using-ad-ldap-sync-groups.rst b/source/administration-guide/identity-access/authentication-methods/active-directory/managing-team-channel-membership-using-ad-ldap-sync-groups.rst
similarity index 100%
rename from source/administration-guide/identity-access/authentication-methods/ad-ldap/managing-team-channel-membership-using-ad-ldap-sync-groups.rst
rename to source/administration-guide/identity-access/authentication-methods/active-directory/managing-team-channel-membership-using-ad-ldap-sync-groups.rst
diff --git a/source/administration-guide/identity-access/authentication-methods/saml-based-sso/saml-based-sso-index.rst b/source/administration-guide/identity-access/authentication-methods/saml-based-sso/saml-based-sso-index.rst
index 06c0d4fcd0c..65e74f39234 100644
--- a/source/administration-guide/identity-access/authentication-methods/saml-based-sso/saml-based-sso-index.rst
+++ b/source/administration-guide/identity-access/authentication-methods/saml-based-sso/saml-based-sso-index.rst
@@ -1,7 +1,7 @@
SAML-based SSO
==============
-Use SAML 2.0 to authenticate users with your identity provider. Follow provider-specific guides and supporting references to plan, implement, and troubleshoot SAML SSO.
+Use :doc:`SAML 2.0 ` to authenticate users with your identity provider. Follow provider-specific guides and supporting references to plan, implement, and troubleshoot SAML SSO for :doc:`Microsoft ADFS for Windows Server 2012 `, :doc:`Microsoft ADFS using Microsoft Windows Server 2016 `, :doc:`OneLogin `, :doc:`Okta `, and :doc:`Keycloak `.
.. toctree::
:maxdepth: 1
@@ -17,3 +17,7 @@ Use SAML 2.0 to authenticate users with your identity provider. Follow provider-
sso-saml-ldapsync
sso-saml-technical
sso-saml-faq
+
+You can :doc:`configure SAML synchronization with AD/LDAP ` to keep user attributes up to date, manage account deactivation, and override SAML data to ensure user attributes are consistent across systems.
+
+See :doc:`SAML SSO technical guidance ` for additional information, including troubleshooting tips, frequently asked questions, and examples for both requests and responses.
\ No newline at end of file
diff --git a/source/administration-guide/onboard/common-converting-oauth-to-openidconnect.rst b/source/administration-guide/identity-access/authentication-methods/sso/common-converting-oauth-to-openidconnect.rst
similarity index 100%
rename from source/administration-guide/onboard/common-converting-oauth-to-openidconnect.rst
rename to source/administration-guide/identity-access/authentication-methods/sso/common-converting-oauth-to-openidconnect.rst
diff --git a/source/administration-guide/identity-access/authentication-methods/sso/convert-oauth20-service-providers-to-openidconnect.rst b/source/administration-guide/identity-access/authentication-methods/sso/convert-oauth20-service-providers-to-openidconnect.rst
index 1756f58bc06..0c740edf4e7 100644
--- a/source/administration-guide/identity-access/authentication-methods/sso/convert-oauth20-service-providers-to-openidconnect.rst
+++ b/source/administration-guide/identity-access/authentication-methods/sso/convert-oauth20-service-providers-to-openidconnect.rst
@@ -1,7 +1,7 @@
Converting OAuth 2.0 Service Providers to OpenID Connect
========================================================
-.. include:: ../../_static/badges/ent-pro-cloud-selfhosted.rst
+.. include:: ../../../_static/badges/ent-pro-cloud-selfhosted.rst
:start-after: :nosearch:
.. include:: common-converting-oauth-to-openidconnect.rst
@@ -10,7 +10,7 @@ Converting OAuth 2.0 Service Providers to OpenID Connect
Configuring OpenID Connect Single Sign-On
-----------------------------------------
-.. include:: ../../_static/badges/selfhosted-only.rst
+.. include:: ../../../_static/badges/selfhosted-only.rst
:start-after: :nosearch:
For details on configuring Mattermost to use a service provider as a Single Sign-on (SSO) service for team creation, account creation, and user sign-in using OpenID Connect, refer to the following documentation:
diff --git a/source/administration-guide/identity-access/authentication-methods/sso/sso-entraid.rst b/source/administration-guide/identity-access/authentication-methods/sso/sso-entraid.rst
index c8f2f8e138d..bd3803d329e 100644
--- a/source/administration-guide/identity-access/authentication-methods/sso/sso-entraid.rst
+++ b/source/administration-guide/identity-access/authentication-methods/sso/sso-entraid.rst
@@ -1,7 +1,7 @@
Entra ID Single Sign-On
=========================
-.. include:: ../../_static/badges/ent-pro-cloud-selfhosted.rst
+.. include:: ../../../_static/badges/ent-pro-cloud-selfhosted.rst
:start-after: :nosearch:
Configuring EntraID as a Single Sign-On (SSO) service
@@ -81,7 +81,7 @@ If you don't register Mattermost in the Microsoft Azure AD tenant your organizat
Configure Mattermost ``config.json`` for Entra ID SSO
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-.. include:: ../../_static/badges/ent-pro-cloud-selfhosted.rst
+.. include:: ../../../_static/badges/ent-pro-cloud-selfhosted.rst
:start-after: :nosearch:
Instead of using the System Console, you can add the Entra ID settings directly to the ``config.json`` file on your Mattermost server.
diff --git a/source/administration-guide/identity-access/authentication-methods/sso/sso-gitlab.rst b/source/administration-guide/identity-access/authentication-methods/sso/sso-gitlab.rst
index d9c25d66a03..566f7f91263 100644
--- a/source/administration-guide/identity-access/authentication-methods/sso/sso-gitlab.rst
+++ b/source/administration-guide/identity-access/authentication-methods/sso/sso-gitlab.rst
@@ -1,7 +1,7 @@
GitLab Single Sign-On
=====================
-.. include:: ../../_static/badges/ent-pro-cloud-selfhosted.rst
+.. include:: ../../../_static/badges/ent-pro-cloud-selfhosted.rst
:start-after: :nosearch:
Configuring GitLab as a Single Sign-On (SSO) service
diff --git a/source/administration-guide/identity-access/authentication-methods/sso/sso-google.rst b/source/administration-guide/identity-access/authentication-methods/sso/sso-google.rst
index e7201344460..4c5d1ea75d5 100644
--- a/source/administration-guide/identity-access/authentication-methods/sso/sso-google.rst
+++ b/source/administration-guide/identity-access/authentication-methods/sso/sso-google.rst
@@ -1,7 +1,7 @@
Google Single Sign-On
=====================
-.. include:: ../../_static/badges/ent-pro-cloud-selfhosted.rst
+.. include:: ../../../_static/badges/ent-pro-cloud-selfhosted.rst
:start-after: :nosearch:
Configuring Google Apps as a Single Sign-On (SSO) service
@@ -68,7 +68,7 @@ Step 3: Configure Mattermost for Google Apps SSO
Configure Mattermost ``config.json`` for Google Apps SSO
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-.. include:: ../../_static/badges/selfhosted-only.rst
+.. include:: ../../../_static/badges/selfhosted-only.rst
:start-after: :nosearch:
Instead of using the System Console, you can add the Google settings directly to the ``config.json`` file directly on your Mattermost server.
diff --git a/source/administration-guide/identity-access/authentication-methods/sso/sso-index.rst b/source/administration-guide/identity-access/authentication-methods/sso/sso-index.rst
index e629df214e5..4a58ff2af7d 100644
--- a/source/administration-guide/identity-access/authentication-methods/sso/sso-index.rst
+++ b/source/administration-guide/identity-access/authentication-methods/sso/sso-index.rst
@@ -1,7 +1,7 @@
Single Sign-On (SSO)
====================
-Centralize authentication with OpenID Connect (OIDC) and supported providers. Use these guides to configure GitLab, Google, and Microsoft Entra ID, and to convert legacy OAuth 2.0 providers to OIDC.
+Centralize authentication with :doc:`OpenID Connect (OIDC) ` and supported providers. Use these guides to configure :doc:`GitLab `, :doc:`Google `, and :doc:`Microsoft Entra ID `, and to :doc:`convert legacy OAuth 2.0 providers to OIDC `.
.. toctree::
:maxdepth: 1
@@ -12,3 +12,7 @@ Centralize authentication with OpenID Connect (OIDC) and supported providers. Us
sso-google
sso-entraid
convert-oauth20-service-providers-to-openidconnect
+
+.. tip::
+
+ Looking for SAML-based SSO options? See :doc:`SAML-based SSO `.
\ No newline at end of file
diff --git a/source/administration-guide/identity-access/identity-access-index.rst b/source/administration-guide/identity-access/identity-access-index.rst
new file mode 100644
index 00000000000..6a336bdd3eb
--- /dev/null
+++ b/source/administration-guide/identity-access/identity-access-index.rst
@@ -0,0 +1,33 @@
+Identity and Access Management
+===============================
+
+.. toctree::
+ :maxdepth: 1
+ :titlesonly:
+
+Secure sign-in through centralized identity providers, map attributes, and control user access and membership.
+
+user provisioning
+
+- :doc:`Set up Active Directory (AD) or LDAP `
+- :doc:`Configure SSO `
+- :doc:`Enforce multi-factor authentication (MFA) `
+- :doc:`Enable SSL client certificates `
+
+Permissions and Roles
+~~~~~~~~~~~~~~~~~~~~~~
+
+
+
+User Management
+~~~~~~~~~~~~~~~~~
+
+
+
+Guest Accounts
+~~~~~~~~~~~~~~~
+
+
+
+Team and Channel Member Management
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
\ No newline at end of file
diff --git a/source/administration-guide/onboard/advanced-permissions-backend-infrastructure.rst b/source/administration-guide/identity-access/permissions-and-roles/advanced-permissions-backend-infrastructure.rst
similarity index 99%
rename from source/administration-guide/onboard/advanced-permissions-backend-infrastructure.rst
rename to source/administration-guide/identity-access/permissions-and-roles/advanced-permissions-backend-infrastructure.rst
index 370746aacbd..71776ffa36e 100644
--- a/source/administration-guide/onboard/advanced-permissions-backend-infrastructure.rst
+++ b/source/administration-guide/identity-access/permissions-and-roles/advanced-permissions-backend-infrastructure.rst
@@ -1,7 +1,7 @@
Advanced permissions: backend infrastructure
============================================
-.. include:: ../../_static/badges/allplans-cloud-selfhosted.rst
+.. include:: ../../../_static/badges/allplans-cloud-selfhosted.rst
:start-after: :nosearch:
This document outlines the backend server infrastructure for permissions in Mattermost and is recommended only for technical Admins or developers looking to make modifications to their installation.
diff --git a/source/administration-guide/onboard/advanced-permissions.rst b/source/administration-guide/identity-access/permissions-and-roles/advanced-permissions.rst
similarity index 94%
rename from source/administration-guide/onboard/advanced-permissions.rst
rename to source/administration-guide/identity-access/permissions-and-roles/advanced-permissions.rst
index 032c11b8370..ddc444315a4 100644
--- a/source/administration-guide/onboard/advanced-permissions.rst
+++ b/source/administration-guide/identity-access/permissions-and-roles/advanced-permissions.rst
@@ -1,7 +1,7 @@
Advanced permissions
====================
-.. include:: ../../_static/badges/allplans-cloud-selfhosted.rst
+.. include:: ../../../_static/badges/allplans-cloud-selfhosted.rst
:start-after: :nosearch:
Mattermost system admins using Mattermost Cloud or Mattermost Server can use Advanced Permissions to customize which users can perform specific actions, such as creating teams, managing channels, and configuring webhooks. The Mattermost permission system is based on a modified RBAC (role-based access control) architecture, using roles to determine which users have the ability to perform various actions.
@@ -11,7 +11,7 @@ Two permission schemes are provided in Mattermost:
* **System Scheme**: Applies permissions universally across all teams and channels.
* **Team Override Schemes**: Allow admins to customize permissions for each team.
-This document describes the types of permissions that can be given to users of Mattermost using schemes as well as channel settings and roles. The :doc:`permissions backend documentation ` provides additional technical details around permissions.
+This document describes the types of permissions that can be given to users of Mattermost using schemes as well as channel settings and roles. The :doc:`permissions backend documentation ` provides additional technical details around permissions.
Permissions structure
----------------------
@@ -32,12 +32,12 @@ To override the System Scheme default permissions in a specific team, you must s
You can access the System Scheme interface by going to **System Console > User Management > Permissions > System Scheme**.
-.. image:: ../../images/system-scheme.png
+.. image:: ../../../../images/system-scheme.png
Team override scheme
~~~~~~~~~~~~~~~~~~~~
-.. include:: ../../_static/badges/ent-only.rst
+.. include:: ../../../_static/badges/ent-only.rst
:start-after: :nosearch:
On systems with multiple :ref:`Mattermost teams `, each team may operate and collaborate in a unique way. Team Override Schemes give Admins the flexibility to tailor permissions to the needs of each team.
@@ -50,7 +50,7 @@ When you use this permission scheme:
You can access the Team Override Scheme interface by going to **System Console > User Management > Permissions > Team Override Schemes**.
-.. image:: ../../images/team-scheme.png
+.. image:: ../../../../images/team-scheme.png
Channel permissions
--------------------
@@ -60,10 +60,10 @@ The channel permissions interface is accessed in **System Console > User Managem
Advanced access controls
~~~~~~~~~~~~~~~~~~~~~~~~~
-.. include:: ../../_static/badges/ent-pro-only.rst
+.. include:: ../../../_static/badges/ent-pro-only.rst
:start-after: :nosearch:
-See the :ref:`team and channel management ` documentation for details on available channel access controls.
+See the :ref:`team and channel management ` documentation for details on available channel access controls.
Recipes
-------
@@ -148,7 +148,7 @@ This permission is applied to all other roles (excluding the Guest role). When t
Read-only channels
~~~~~~~~~~~~~~~~~~
-.. include:: ../../_static/badges/ent-only.rst
+.. include:: ../../../_static/badges/ent-only.rst
:start-after: :nosearch:
Members can participate but guests can only read and react
@@ -221,7 +221,7 @@ There are a number of API and mmctl tools available for admins to help in config
Backend infrastructure
----------------------
-Technical admins or developers looking for a deeper understanding of the permissions backend can refer to our :doc:`permissions backend documentation `.
+Technical admins or developers looking for a deeper understanding of the permissions backend can refer to our :doc:`permissions backend documentation `.
Glossary
--------
diff --git a/source/administration-guide/onboard/delegated-granular-administration.rst b/source/administration-guide/identity-access/permissions-and-roles/delegated-granular-administration.rst
similarity index 99%
rename from source/administration-guide/onboard/delegated-granular-administration.rst
rename to source/administration-guide/identity-access/permissions-and-roles/delegated-granular-administration.rst
index ddbb66a6237..471e5e372c5 100644
--- a/source/administration-guide/onboard/delegated-granular-administration.rst
+++ b/source/administration-guide/identity-access/permissions-and-roles/delegated-granular-administration.rst
@@ -1,7 +1,7 @@
Delegated granular administration
=================================
-.. include:: ../../_static/badges/ent-cloud-selfhosted.rst
+.. include:: ../../../_static/badges/ent-cloud-selfhosted.rst
:start-after: :nosearch:
Mattermost supports the creation and customization of system administration roles with specific granular permissions and System Console access. This allows senior administrators in large organizations to delegate and de-centralize specialized administration and administrative tasks with specific admin roles.
diff --git a/source/administration-guide/onboard/guest-accounts.rst b/source/administration-guide/identity-access/permissions-and-roles/guest-accounts.rst
similarity index 99%
rename from source/administration-guide/onboard/guest-accounts.rst
rename to source/administration-guide/identity-access/permissions-and-roles/guest-accounts.rst
index 2b5788cde82..3a5a348140d 100644
--- a/source/administration-guide/onboard/guest-accounts.rst
+++ b/source/administration-guide/identity-access/permissions-and-roles/guest-accounts.rst
@@ -3,7 +3,7 @@
Guest accounts
==============
-.. include:: ../../_static/badges/ent-pro-cloud-selfhosted.rst
+.. include:: ../../../../_static/badges/ent-pro-cloud-selfhosted.rst
:start-after: :nosearch:
Guest accounts in Mattermost are a way to collaborate with individuals, such as vendors and contractors, outside of your organization by controlling their access to channels and team members. For example, guest accounts can be used to collaborate with customers on a support issue or work on a website project with resources from an external design firm.
diff --git a/source/administration-guide/identity-access/permissions-and-roles/permissions-and-roles-index.rst b/source/administration-guide/identity-access/permissions-and-roles/permissions-and-roles-index.rst
new file mode 100644
index 00000000000..e69de29bb2d
diff --git a/source/administration-guide/admin-tools/team-channel-members.rst b/source/administration-guide/identity-access/team-channel-members.rst
similarity index 100%
rename from source/administration-guide/admin-tools/team-channel-members.rst
rename to source/administration-guide/identity-access/team-channel-members.rst
diff --git a/source/administration-guide/identity-access/user-management.rst b/source/administration-guide/identity-access/user-management.rst
new file mode 100644
index 00000000000..3ca70816fb6
--- /dev/null
+++ b/source/administration-guide/identity-access/user-management.rst
@@ -0,0 +1,21 @@
+User management
+===============
+
+Welcome to the Mattermost User Management Guide. This User Management Guide is organized into sections to help you manage users, permissions, and roles effectively in your Mattermost workspace.
+
+Whether you’re configuring team and channel settings, managing guest accounts, or leveraging advanced permissions infrastructure, this guide provides the resources and instructions necessary to tailor user management to your organization’s needs. Use the navigation below to explore detailed guidance for each area.
+
+.. toctree::
+ :maxdepth: 1
+ :hidden:
+ :titlesonly:
+
+ Permissions
+ Manage team and channel configuration
+ Advanced permissions infrastructure
+ Guest accounts
+
+* :doc:`Permissions ` - Learn about permissions in Mattermost.
+* :doc:`Manage team and channel configuration ` - Learn about managing team and channel configuration in Mattermost.
+* :doc:`Advanced permissions infrastructure ` - Learn about advanced permissions infrastructure in Mattermost.
+* :doc:`Guest accounts ` - Learn about guest accounts in Mattermost.
\ No newline at end of file
diff --git a/source/administration-guide/onboard/user-provisioning-workflows.rst b/source/administration-guide/identity-access/user-provisioning-workflows.rst
similarity index 100%
rename from source/administration-guide/onboard/user-provisioning-workflows.rst
rename to source/administration-guide/identity-access/user-provisioning-workflows.rst
diff --git a/source/administration-guide/admin-tools/user-provisioning.rst b/source/administration-guide/identity-access/user-provisioning.rst
similarity index 100%
rename from source/administration-guide/admin-tools/user-provisioning.rst
rename to source/administration-guide/identity-access/user-provisioning.rst
diff --git a/source/administration-guide/configuration-reference/cloud-billing-account-settings.rst b/source/administration-guide/licensing/cloud-billing-account-settings.rst
similarity index 100%
rename from source/administration-guide/configuration-reference/cloud-billing-account-settings.rst
rename to source/administration-guide/licensing/cloud-billing-account-settings.rst
diff --git a/source/administration-guide/admin-tools/cloud-byok.rst b/source/administration-guide/licensing/cloud-byok.rst
similarity index 100%
rename from source/administration-guide/admin-tools/cloud-byok.rst
rename to source/administration-guide/licensing/cloud-byok.rst
diff --git a/source/administration-guide/admin-tools/cloud-data-residency.rst b/source/administration-guide/licensing/cloud-data-residency.rst
similarity index 100%
rename from source/administration-guide/admin-tools/cloud-data-residency.rst
rename to source/administration-guide/licensing/cloud-data-residency.rst
diff --git a/source/administration-guide/admin-tools/cloud-ip-filtering.rst b/source/administration-guide/licensing/cloud-ip-filtering.rst
similarity index 100%
rename from source/administration-guide/admin-tools/cloud-ip-filtering.rst
rename to source/administration-guide/licensing/cloud-ip-filtering.rst
diff --git a/source/administration-guide/admin-tools/code-signing-custom-builds.rst b/source/administration-guide/licensing/code-signing-custom-builds.rst
similarity index 100%
rename from source/administration-guide/admin-tools/code-signing-custom-builds.rst
rename to source/administration-guide/licensing/code-signing-custom-builds.rst
diff --git a/source/administration-guide/licensing/licensing-index.rst b/source/administration-guide/licensing/licensing-index.rst
index 2877724a782..806d83c5e2d 100644
--- a/source/administration-guide/licensing/licensing-index.rst
+++ b/source/administration-guide/licensing/licensing-index.rst
@@ -15,3 +15,14 @@ Manage editions, licenses, billing, and workspace-wide policies for Cloud and se
/administration-guide/admin-tools/cloud-byok
/administration-guide/admin-tools/cloud-data-residency
/administration-guide/admin-tools/cloud-ip-filtering
+
+
+Govern your workspace, control data residency and billing, and enable licensed features.
+
+- `Manage license keys for self-hosted deployments `_
+- `Administer Cloud workspaces `_
+- `Configure BYOK, data residency, and IP filtering `_
+- `Set account details and billing information `_
+
+- :doc:`Cloud workspace management `
+- :doc:`Self-hosted billing `
diff --git a/source/administration-guide/configuration-reference/self-hosted-account-settings.rst b/source/administration-guide/licensing/self-hosted-account-settings.rst
similarity index 100%
rename from source/administration-guide/configuration-reference/self-hosted-account-settings.rst
rename to source/administration-guide/licensing/self-hosted-account-settings.rst
diff --git a/source/administration-guide/operations-scaling/collect-performance-metrics.rst b/source/administration-guide/monitoring-observability/collect-performance-metrics.rst
similarity index 100%
rename from source/administration-guide/operations-scaling/collect-performance-metrics.rst
rename to source/administration-guide/monitoring-observability/collect-performance-metrics.rst
diff --git a/source/administration-guide/operations-scaling/deploy-prometheus-grafana-for-performance-monitoring.rst b/source/administration-guide/monitoring-observability/deploy-prometheus-grafana-for-performance-monitoring.rst
similarity index 100%
rename from source/administration-guide/operations-scaling/deploy-prometheus-grafana-for-performance-monitoring.rst
rename to source/administration-guide/monitoring-observability/deploy-prometheus-grafana-for-performance-monitoring.rst
diff --git a/source/administration-guide/admin-tools/monitoring-and-performance.rst b/source/administration-guide/monitoring-observability/monitoring-and-performance.rst
similarity index 100%
rename from source/administration-guide/admin-tools/monitoring-and-performance.rst
rename to source/administration-guide/monitoring-observability/monitoring-and-performance.rst
diff --git a/source/administration-guide/monitoring-observability/monitoring-observability-index.rst b/source/administration-guide/monitoring-observability/monitoring-observability-index.rst
index 08f96c4afe3..a867dedab39 100644
--- a/source/administration-guide/monitoring-observability/monitoring-observability-index.rst
+++ b/source/administration-guide/monitoring-observability/monitoring-observability-index.rst
@@ -15,3 +15,12 @@ Gain visibility into system health and performance. Configure logging, telemetry
/administration-guide/operations-scaling/deploy-prometheus-grafana-for-performance-monitoring
/administration-guide/operations-scaling/performance-alerting
/administration-guide/admin-tools/request-server-health-check
+
+
+Gain visibility into system health, define alerts, and proactively prevent incidents.
+
+- `Configure logging, telemetry, and system statistics `_
+- `Set health probes `_
+- `Deploy Prometheus and Grafana `_
+- `Define alerting rules `_
+- `Request health checks `_
\ No newline at end of file
diff --git a/source/administration-guide/operations-scaling/performance-alerting.rst b/source/administration-guide/monitoring-observability/performance-alerting.rst
similarity index 100%
rename from source/administration-guide/operations-scaling/performance-alerting.rst
rename to source/administration-guide/monitoring-observability/performance-alerting.rst
diff --git a/source/administration-guide/operations-scaling/performance-monitoring-metrics.rst b/source/administration-guide/monitoring-observability/performance-monitoring-metrics.rst
similarity index 100%
rename from source/administration-guide/operations-scaling/performance-monitoring-metrics.rst
rename to source/administration-guide/monitoring-observability/performance-monitoring-metrics.rst
diff --git a/source/administration-guide/operations-scaling/push-notification-health-targets.rst b/source/administration-guide/monitoring-observability/push-notification-health-targets.rst
similarity index 100%
rename from source/administration-guide/operations-scaling/push-notification-health-targets.rst
rename to source/administration-guide/monitoring-observability/push-notification-health-targets.rst
diff --git a/source/administration-guide/admin-tools/statistics.rst b/source/administration-guide/monitoring-observability/statistics.rst
similarity index 100%
rename from source/administration-guide/admin-tools/statistics.rst
rename to source/administration-guide/monitoring-observability/statistics.rst
diff --git a/source/administration-guide/operations-scaling/operations-scaling-index.rst b/source/administration-guide/operations-scaling/operations-scaling-index.rst
index 562f0492a03..bdb1130b718 100644
--- a/source/administration-guide/operations-scaling/operations-scaling-index.rst
+++ b/source/administration-guide/operations-scaling/operations-scaling-index.rst
@@ -20,3 +20,12 @@ Operate Mattermost reliably and scale capacity as your organization grows. Use t
ensuring-releases-perform-at-scale
collect-performance-metrics
/administration-guide/admin-tools/product-limits
+
+Keep your deployment reliable and performant, scale as needed, and upgrade safely with minimal downtime.
+
+- `Plan and perform upgrades or downgrades `_
+- `Deploy high availability (HA) clusters `_
+- `Scale horizontally with Redis `_
+- `Configure Elasticsearch or OpenSearch `_
+- `Tune system performance and plan storage capacity `_
+- `Monitor push notification health `_
diff --git a/source/administration-guide/admin-tools/product-limits.rst b/source/administration-guide/operations-scaling/product-limits.rst
similarity index 100%
rename from source/administration-guide/admin-tools/product-limits.rst
rename to source/administration-guide/operations-scaling/product-limits.rst
diff --git a/source/administration-guide/operations-scaling/welcome-email-to-end-users.rst b/source/administration-guide/operations-scaling/welcome-email-to-end-users.rst
deleted file mode 100644
index 346501ce8e6..00000000000
--- a/source/administration-guide/operations-scaling/welcome-email-to-end-users.rst
+++ /dev/null
@@ -1,55 +0,0 @@
-Welcome email to end users
-===========================
-
-.. include:: ../../_static/badges/allplans-cloud-selfhosted.rst
- :start-after: :nosearch:
-
-To make it easy for your end users to start using Mattermost right away, we created a sample email template that you can use.
-
-Remember to replace all the items below in bold with your information.
-
-Email template
----------------
-
-From: **[company name]** IT Team
-
-To: End users
-
-Subject: New Collaboration Platform - Mattermost
-
-
-Hi all,
-
-As some of you already know, we are moving to Mattermost as our collaboration platform. Mattermost is collaboration software you can use to talk, share files, and collaborate on projects or initiatives. Mattermost also integrates with many of the apps that you use every day, like **[add apps]**.
-
-We are moving to Mattermost because it will host all our collaboration in one place, is instantly searchable and available from all your devices.
-
-Some of the major benefits of using Mattermost are:
-
-- Direct 1:1 and group messaging
-
-- Channels for topic-based, group-based, or meeting-based chat
-
-- Streamlined collaboration on projects
-
-- Reduced email clutter
-
-- Searching across messages and channels
-
-- Sharing files
-
-To get started:
-
-1. Open a browser on your computer, go to **[Mattermost URL]** and log in with your **[LDAP/AD, SAML, Google, etc]** credentials. Remember to bookmark the URL so you can use it to log in next time.
-
-2. `Download `__ the Mattermost apps for desktop and mobile. See the :doc:`Use Mattermost ` end user documentation for details on how to get up and running quickly.
-
-3. Start messaging!
-
-
-Questions?
-If you have any questions, feel free to post in the **[~Mattermost channel]** or email us at **[IT email]**.
-
-Happy collaborating!
-
-**[company name]** IT Team
diff --git a/source/administration-guide/configuration-reference/agents-admin-guide.rst b/source/administration-guide/platform-features/agents-admin-guide.rst
similarity index 100%
rename from source/administration-guide/configuration-reference/agents-admin-guide.rst
rename to source/administration-guide/platform-features/agents-admin-guide.rst
diff --git a/source/administration-guide/configuration-reference/bleve-search.rst b/source/administration-guide/platform-features/bleve-search.rst
similarity index 100%
rename from source/administration-guide/configuration-reference/bleve-search.rst
rename to source/administration-guide/platform-features/bleve-search.rst
diff --git a/source/administration-guide/operations-scaling/common-configure-mattermost-for-enterprise-search.rst b/source/administration-guide/platform-features/common-configure-mattermost-for-enterprise-search.rst
similarity index 100%
rename from source/administration-guide/operations-scaling/common-configure-mattermost-for-enterprise-search.rst
rename to source/administration-guide/platform-features/common-configure-mattermost-for-enterprise-search.rst
diff --git a/source/administration-guide/getting-started/connected-workspaces.rst b/source/administration-guide/platform-features/connected-workspaces.rst
similarity index 99%
rename from source/administration-guide/getting-started/connected-workspaces.rst
rename to source/administration-guide/platform-features/connected-workspaces.rst
index 78689d24af2..7dd930a627c 100644
--- a/source/administration-guide/getting-started/connected-workspaces.rst
+++ b/source/administration-guide/platform-features/connected-workspaces.rst
@@ -8,7 +8,7 @@ Communicate across organizations, as well as external partners and vendors using
Connected workspaces in Mattermost behave like regular public and private channels and offer the same user experience and functionality. All members using secure connections, including local members and remote members, can :doc:`send and receive channel messages `, :doc:`use emojis ` to react to messages, :doc:`share files `, and :doc:`search message history `. Content is synchronized across all participating Mattermost instances.
-A channel's permissions and access continues to be governed by each server separately. :ref:`Advanced access control ` permissions can be applied to a shared channel, and be in effect on the local Mattermost server while not being in effect on a remote Mattermost server.
+A channel's permissions and access continues to be governed by each server separately. :ref:`Advanced access control ` permissions can be applied to a shared channel, and be in effect on the local Mattermost server while not being in effect on a remote Mattermost server.
Set up connected workspaces
---------------------------
diff --git a/source/administration-guide/operations-scaling/elasticsearch-setup.rst b/source/administration-guide/platform-features/elasticsearch-setup.rst
similarity index 97%
rename from source/administration-guide/operations-scaling/elasticsearch-setup.rst
rename to source/administration-guide/platform-features/elasticsearch-setup.rst
index 703ad570801..997e4cfee26 100644
--- a/source/administration-guide/operations-scaling/elasticsearch-setup.rst
+++ b/source/administration-guide/platform-features/elasticsearch-setup.rst
@@ -83,5 +83,5 @@ Follow these steps to configure Mattermost to use your Elasticsearch server and
2. Set **Enable Elasticsearch Indexing** to ``true`` to enable the other the settings on the page. Once the configuration is saved, new posts made to the database are automatically indexed on the Elasticsearch server.
3. Ensure **Backend type** is set to ``elasticsearch``.
-.. include:: /administration-guide/operations-scaling/common-configure-mattermost-for-enterprise-search.rst
+.. include:: /administration-guide/platform-features/common-configure-mattermost-for-enterprise-search.rst
:start-after: :nosearch:
\ No newline at end of file
diff --git a/source/administration-guide/configuration-reference/enabling-chinese-japanese-korean-search.rst b/source/administration-guide/platform-features/enabling-chinese-japanese-korean-search.rst
similarity index 100%
rename from source/administration-guide/configuration-reference/enabling-chinese-japanese-korean-search.rst
rename to source/administration-guide/platform-features/enabling-chinese-japanese-korean-search.rst
diff --git a/source/administration-guide/operations-scaling/enterprise-search.rst b/source/administration-guide/platform-features/enterprise-search.rst
similarity index 96%
rename from source/administration-guide/operations-scaling/enterprise-search.rst
rename to source/administration-guide/platform-features/enterprise-search.rst
index 06ee58ff81f..9140d96ca45 100644
--- a/source/administration-guide/operations-scaling/enterprise-search.rst
+++ b/source/administration-guide/platform-features/enterprise-search.rst
@@ -23,14 +23,14 @@ Elasticsearch
Elasticsearch is a well-established and widely used search engine with a large ecosystem and community support that provides enterprise-scale deployments with optimized search performance, dedicated indexing, and usage resourcing via cluster support for fast, predicable search results.
-Mattermost's implementation uses `Elasticsearch `_ as a distributed, RESTful search engine supporting highly efficient database searches in a :doc:`cluster environment `. Learn more about :doc:`setting up and configuring Mattermost for an Elasticsearch server `.
+Mattermost's implementation uses `Elasticsearch `_ as a distributed, RESTful search engine supporting highly efficient database searches in a :doc:`cluster environment `. Learn more about :doc:`setting up and configuring Mattermost for an Elasticsearch server `.
AWS OpenSearch Service
-----------------------
AWS OpenSearch Service is the official path forward from Elasticsearch v7.10.x for AWS customers. It's a fully managed service that makes it easy to deploy, operate, and scale OpenSearch clusters in the AWS Cloud to provide a simple and cost-effective way to search, analyze, and visualize data in real time.
-The AWS OpenSearch Service is built on the open-source OpenSearch project, which is a community-driven fork of Elasticsearch. Learn more about :doc:`setting up and configuring Mattermost for an OpenSearch server `.
+The AWS OpenSearch Service is built on the open-source OpenSearch project, which is a community-driven fork of Elasticsearch. Learn more about :doc:`setting up and configuring Mattermost for an OpenSearch server `.
Supported paths
----------------
@@ -39,13 +39,13 @@ Review the following support paths for enterprise search based on the version yo
.. tab:: Elasticsearch v8
- `Elasticsearch v8 `__ is supported from Mattermost v9.11. While Mattermost supports Elasticsearch v7.17+, we recommend upgrading your Elasticsearch v7 instance to v8.x. See the `Elasticsearch upgrade `_ documentation for upgrade details, and see the :doc:`Elasticsearch setup ` documentation for details on configuring your Mattermost deployment to use Elasticsearch.
+ `Elasticsearch v8 `__ is supported from Mattermost v9.11. While Mattermost supports Elasticsearch v7.17+, we recommend upgrading your Elasticsearch v7 instance to v8.x. See the `Elasticsearch upgrade `_ documentation for upgrade details, and see the :doc:`Elasticsearch setup ` documentation for details on configuring your Mattermost deployment to use Elasticsearch.
.. tab:: AWS OpenSearch Service
AWS OpenSearch Service is the official path forward from Elasticsearch v7.10.x for AWS customers to provide a simple and cost-effective way to search, analyze, and visual data in real time. It's essentially a continuation of Elasticsearch v7.10.x but maintained as open source by AWS. It provides long-term support, active development, and compatibility with AWS clients, libraries, and managed services.
- See the **AWS Elasticsearch v7.10.x** tab on this page for details on upgrading to AWS OpenSearch, and see the :doc:`AWS OpenSearch setup ` documentation for details on configuring your Mattermost deployment to use AWS OpenSearch.
+ See the **AWS Elasticsearch v7.10.x** tab on this page for details on upgrading to AWS OpenSearch, and see the :doc:`AWS OpenSearch setup ` documentation for details on configuring your Mattermost deployment to use AWS OpenSearch.
.. tab:: AWS Elasticsearch v7.10.x
diff --git a/source/administration-guide/configuration-reference/install-boards.rst b/source/administration-guide/platform-features/install-boards.rst
similarity index 99%
rename from source/administration-guide/configuration-reference/install-boards.rst
rename to source/administration-guide/platform-features/install-boards.rst
index f521a645efc..f5f5d3be556 100644
--- a/source/administration-guide/configuration-reference/install-boards.rst
+++ b/source/administration-guide/platform-features/install-boards.rst
@@ -1,4 +1,4 @@
-Install Mattermost Boards
+Deploy Mattermost Boards
==========================
.. include:: ../../_static/badges/ent-cloud-selfhosted.rst
diff --git a/source/administration-guide/admin-tools/installing-license-key.rst b/source/administration-guide/platform-features/installing-license-key.rst
similarity index 100%
rename from source/administration-guide/admin-tools/installing-license-key.rst
rename to source/administration-guide/platform-features/installing-license-key.rst
diff --git a/source/administration-guide/operations-scaling/opensearch-setup.rst b/source/administration-guide/platform-features/opensearch-setup.rst
similarity index 98%
rename from source/administration-guide/operations-scaling/opensearch-setup.rst
rename to source/administration-guide/platform-features/opensearch-setup.rst
index fca250e6d9c..1e95d7d8c26 100644
--- a/source/administration-guide/operations-scaling/opensearch-setup.rst
+++ b/source/administration-guide/platform-features/opensearch-setup.rst
@@ -261,5 +261,5 @@ Follow these steps to configure Mattermost to use your AWS OpenSearch server and
4. Set the **Server Connection Address** to your Elasticsearch or OpenSearch cluster endpoint.
5. Monitor cluster health: ``curl https://mattermost-os-xxxxx.us-east-1.es.amazonaws.com/_cluster/health``
-.. include:: /administration-guide/operations-scaling/common-configure-mattermost-for-enterprise-search.rst
+.. include:: /administration-guide/platform-features/common-configure-mattermost-for-enterprise-search.rst
:start-after: :nosearch:
diff --git a/source/administration-guide/configuration-reference/optimize-your-workspace.rst b/source/administration-guide/platform-features/optimize-your-workspace.rst
similarity index 100%
rename from source/administration-guide/configuration-reference/optimize-your-workspace.rst
rename to source/administration-guide/platform-features/optimize-your-workspace.rst
diff --git a/source/administration-guide/platform-features/platform-features-index.rst b/source/administration-guide/platform-features/platform-features-index.rst
index cfe0406e55c..4c0c9c6e6e3 100644
--- a/source/administration-guide/platform-features/platform-features-index.rst
+++ b/source/administration-guide/platform-features/platform-features-index.rst
@@ -1,15 +1,28 @@
Platform Features
=================
-Configure and extend Mattermost features including messaging, integrations, plugins, search, voice, and more. Use these guides to enable product capabilities that support your teams.
-
.. toctree::
:maxdepth: 1
:titlesonly:
- /administration-guide/configuration-reference/integrations-configuration-settings
- /administration-guide/configuration-reference/plugins-configuration-settings
- /administration-guide/configuration-reference/install-boards
- /administration-guide/configuration-reference/bleve-search
- /administration-guide/configuration-reference/enabling-chinese-japanese-korean-search
- calls-deployment
+Expand your deployment with core features and improve search relevance.
+
+- :doc:`Deploy Boards for project management `
+- :doc:`Deploy Calls for real-time voice and video `
+- :doc:`Deploy Agents `
+- :doc:`Set up SMTP email `
+- :doc:`Manage system attributes `
+
+
+Search
+~~~~~~~
+
+- :doc:`Enable enterprise search `
+- :doc:`Connect multiple Mattermost workspaces `
+- :doc:`Enable Chinese, Japanese, or Korean search `
+- :doc:`Optimize your workspace `
+
+Integrations
+~~~~~~~~~~~~
+
+Learn more about :doc:`integrating Mattermost with other systems `.
\ No newline at end of file
diff --git a/source/administration-guide/configuration-reference/smtp-email.rst b/source/administration-guide/platform-features/smtp-email.rst
similarity index 100%
rename from source/administration-guide/configuration-reference/smtp-email.rst
rename to source/administration-guide/platform-features/smtp-email.rst
diff --git a/source/administration-guide/admin-tools/bulk-export-tool.rst b/source/administration-guide/upgrade/bulk-export-tool.rst
similarity index 99%
rename from source/administration-guide/admin-tools/bulk-export-tool.rst
rename to source/administration-guide/upgrade/bulk-export-tool.rst
index f669739b3c8..157f429a204 100644
--- a/source/administration-guide/admin-tools/bulk-export-tool.rst
+++ b/source/administration-guide/upgrade/bulk-export-tool.rst
@@ -615,7 +615,7 @@ Post object
| props |
object |
- The props for a post. Contains additional formatting information used by integrations and bot posts. For a more detailed explanation see the message attachments documentation. |
+ The props for a post. Contains additional formatting information used by integrations and bot posts. For a more detailed explanation see the message attachments documentation. |
| create_at |
diff --git a/source/administration-guide/operations-scaling/downgrading-mattermost-server.rst b/source/administration-guide/upgrade/downgrading-mattermost-server.rst
similarity index 100%
rename from source/administration-guide/operations-scaling/downgrading-mattermost-server.rst
rename to source/administration-guide/upgrade/downgrading-mattermost-server.rst
diff --git a/source/administration-guide/operations-scaling/enterprise-install-upgrade.rst b/source/administration-guide/upgrade/enterprise-install-upgrade.rst
similarity index 100%
rename from source/administration-guide/operations-scaling/enterprise-install-upgrade.rst
rename to source/administration-guide/upgrade/enterprise-install-upgrade.rst
diff --git a/source/administration-guide/operations-scaling/important-upgrade-notes.rst b/source/administration-guide/upgrade/important-upgrade-notes.rst
similarity index 99%
rename from source/administration-guide/operations-scaling/important-upgrade-notes.rst
rename to source/administration-guide/upgrade/important-upgrade-notes.rst
index 0d33ffbda92..65cb9714de6 100644
--- a/source/administration-guide/operations-scaling/important-upgrade-notes.rst
+++ b/source/administration-guide/upgrade/important-upgrade-notes.rst
@@ -210,7 +210,7 @@ We recommend reviewing the `additional upgrade notes <#additional-upgrade-notes>
| +------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| | v10.5 introduces updates to the Compliance Export functionality, which will modify how exported data is structured, stored and processed. These changes |
| | primarily affect System Administrators and the main changes are outlined below. See more details in |
-| | the `Compliance Export documentation `_. |
+| | the :doc:`Compliance Export documentation `. |
| | |
| | Output files and directories have changed - Previously we were exporting a single zip containing all the batch directories. Now we will export a single |
| | directory, and under that directory each batch will be its own zip. |
@@ -1254,7 +1254,7 @@ We recommend reviewing the `additional upgrade notes <#additional-upgrade-notes>
| | part of an LDAP group. However, the group mention keyword will not be highlighted. |
| +------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| | SAML Setting "Use Improved SAML Library (Beta)" was forcefully disabled. Follow instructions at |
-| | https://docs.mattermost.com/administration-guide/identity-access/authentication-methods/saml-based-sso/sso-saml.html for enabling SAML using the feature-equivalent ``xmlsec1`` utility. |
+| | :doc:`/administration-guide/identity-access/authentication-methods/saml-based-sso/sso-saml` for enabling SAML using the feature-equivalent ``xmlsec1`` utility. |
+----------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| v5.22.0 | Due to fixing performance issues related to emoji reactions, the performance of the upgrade has been affected in that the schema upgrade now takes more time in |
| | environments with lots of reactions in their database. These environments are recommended to perform the schema migration during low usage times and potentially |
@@ -1277,13 +1277,13 @@ We recommend reviewing the `additional upgrade notes <#additional-upgrade-notes>
| | used. Also, direct copy of the ``model.Post`` structure must be avoided in favor of the provided ``Clone()`` method. |
| +------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| | SAML Setting "Use Improved SAML Library (Beta)" was forcefully disabled. Follow instructions at |
-| | https://docs.mattermost.com/administration-guide/identity-access/authentication-methods/saml-based-sso/sso-saml.html for enabling SAML using the feature-equivalent ``xmlsec1`` utility. |
+| | :doc:`/administration-guide/identity-access/authentication-methods/saml-based-sso/sso-saml` for enabling SAML using the feature-equivalent ``xmlsec1`` utility. |
+----------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| v5.21.0 | Honour key value expiry in KVCompareAndSet, KVCompareAndDelete, and KVList. We also improved handling of plugin key value race conditions and deleted keys in |
| | Postgres. |
| +------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| | SAML Setting "Use Improved SAML Library (Beta)" was forcefully disabled. Follow instructions at |
-| | https://docs.mattermost.com/administration-guide/identity-access/authentication-methods/saml-based-sso/sso-saml.html for enabling SAML using the feature-equivalent ``xmlsec1`` utility. |
+| | :doc:`/administration-guide/identity-access/authentication-methods/saml-based-sso/sso-saml` for enabling SAML using the feature-equivalent ``xmlsec1`` utility. |
+----------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| v5.20.0 | Any `pre-packaged plugin `_ |
| | that is not enabled in the ``config.json`` will no longer install automatically, but can continue to be installed via the |
diff --git a/source/administration-guide/operations-scaling/open-source-components.rst b/source/administration-guide/upgrade/open-source-components.rst
similarity index 100%
rename from source/administration-guide/operations-scaling/open-source-components.rst
rename to source/administration-guide/upgrade/open-source-components.rst
diff --git a/source/administration-guide/operations-scaling/prepare-to-upgrade-mattermost.rst b/source/administration-guide/upgrade/prepare-to-upgrade-mattermost.rst
similarity index 100%
rename from source/administration-guide/operations-scaling/prepare-to-upgrade-mattermost.rst
rename to source/administration-guide/upgrade/prepare-to-upgrade-mattermost.rst
diff --git a/source/administration-guide/operations-scaling/upgrade-mattermost-kubernetes-ha.rst b/source/administration-guide/upgrade/upgrade-mattermost-kubernetes-ha.rst
similarity index 100%
rename from source/administration-guide/operations-scaling/upgrade-mattermost-kubernetes-ha.rst
rename to source/administration-guide/upgrade/upgrade-mattermost-kubernetes-ha.rst
diff --git a/source/administration-guide/operations-scaling/upgrade-mattermost.rst b/source/administration-guide/upgrade/upgrade-mattermost.rst
similarity index 100%
rename from source/administration-guide/operations-scaling/upgrade-mattermost.rst
rename to source/administration-guide/upgrade/upgrade-mattermost.rst
diff --git a/source/administration-guide/operations-scaling/upgrading-mattermost-server.rst b/source/administration-guide/upgrade/upgrading-mattermost-server.rst
similarity index 100%
rename from source/administration-guide/operations-scaling/upgrading-mattermost-server.rst
rename to source/administration-guide/upgrade/upgrading-mattermost-server.rst
diff --git a/source/administration-guide/operations-scaling/communicate-scheduled-maintenance.rst b/source/administration-guide/user-experience/communicate-scheduled-maintenance.rst
similarity index 100%
rename from source/administration-guide/operations-scaling/communicate-scheduled-maintenance.rst
rename to source/administration-guide/user-experience/communicate-scheduled-maintenance.rst
diff --git a/source/administration-guide/configuration-reference/custom-branding-tools.rst b/source/administration-guide/user-experience/custom-branding-tools.rst
similarity index 100%
rename from source/administration-guide/configuration-reference/custom-branding-tools.rst
rename to source/administration-guide/user-experience/custom-branding-tools.rst
diff --git a/source/administration-guide/admin-tools/customize-branding.rst b/source/administration-guide/user-experience/customize-branding.rst
similarity index 100%
rename from source/administration-guide/admin-tools/customize-branding.rst
rename to source/administration-guide/user-experience/customize-branding.rst
diff --git a/source/administration-guide/configuration-reference/customize-mattermost.rst b/source/administration-guide/user-experience/customize-mattermost.rst
similarity index 100%
rename from source/administration-guide/configuration-reference/customize-mattermost.rst
rename to source/administration-guide/user-experience/customize-mattermost.rst
diff --git a/source/administration-guide/configuration-reference/email-templates.rst b/source/administration-guide/user-experience/email-templates.rst
similarity index 100%
rename from source/administration-guide/configuration-reference/email-templates.rst
rename to source/administration-guide/user-experience/email-templates.rst
diff --git a/source/administration-guide/admin-tools/in-product-notices.rst b/source/administration-guide/user-experience/in-product-notices.rst
similarity index 100%
rename from source/administration-guide/admin-tools/in-product-notices.rst
rename to source/administration-guide/user-experience/in-product-notices.rst
diff --git a/source/administration-guide/configuration-reference/manage-user-surveys.rst b/source/administration-guide/user-experience/manage-user-surveys.rst
similarity index 100%
rename from source/administration-guide/configuration-reference/manage-user-surveys.rst
rename to source/administration-guide/user-experience/manage-user-surveys.rst
diff --git a/source/administration-guide/operations-scaling/notify-admin.rst b/source/administration-guide/user-experience/notify-admin.rst
similarity index 100%
rename from source/administration-guide/operations-scaling/notify-admin.rst
rename to source/administration-guide/user-experience/notify-admin.rst
diff --git a/source/administration-guide/admin-tools/system-wide-notifications.rst b/source/administration-guide/user-experience/system-wide-notifications.rst
similarity index 100%
rename from source/administration-guide/admin-tools/system-wide-notifications.rst
rename to source/administration-guide/user-experience/system-wide-notifications.rst
diff --git a/source/administration-guide/user-experience/user-experience-index.rst b/source/administration-guide/user-experience/user-experience-index.rst
index c77d1bb7d8c..7ece4d66d19 100644
--- a/source/administration-guide/user-experience/user-experience-index.rst
+++ b/source/administration-guide/user-experience/user-experience-index.rst
@@ -7,11 +7,18 @@ Shape the end-user experience with branding, surveys, notices, and workspace opt
:maxdepth: 1
:titlesonly:
- /administration-guide/configuration-reference/custom-branding-tools
- /administration-guide/admin-tools/customize-branding
- /administration-guide/configuration-reference/customize-mattermost
- /administration-guide/admin-tools/user-satisfaction-surveys
- /administration-guide/admin-tools/in-product-notices
- /administration-guide/configuration-reference/manage-user-surveys
- /administration-guide/configuration-reference/optimize-your-workspace
- /administration-guide/configuration-reference/email-templates
+ /administration-guide/user-experience/custom-branding-tools
+ /administration-guide/user-experience/customize-branding
+ /administration-guide/user-experience/customize-mattermost
+ /administration-guide/user-experience/user-satisfaction-surveys
+ /administration-guide/user-experience/in-product-notices
+ /administration-guide/user-experience/manage-user-surveys
+ /administration-guide/user-experience/email-templates
+
+
+Deliver a consistent, branded workspace that drives adoption, engagement, and structured feedback.
+
+- :doc:`Customize branding ` with :doc:`custom branding tools `
+- `Manage in-product notices `_
+- `Run user satisfaction surveys `_
+- `Customize email templates `_
\ No newline at end of file
diff --git a/source/administration-guide/admin-tools/user-satisfaction-surveys.rst b/source/administration-guide/user-experience/user-satisfaction-surveys.rst
similarity index 100%
rename from source/administration-guide/admin-tools/user-satisfaction-surveys.rst
rename to source/administration-guide/user-experience/user-satisfaction-surveys.rst
diff --git a/source/redirects.py b/source/redirects.py
index a6ea801a680..59a54b5fbaf 100644
--- a/source/redirects.py
+++ b/source/redirects.py
@@ -388,7 +388,7 @@
"administration-guide/upgrade/downgrading-mattermost-server.html":
"https://docs.mattermost.com/administration-guide/operations-scaling/downgrading-mattermost-server.html",
"administration-guide/upgrade/enterprise-roll-out-checklist.html":
- "https://docs.mattermost.com/administration-guide/getting-started/enterprise-roll-out-checklist.html",
+ "https://docs.mattermost.com/administration-guide/getting-started/roll-out-checklist.html",
"administration-guide/upgrade/admin-onboarding-tasks.html":
"https://docs.mattermost.com/administration-guide/getting-started/admin-onboarding-tasks.html",
"administration-guide/upgrade-mattermost.html":
@@ -2615,7 +2615,7 @@
"getting-started/admin-onboarding-tasks.html":
"https://docs.mattermost.com/administration-guide/upgrade/admin-onboarding-tasks.html",
"getting-started/enterprise-roll-out-checklist.html":
- "https://docs.mattermost.com/administration-guide/upgrade/enterprise-roll-out-checklist.html",
+ "https://docs.mattermost.com/administration-guide/getting-started/roll-out-checklist.html",
"getting-started/welcome-email-to-end-users.html":
"https://docs.mattermost.com/administration-guide/upgrade/welcome-email-to-end-users.html",
"getting-started/architecture-overview.html":
@@ -4393,7 +4393,7 @@
"upgrade/enterprise-install-upgrade.html":
"https://docs.mattermost.com/administration-guide/upgrade/enterprise-install-upgrade.html",
"upgrade/enterprise-roll-out-checklist.html":
- "https://docs.mattermost.com/administration-guide/upgrade/enterprise-roll-out-checklist.html",
+ "https://docs.mattermost.com/administration-guide/getting-started/roll-out-checklist.html",
"upgrade/important-upgrade-notes.html":
"https://docs.mattermost.com/administration-guide/upgrade/important-upgrade-notes.html",
"upgrade/notify-admin.html":
@@ -4612,7 +4612,7 @@
# End User Guide redirects
"guides/use-mattermost.html":
- "https://docs.mattermost.com/end-user-guide/end-user-guide-index.html",
+ "https://docs.mattermost.com/end-user-guide/end-user-guide-index.html"
# End of redirects. The last redirect above should NOT end in a comma.
diff --git a/source/use-case-guide/integrated-security-operations.rst b/source/use-case-guide/integrated-security-operations.rst
index 996d8596e7d..fcb1f477175 100644
--- a/source/use-case-guide/integrated-security-operations.rst
+++ b/source/use-case-guide/integrated-security-operations.rst
@@ -35,7 +35,7 @@ CERTs serve as rapid-response teams during high-risk events, requiring tight coo
- **Orchestrate high-stakes incident response** through :doc:`Collaborative Playbooks ` tailored for malware outbreaks, data exfiltration events, and zero-day exploits.
- **Centralize and structure communication** with :doc:`channel-based collaboration `, including :doc:`file sharing `, :doc:`threaded updates `, and task-tracking across affected teams.
- **Enable coordination across geographies** using :doc:`multi-device access ` and :doc:`mobile EMM support ` for secure participation across locations and devices.
-- **Preserve evidentiary and compliance data** through :ref:`audit logs ` and configurable :doc:`exports ` for legal review or forensic handoff.
+- **Preserve evidentiary and compliance data** through :ref:`audit logs ` and configurable :doc:`exports ` for legal review or forensic handoff.
- **Ensure data sovereignty** with flexible hosting options including EU-resident infrastructure, on-premises deployments, and air-gapped environments that maintain full control over sensitive communications.
Federated Threat Intelligence & Information Sharing
diff --git a/source/use-case-guide/maximize-microsoft-investments.rst b/source/use-case-guide/maximize-microsoft-investments.rst
index 32b2d45fc16..15f4bd8a0f5 100644
--- a/source/use-case-guide/maximize-microsoft-investments.rst
+++ b/source/use-case-guide/maximize-microsoft-investments.rst
@@ -60,7 +60,7 @@ Operational teams need to extend Microsoft capabilities to mission environments
- **Enable mission-critical coordination at the edge** by :ref:`deploying Mattermost in secure, on-prem or air-gapped environments ` :doc:`integrated with Microsoft Teams and Outlook `.
- **Fuse data and decision-making across platforms** with support for :doc:`toolchain integration `, :doc:`audio/screen share `, and :doc:`workflow automation ` embedded into a dedicated Mission Operations Platform.
-- **Maintain coalition and partner alignment** through :doc:`interoperable Connected Workspaces ` supporting collaboration across mission partner networks.
+- **Maintain coalition and partner alignment** through :doc:`interoperable Connected Workspaces ` supporting collaboration across mission partner networks.
- **Accelerate action with mission-tuned AI** using secure Azure AI and :doc:`Mattermost Copilot ` to summarize context, guide decisions, and automate operational tasks.
- **Secure every communication path** with built-in :doc:`Zero Trust controls ` and deploy on Azure or sovereign environments for maximum flexibility and compliance.
@@ -75,7 +75,7 @@ Managing external collaboration within Microsoft Teams can be complex, often req
**Benefits**
- **Integrate Mattermost with Microsoft Teams and Outlook** to enable secure external collaboration with encryption, audit trails, and role-based permissions—without compromising compliance. (See :doc:`Mattermost for M365, Teams, and Outlook `).
-- **Eliminate shadow IT** by providing :doc:`Connected Workspaces ` for sanctioned, policy-enforced engagement with external partners—reducing reliance on consumer-grade tools.
+- **Eliminate shadow IT** by providing :doc:`Connected Workspaces ` for sanctioned, policy-enforced engagement with external partners—reducing reliance on consumer-grade tools.
- **Apply granular policy enforcement for external users**, including :ref:`granular user permissions `, :doc:`legal hold `, :doc:`retention policies `, and :doc:`custom Terms of Service `.
- **Synchronize user identity** using :doc:`Entra ID ` to maintain scalable, centralized access control across both internal and external collaborators.
@@ -87,7 +87,7 @@ Multi-agency, multi-tenant Microsoft 365 environments often hinder seamless coll
**Benefits**
- **Centralize communication across M365 instances** using Mattermost as a neutral, embedded hub for messaging, file sharing, and playbook coordination (See :doc:`Mattermost for M365, Teams, and Outlook `).
-- **Bridge segmented Teams deployments** with :doc:`Connected Workspaces ` and Microsoft presence integration to ensure continuity without duplicative configuration.
+- **Bridge segmented Teams deployments** with :doc:`Connected Workspaces ` and Microsoft presence integration to ensure continuity without duplicative configuration.
- **Deploy flexibly across hybrid, private, or air-gapped environments** such as :doc:`Mattermost for M365, Teams, and Outlook ` to ensure operational consistency no matter the deployment complexity.
- **Secure external communications and maintain control** with segmentation, data governance, and compliance automation across Teams ecosystems.
diff --git a/source/use-case-guide/mission-ready-mobile.rst b/source/use-case-guide/mission-ready-mobile.rst
index a5eed5972c0..fef11fe3ecb 100644
--- a/source/use-case-guide/mission-ready-mobile.rst
+++ b/source/use-case-guide/mission-ready-mobile.rst
@@ -36,7 +36,7 @@ When personal devices are the only available channel—whether in partner nation
- **Prevent unauthorized data sharing**: Mitigate leakage with :ref:`screenshot and screen recording prevention ` and :ref:`jailbreak/root detection ` that block high-risk mobile behaviors.
- **Secure access without cloud dependency** via :ref:`self-hosted deployments ` or :doc:`air-gapped infrastructures ` that prevent sensitive data from touching public networks.
- **Deliver rapid alerts with low bandwidth impact** using :ref:`ID-only push notifications `, ideal for DDIL (disconnected, intermittent, low-bandwidth) conditions.
-- **Support interagency or coalition workflows** in mission-partner environments through :doc:`Connected Workspaces ` with :doc:`role-based ` and :doc:`attribute-based access controls (ABAC) `.
+- **Support interagency or coalition workflows** in mission-partner environments through :doc:`Connected Workspaces ` with :doc:`role-based ` and :doc:`attribute-based access controls (ABAC) `.
Built for Field-Forward Security
---------------------------------
diff --git a/source/use-case-guide/secure-command-and-control.rst b/source/use-case-guide/secure-command-and-control.rst
index 523cab0d0c6..2009e527a11 100644
--- a/source/use-case-guide/secure-command-and-control.rst
+++ b/source/use-case-guide/secure-command-and-control.rst
@@ -38,7 +38,7 @@ Disconnected environments demand resilient tools that work without cloud access,
- **Integrate with legacy and mission-specific systems** to maintain decision advantage in disconnected environments through :doc:`custom-built, self-hosted integrations ` tailored to your operational infrastructure.
- **Maintain command resilience** using :doc:`high availability cluster-based deployment ` and :doc:`horizontal scalability ` to support operational continuity at scale.
- **Automate field workflows** with :doc:`Collaborative Playbooks ` that track tasks, manage field updates, and orchestrate responses under DDIL constraints.
-- **Enable secure real-time collaboration with headquarters** using :doc:`Connected Workspaces ` to synchronize discussions, files, and reactions if connectivity is restored.
+- **Enable secure real-time collaboration with headquarters** using :doc:`Connected Workspaces ` to synchronize discussions, files, and reactions if connectivity is restored.
Bring Your Own Device (BYOD) with Sensitive Information Protections
--------------------------------------------------------------------
@@ -66,7 +66,7 @@ Coordinating across departments, agencies, and external stakeholders—especiall
- **Unify mission stakeholders on a common-use platform** that supports :ref:`hybrid deployments ` across private cloud, edge environments, and :doc:`air-gapped infrastructure `.
- **Maintain data sovereignty and mission alignment** with deployments that avoid consumer infrastructure and retain control over all communications and file transfers—even in classified operations.
- **Apply role-based separation of access** through :doc:`advanced permissions ` and :ref:`channel-level controls ` to protect mission integrity across organizational boundaries.
-- **Enable secure real-time collaboration across entities** using :doc:`Connected Workspaces ` to synchronize discussions, files, and reactions between teams without compromising internal governance.
+- **Enable secure real-time collaboration across entities** using :doc:`Connected Workspaces ` to synchronize discussions, files, and reactions between teams without compromising internal governance.
- **Reduce personal device risk** by offering secure enterprise communication options that eliminate the need for unauthorized messaging apps.
Get Started
diff --git a/source/use-case-guide/self-sovereign-collaboration.rst b/source/use-case-guide/self-sovereign-collaboration.rst
index 42586f49b84..517f145bef3 100644
--- a/source/use-case-guide/self-sovereign-collaboration.rst
+++ b/source/use-case-guide/self-sovereign-collaboration.rst
@@ -41,7 +41,7 @@ Cross-agency, multinational, or coalition collaboration requires sovereignty wit
**Benefits**
-- **Create secure shared workspaces** with :doc:`Connected Workspaces Channels ` that synchronize discussions, reactions, and file sharing across trusted organizations—without exposing internal systems.
+- **Create secure shared workspaces** with :doc:`Connected Workspaces Channels ` that synchronize discussions, reactions, and file sharing across trusted organizations—without exposing internal systems.
- **Control access across organizations** with :doc:`attribute-based permissions ` and scoped identity policies to ensure mission alignment and sensitive information segmentation.
- **Deploy sovereign AI and workflow automation** in isolated environments using :doc:`air-gapped AI operations ` and :doc:`Collaborative Playbooks `—enabling intelligence and speed without compromising data control.
- **Upgrade legacy platforms** like Skype for Business with modern, compliant tools for secure messaging, screen sharing, and team coordination. :doc:`See Skype for Business replacement options `.
From b619b5fe93cc505911d8c732d0d68089db5f8484 Mon Sep 17 00:00:00 2001
From: "Carrie Warner (Mattermost)"
<74422101+cwarnermm@users.noreply.github.com>
Date: Mon, 29 Sep 2025 13:00:22 -0400
Subject: [PATCH 4/4] Another round of AG nav rewiring & build error fixes
---
.../admin-tools/admin-tools-index.rst | 10 +--
.../admin-tools/cloud-data-export.rst | 8 +-
.../admin-tools/error-codes.rst | 2 +-
.../admin-tools/generating-support-packet.rst | 4 +-
.../admin-tools/mmctl-command-line-tool.rst | 6 +-
.../request-server-health-check.rst | 2 +-
.../admin-tools/server-maintenance.rst | 12 +--
.../admin-tools/telemetry.rst | 6 +-
.../compliance-export.rst | 6 +-
.../compliance-security-auditing-index.rst | 1 -
.../data-retention-policy.rst | 2 +-
.../legal-hold.rst | 2 +-
.../compliance-security-auditing/logging.rst | 10 +--
.../configuration-in-your-database.rst | 2 +-
.../configuration-reference-index.rst | 8 +-
.../configuration-settings.rst | 11 +--
.../experimental-configuration-settings.rst | 10 +--
.../integrations-configuration-settings.rst | 7 +-
.../plugins-configuration-settings.rst | 2 +-
.../reporting-configuration-settings.rst | 2 +-
.../server-configuration.rst | 32 +++----
.../admin-onboarding-tasks.rst | 8 +-
.../getting-started/bulk-loading-data.rst | 2 +-
.../environment-configuration-settings.rst | 88 +++++++++----------
.../getting-started/migration.rst | 4 +-
.../getting-started/roll-out-checklist.rst | 12 +--
.../site-configuration-settings.rst | 8 +-
.../attributes/system-attributes.rst | 2 +-
.../ad-ldap-groups-synchronization.rst | 18 ++--
.../active-directory/ad-ldap.rst | 6 +-
...l-membership-using-ad-ldap-sync-groups.rst | 2 +-
.../saml-based-sso/sso-saml-adfs-msws2016.rst | 52 +++++------
.../saml-based-sso/sso-saml-adfs.rst | 4 +-
.../saml-based-sso/sso-saml-keycloak.rst | 4 +-
.../saml-based-sso/sso-saml-okta.rst | 2 +-
.../saml-based-sso/sso-saml-onelogin.rst | 2 +-
.../saml-based-sso/sso-saml-technical.rst | 2 +-
.../saml-based-sso/sso-saml.rst | 2 +-
...h20-service-providers-to-openidconnect.rst | 4 +-
.../sso/sso-entraid.rst | 4 +-
.../authentication-methods/sso/sso-gitlab.rst | 2 +-
.../authentication-methods/sso/sso-google.rst | 4 +-
.../sso/sso-openidconnect.rst | 2 +-
.../advanced-permissions.rst | 4 +-
.../permissions-and-roles/guest-accounts.rst | 2 +-
.../identity-access/user-provisioning.rst | 12 +--
.../licensing/cloud-workspace-management.rst | 12 +--
.../licensing/licensing-index.rst | 12 +--
...eus-grafana-for-performance-monitoring.rst | 2 +-
.../monitoring-and-performance.rst | 50 +++++------
.../monitoring-observability-index.rst | 10 +--
.../additional-ha-considerations.rst | 2 +-
.../backing-storage-benchmarks.rst | 4 +-
...-availability-cluster-based-deployment.rst | 12 +--
.../operations-scaling-index.rst | 18 ++--
.../operations-scaling/product-limits.rst | 4 +-
.../scale-to-100000-users.rst | 2 +-
.../scale-to-200000-users.rst | 2 +-
.../scaling-for-enterprise.rst | 8 +-
...igure-mattermost-for-enterprise-search.rst | 4 +-
.../platform-features/enterprise-search.rst | 8 +-
.../installing-license-key.rst | 4 +-
.../optimize-your-workspace.rst | 21 ++---
.../platform-features/smtp-email.rst | 2 +-
.../upgrade/important-upgrade-notes.rst | 59 +++++++------
.../upgrade/upgrade-mattermost.rst | 19 ++--
.../user-experience/customize-branding.rst | 5 +-
.../backup-disaster-recovery.rst | 2 +-
.../desktop/desktop-app-managed-resources.rst | 2 +-
.../distribute-a-custom-desktop-app.rst | 2 +-
.../deployment-guide/encryption-options.rst | 4 +-
source/deployment-guide/mobile/mobile-faq.rst | 8 +-
.../mobile/mobile-security-features.rst | 6 +-
.../mobile/mobile-troubleshooting.rst | 2 +-
.../postgres-migration-assist-tool.rst | 2 +-
.../server/air-gapped-deployment.rst | 2 +-
.../deployment-guide/server/image-proxy.rst | 2 +-
.../server/server-architecture.rst | 2 +-
.../server/setup-nginx-proxy.rst | 2 +-
source/deployment-guide/server/setup-tls.rst | 2 +-
.../deployment-guide/server/trouble_mysql.rst | 2 +-
.../server/troubleshooting.rst | 2 +-
.../software-hardware-requirements.rst | 4 +-
.../collaborate/invite-people.rst | 2 +-
.../collaborate/search-for-messages.rst | 4 +-
.../collaborate/share-files-in-messages.rst | 2 +-
.../preferences/manage-advanced-options.rst | 2 +-
.../troubleshoot-notifications.rst | 2 +-
source/integrations-guide/jira.rst | 2 +-
.../popular-integrations.rst | 38 ++++----
.../certifications-and-compliance.rst | 2 +-
source/product-overview/cloud-dedicated.rst | 2 +-
source/product-overview/cloud-shared.rst | 2 +-
.../corporate-directory-integration.rst | 2 +-
.../unsupported-legacy-releases.md | 2 +-
source/redirects.py | 2 +-
source/security-guide/cmmc-compliance.rst | 4 +-
source/security-guide/mobile-security.rst | 4 +-
source/security-guide/secure-mattermost.rst | 12 +--
.../security-guide/security-guide-index.rst | 10 +--
source/security-guide/zero-trust.rst | 2 +-
.../maximize-microsoft-investments.rst | 8 +-
.../use-case-guide/mission-ready-mobile.rst | 6 +-
.../purpose-built-collaboration.rst | 2 +-
.../secure-command-and-control.rst | 8 +-
105 files changed, 403 insertions(+), 420 deletions(-)
diff --git a/source/administration-guide/admin-tools/admin-tools-index.rst b/source/administration-guide/admin-tools/admin-tools-index.rst
index 235ab6f7a07..833d5490fcf 100644
--- a/source/administration-guide/admin-tools/admin-tools-index.rst
+++ b/source/administration-guide/admin-tools/admin-tools-index.rst
@@ -10,15 +10,13 @@ Use administrative tools and utilities to automate tasks, export data, and troub
mmctl-command-line-tool
command-line-tools
generating-support-packet
- bulk-export-tool
- system-wide-notifications
- in-product-notices
+ ../user-experience/system-wide-notifications
+ ../user-experience/in-product-notices
feature-labels
- logging
- statistics
+ ../monitoring-observability/monitoring-and-performance
+ ../monitoring-observability/statistics
request-server-health-check
telemetry
- team-channel-members
Streamline administration with automation tools, simplify troubleshooting, and maintain operational hygiene.
diff --git a/source/administration-guide/admin-tools/cloud-data-export.rst b/source/administration-guide/admin-tools/cloud-data-export.rst
index d5b9622174e..89b2997afec 100644
--- a/source/administration-guide/admin-tools/cloud-data-export.rst
+++ b/source/administration-guide/admin-tools/cloud-data-export.rst
@@ -191,18 +191,18 @@ Finally, it's time to take our export from the source server and use it as an im
| ` | |
+-------------------------------------------------------------------------------------------------+-------------------------------------------------------------------------------------------------------------------------------+
| :ref:`Maximum File Size | Temporarily increase this value to be **larger** than the size of the import file. |
-| ` | Following a successful import, we strongly recommend reverting this value to a reasonable limit for daily expected usage. |
+| ` | Following a successful import, we strongly recommend reverting this value to a reasonable limit for daily expected usage. |
+-------------------------------------------------------------------------------------------------+-------------------------------------------------------------------------------------------------------------------------------+
| :ref:`Write Timeout | Temporarily adjust this value based on import file speed and network path to enable the file to upload without timeouts. |
-| ` | Start with a value of **3600** and adjust if needed. |
+| ` | Start with a value of **3600** and adjust if needed. |
| | Following a successful import, we strongly recommend reverting this setting to its initial or previous value. |
+-------------------------------------------------------------------------------------------------+-------------------------------------------------------------------------------------------------------------------------------+
| :ref:`Read Timeout | Temporarily adjust this value based on import file speed and network path to enable the file to upload without timeouts. |
-| ` | Start with a value of **3600** and adjust if needed. |
+| ` | Start with a value of **3600** and adjust if needed. |
| | Following a successful import, we strongly recommend reverting this setting to its initial or previous value. |
+-------------------------------------------------------------------------------------------------+-------------------------------------------------------------------------------------------------------------------------------+
| :ref:`Amazon S3 Request Timeout | If using cloud-based file storage, adjust this value to ensure your storage requests don't time out too soon. |
-| ` | |
+| ` | |
+-------------------------------------------------------------------------------------------------+-------------------------------------------------------------------------------------------------------------------------------+
Next, log into the destination server using ``mmctl`` the same way you logged into the source server:
diff --git a/source/administration-guide/admin-tools/error-codes.rst b/source/administration-guide/admin-tools/error-codes.rst
index b62665bd575..180b38d5694 100644
--- a/source/administration-guide/admin-tools/error-codes.rst
+++ b/source/administration-guide/admin-tools/error-codes.rst
@@ -1,7 +1,7 @@
Mattermost error codes
======================
-.. include:: ../../../_static/badges/allplans-selfhosted.rst
+.. include:: ../../_static/badges/allplans-selfhosted.rst
:start-after: :nosearch:
Mattermost is designed to deploy in private networks which may be disconnected or “air-gapped” from the internet. In these deployments, links to Mattermost’s online documentation may be unavailable.
diff --git a/source/administration-guide/admin-tools/generating-support-packet.rst b/source/administration-guide/admin-tools/generating-support-packet.rst
index 0e714230856..03ae3c22f60 100644
--- a/source/administration-guide/admin-tools/generating-support-packet.rst
+++ b/source/administration-guide/admin-tools/generating-support-packet.rst
@@ -1,7 +1,7 @@
Generate a Support Packet
==========================
-.. include:: ../../../_static/badges/ent-pro-selfhosted.rst
+.. include:: ../../_static/badges/ent-pro-selfhosted.rst
:start-after: :nosearch:
The Support Packet is used to help customers diagnose and troubleshoot issues. Use the System Console or the :ref:`mmctl system supportpacket ` command to generate a zip file that includes configuration information, logs, plugin details, and data on external dependencies across all nodes in a high-availability cluster. Confidential data, such as passwords, are automatically stripped.
@@ -17,7 +17,7 @@ Generate
1. Go to the System Console, and select **Commercial Support** from the System Console menu.
- .. image:: ../../../images/system-console-commercial-support.png
+ .. image:: ../../images/system-console-commercial-support.png
:alt: Example of available System Console menu options.
2. Select **Download Support Packet**. A zip file is downloaded to the local machine. You'll be notified if any packet files are unavailable during packet generation. See the ``warning.txt`` file for details.
diff --git a/source/administration-guide/admin-tools/mmctl-command-line-tool.rst b/source/administration-guide/admin-tools/mmctl-command-line-tool.rst
index 71099be51b3..50369f70b50 100644
--- a/source/administration-guide/admin-tools/mmctl-command-line-tool.rst
+++ b/source/administration-guide/admin-tools/mmctl-command-line-tool.rst
@@ -946,7 +946,7 @@ mmctl channel delete
Permanently delete channels along with all related information including posts from the database.
.. note::
- Requires the :ref:`Enable API Channel Deletion ` configuration setting to be set to ``true``. If this configuration setting is set to ``false``, attempting to delete the channel using mmctl fails.
+ Requires the :ref:`Enable API Channel Deletion ` configuration setting to be set to ``true``. If this configuration setting is set to ``false``, attempting to delete the channel using mmctl fails.
**Format**
@@ -5905,7 +5905,7 @@ mmctl team delete
Permanently delete a team along with all related information including posts from the database.
.. note::
- Requires the :ref:`Enable API Team Deletion ` configuration setting to be set to ``true``. If this configuration setting is set to ``false``, attempting to delete the team using mmctl fails.
+ Requires the :ref:`Enable API Team Deletion ` configuration setting to be set to ``true``. If this configuration setting is set to ``false``, attempting to delete the team using mmctl fails.
**Format**
@@ -6661,7 +6661,7 @@ mmctl user delete
Permanently delete users along with all related information including posts from the database.
.. note::
- Requires the :ref:`Enable API User Deletion ` configuration setting to be set to ``true``. If this configuration setting is set to ``false``, attempting to delete the user using mmctl fails.
+ Requires the :ref:`Enable API User Deletion ` configuration setting to be set to ``true``. If this configuration setting is set to ``false``, attempting to delete the user using mmctl fails.
**Format**
diff --git a/source/administration-guide/admin-tools/request-server-health-check.rst b/source/administration-guide/admin-tools/request-server-health-check.rst
index b4d43d04913..2c5b19754f2 100644
--- a/source/administration-guide/admin-tools/request-server-health-check.rst
+++ b/source/administration-guide/admin-tools/request-server-health-check.rst
@@ -10,7 +10,7 @@ This evaluation provides you with insights based on your system’s configuratio
.. tip::
- Want to configure your own server health check probes for your self-hosted Mattermost deployment? See the :doc:`configure server health check probes ` documentation for details.
+ Want to configure your own server health check probes for your self-hosted Mattermost deployment? See the :doc:`configure server health check probes ` documentation for details.
Why request a Mattermost Health Check?
--------------------------------------
diff --git a/source/administration-guide/admin-tools/server-maintenance.rst b/source/administration-guide/admin-tools/server-maintenance.rst
index 7a1cb3c560d..f2377140ed6 100644
--- a/source/administration-guide/admin-tools/server-maintenance.rst
+++ b/source/administration-guide/admin-tools/server-maintenance.rst
@@ -10,24 +10,24 @@ Whether you’re installing a license key, performing backups, upgrading the ser
:hidden:
:titlesonly:
- Install a license key
+ Install a license key
Generate a support packet
Backup and disaster recovery
- Upgrade Mattermost server
+ Upgrade Mattermost server
Secure Mattermost
Mattermost error codes
- Logging
+ Logging
mmctl
CLI
Feature labels
-* :doc:`Install a license key ` - Learn how to install a license key for Mattermost.
+* :doc:`Install a license key ` - Learn how to install a license key for Mattermost.
* :doc:`Generate a support packet ` - Learn how to generate a support packet for Mattermost.
* :doc:`Backup and disaster recovery ` - Learn about backup and disaster recovery for Mattermost.
-* :doc:`Upgrade Mattermost server ` - Learn how to upgrading Mattermost server.
+* :doc:`Upgrade Mattermost server ` - Learn how to upgrading Mattermost server.
* :doc:`Secure Mattermost ` - Learn about securing Mattermost server.
* :doc:`Mattermost error codes ` - Learn about Mattermost error codes and troubleshooting.
-* :doc:`Logging ` - Learn how to customize logging options based on business practices and needs.
+* :doc:`Logging ` - Learn how to customize logging options based on business practices and needs.
* :doc:`mmctl ` - Learn about the mmctl command line tool for Mattermost.
* :doc:`CLI ` - Learn about command line tools for Mattermost.
* :doc:`Feature labels ` - Learn about Mattermost feature labels and their meanings.
\ No newline at end of file
diff --git a/source/administration-guide/admin-tools/telemetry.rst b/source/administration-guide/admin-tools/telemetry.rst
index 6b2e525b8f5..cc111776e74 100644
--- a/source/administration-guide/admin-tools/telemetry.rst
+++ b/source/administration-guide/admin-tools/telemetry.rst
@@ -43,7 +43,7 @@ The following data is collected once every 24 hours:
Opt out
~~~~~~~
-To opt out, you can disable this security update check feature for self-hosted deployments in the System Console by going to **Environment > SMTP > Enable Security Alerts**. See the :ref:`enable security alerts ` documentation for details. When this feature is disabled, you will not receive any security alerts.
+To opt out, you can disable this security update check feature for self-hosted deployments in the System Console by going to **Environment > SMTP > Enable Security Alerts**. See the :ref:`enable security alerts ` documentation for details. When this feature is disabled, you will not receive any security alerts.
Error and diagnostics reporting feature
---------------------------------------
@@ -62,7 +62,7 @@ Mattermost error and diagnostic data is collected for the following purposes:
Opt out
~~~~~~~
-To opt out, you can disable the error and diagnostics reporting feature for self-hosted deployments in the System Console by going to **Environment > Logging > Enable Diagnostics and Error Reporting**. See the :ref:`enable diagnostics and error reporting ` documentation for details.
+To opt out, you can disable the error and diagnostics reporting feature for self-hosted deployments in the System Console by going to **Environment > Logging > Enable Diagnostics and Error Reporting**. See the :ref:`enable diagnostics and error reporting ` documentation for details.
Deployment and server configuration data
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
@@ -175,7 +175,7 @@ Collaborative playbooks metadata is collected and sent every 24 hours. Visit the
Android Mobile App performance monitoring
-----------------------------------------
-To improve Android app performance, we are collecting trace events and device information, collectively known as metrics, to identify slow performing key areas. Those metrics will be sent only from users using the Android app Beta build starting in version v1.20, who are logged in to servers that allow sending :ref:`diagnostic information `.
+To improve Android app performance, we are collecting trace events and device information, collectively known as metrics, to identify slow performing key areas. Those metrics will be sent only from users using the Android app Beta build starting in version v1.20, who are logged in to servers that allow sending :ref:`diagnostic information `.
Trace events
Includes duration on how long the action took place like startup, team/channel switch, posts loading/update and channel drawer open/close. The naming convention is interpreted as ``[start observation]:[end observation]``, e.g. ``start:overall`` as from app start until fully rendered or ``post_list:thread`` as on press of post at post list until thread is opened.
diff --git a/source/administration-guide/compliance-security-auditing/compliance-export.rst b/source/administration-guide/compliance-security-auditing/compliance-export.rst
index 53be7070538..f47986267e7 100644
--- a/source/administration-guide/compliance-security-auditing/compliance-export.rst
+++ b/source/administration-guide/compliance-security-auditing/compliance-export.rst
@@ -27,8 +27,8 @@ Use the following guides to configure exports for `CSV <#csv>`__, `Actiance XML
.. note::
- - For self-hosted deployments, compliance exports are written to the ``exports`` subdirectory of the configured filestore in the chosen format. This will either be in the :ref:`Local Storage directory ` or the Mattermost S3 bucket if S3 storage is configured.
- - Alternatively, you can specify an alternate filestore target and generate an S3 presigned URL for compliance exports. See the :ref:`dedicated export filestore target ` configuration settings documentation for details.
+ - For self-hosted deployments, compliance exports are written to the ``exports`` subdirectory of the configured filestore in the chosen format. This will either be in the :ref:`Local Storage directory ` or the Mattermost S3 bucket if S3 storage is configured.
+ - Alternatively, you can specify an alternate filestore target and generate an S3 presigned URL for compliance exports. See the :ref:`dedicated export filestore target ` configuration settings documentation for details.
- Compliance exports don't contain posts sent before the feature was enabled. For self-hosted deployments, you can export past history via the ``export`` :doc:`command line tool <../manage/command-line-tools>`.
CSV
@@ -201,7 +201,7 @@ If the compliance export job is run automatically, manually via the System Conso
If the ``--exportFrom`` option is specified with the CLI command, all posts that have been made since the supplied timestamp will be exported.
-When run manually via the System Console, ``.csv`` and Actiance XML files are written to the ``exports`` subdirectory of the configured :ref:`Local Storage Directory `. Files will be written to a folder with names based on an epoch time range. Global Relay EML export format files will be mailed to the configured email address when run manually.
+When run manually via the System Console, ``.csv`` and Actiance XML files are written to the ``exports`` subdirectory of the configured :ref:`Local Storage Directory `. Files will be written to a folder with names based on an epoch time range. Global Relay EML export format files will be mailed to the configured email address when run manually.
Is there a maximum row limit for CSV files?
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
diff --git a/source/administration-guide/compliance-security-auditing/compliance-security-auditing-index.rst b/source/administration-guide/compliance-security-auditing/compliance-security-auditing-index.rst
index 0944f4f4d19..3fe8569f976 100644
--- a/source/administration-guide/compliance-security-auditing/compliance-security-auditing-index.rst
+++ b/source/administration-guide/compliance-security-auditing/compliance-security-auditing-index.rst
@@ -14,7 +14,6 @@ Meet organizational and regulatory requirements with policies, retention, legal
export-mattermost-channel-data
compliance-export
compliance-monitoring
- embedded-json-audit-log-schema
custom-terms-of-service
Align with compliance requirements, enforce retention and holds, and ensure complete auditability.
diff --git a/source/administration-guide/compliance-security-auditing/data-retention-policy.rst b/source/administration-guide/compliance-security-auditing/data-retention-policy.rst
index 376a2c90233..7bbf1a0bc25 100644
--- a/source/administration-guide/compliance-security-auditing/data-retention-policy.rst
+++ b/source/administration-guide/compliance-security-auditing/data-retention-policy.rst
@@ -48,7 +48,7 @@ You can also run the deletion job manually at any time by selecting **Run Deleti
.. note::
- If using data retention with :doc:`ElasticSearch `, ensure the :ref:`ElasticSearch aggregate search indexes ` setting is set to a value that is greater than your data retention policy in days.
+ If using data retention with :doc:`ElasticSearch `, ensure the :ref:`ElasticSearch aggregate search indexes ` setting is set to a value that is greater than your data retention policy in days.
Frequently Asked Questions (FAQs)
---------------------------------
diff --git a/source/administration-guide/compliance-security-auditing/legal-hold.rst b/source/administration-guide/compliance-security-auditing/legal-hold.rst
index e1e820e241b..ee3e99f2032 100644
--- a/source/administration-guide/compliance-security-auditing/legal-hold.rst
+++ b/source/administration-guide/compliance-security-auditing/legal-hold.rst
@@ -59,7 +59,7 @@ Configure the plugin
When the Legal Hold integration is enabled, you can configure when it runs using the format ``HH:MM ±HHMM`` and ``+0000`` for UTC.
-You can configure a custom Amazon S3 bucket for Legal Holds by specifying Amazon S3 configuration settings. If no S3 configuration is specified, the Mattermost server file store used. Learn more about file storage configuration options in our :ref:`product documentation `.
+You can configure a custom Amazon S3 bucket for Legal Holds by specifying Amazon S3 configuration settings. If no S3 configuration is specified, the Mattermost server file store used. Learn more about file storage configuration options in our :ref:`product documentation `.
(Optional) Configure a data retention policy
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
diff --git a/source/administration-guide/compliance-security-auditing/logging.rst b/source/administration-guide/compliance-security-auditing/logging.rst
index a4a53d40739..a87008993b3 100644
--- a/source/administration-guide/compliance-security-auditing/logging.rst
+++ b/source/administration-guide/compliance-security-auditing/logging.rst
@@ -27,12 +27,12 @@ System admins can customize the following logging options based on your business
Console logs
------------
-Console logs feature verbose debug level log messages for general and notification activities that are written to the console using the standard output stream (stdout). You can customize console logs for general and notification activities. See the :ref:`Logging configuration settings ` for details.
+Console logs feature verbose debug level log messages for general and notification activities that are written to the console using the standard output stream (stdout). You can customize console logs for general and notification activities. See the :ref:`Logging configuration settings ` for details.
File logs
---------
-File logs feature info level log messages for general and notification activities, including errors and information around startup, and initialization and webhook debug messages. The file is stored in ``./logs/mattermost.log``, rotated at 100 MB, and archived to a separate file in the same directory. You can customize file logs for general and notification activities. See the :ref:`Logging configuration settings ` for details.
+File logs feature info level log messages for general and notification activities, including errors and information around startup, and initialization and webhook debug messages. The file is stored in ``./logs/mattermost.log``, rotated at 100 MB, and archived to a separate file in the same directory. You can customize file logs for general and notification activities. See the :ref:`Logging configuration settings ` for details.
.. tip::
@@ -126,7 +126,7 @@ You can enable and customize advanced audit logging in Mattermost to record acti
Go to **System Console > Compliance > Audit Logging** to customize audit logging. You can use the sample JSON below as a starting point.
- You can customize console logs for :ref:`general ` and :ref:`notification ` activities.
+ You can customize console logs for :ref:`general ` and :ref:`notification ` activities.
Additionally, you can also output audit log records to any combination of `console <#console-target-configuration-options>`__, `local file <#file-target-configuration-options>`__, `syslog <#syslog-target-configuration-options>`__, and `TCP socket <#tcp-target-configuration-options>`__ targets, each featuring additional customization. See `Advanced Logging <#advanced-logging>`__ below for details.
@@ -519,12 +519,12 @@ Yes. When updating the audit log configuration via REST API, mmctl, or System Co
How do I omit incoming webhook details from the logs?
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-See :ref:`enable-webhook-debugging `
+See :ref:`enable-webhook-debugging `
How do I adjust the maximum log field size?
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-See :ref:`maximum-field-size `
+See :ref:`maximum-field-size `
How can I configure Advanced logging via environment variables?
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
diff --git a/source/administration-guide/configuration-reference/configuration-in-your-database.rst b/source/administration-guide/configuration-reference/configuration-in-your-database.rst
index 298846bfb46..4275b289ca5 100644
--- a/source/administration-guide/configuration-reference/configuration-in-your-database.rst
+++ b/source/administration-guide/configuration-reference/configuration-in-your-database.rst
@@ -16,7 +16,7 @@ Benefits to using this option:
The Mattermost configuration database and Mattermost application database are 2 different entities. It's possible to store Mattermost configuration in one database and Mattermost data in another database.
- To do so, you must update the :ref:`Datasource ` configuration setting to a new data source name, which can be done while the application is running. Explicitly setting the ``MM_SQLSETTINGS_DATASOURCE`` environment variable to override what has been defined in the configuration, whether it's in a database, or in a file, allows the correct data source name to be passed to the Mattermost application.
+ To do so, you must update the :ref:`Datasource ` configuration setting to a new data source name, which can be done while the application is running. Explicitly setting the ``MM_SQLSETTINGS_DATASOURCE`` environment variable to override what has been defined in the configuration, whether it's in a database, or in a file, allows the correct data source name to be passed to the Mattermost application.
How to migrate configuration to the database
--------------------------------------------
diff --git a/source/administration-guide/configuration-reference/configuration-reference-index.rst b/source/administration-guide/configuration-reference/configuration-reference-index.rst
index 3fef1b6ef3a..c2e221202d1 100644
--- a/source/administration-guide/configuration-reference/configuration-reference-index.rst
+++ b/source/administration-guide/configuration-reference/configuration-reference-index.rst
@@ -8,15 +8,11 @@ Reference documentation for all Mattermost configuration settings. Use these pag
:titlesonly:
configuration-settings
- system-attributes
environment-variables
- authentication-configuration-settings
- site-configuration-settings
- user-management-configuration-settings
+ server-configuration
integrations-configuration-settings
plugins-configuration-settings
reporting-configuration-settings
- compliance-configuration-settings
experimental-configuration-settings
deprecated-configuration-settings
rate-limiting-configuration-settings
@@ -31,7 +27,7 @@ Apply precise configuration changes with confidence, using fully documented and
- `Configure environment variables `_
- `Apply advanced options across all areas `_
-- :doc:`Server configuration `
+- :doc:`Server configuration `
- :doc:`Configuration settings `
- :doc:`Configuration in your database `
- :doc:`Deprecated configuration settings `
diff --git a/source/administration-guide/configuration-reference/configuration-settings.rst b/source/administration-guide/configuration-reference/configuration-settings.rst
index 5aa45579d5e..40d31de21c2 100644
--- a/source/administration-guide/configuration-reference/configuration-settings.rst
+++ b/source/administration-guide/configuration-reference/configuration-settings.rst
@@ -16,20 +16,11 @@ System admins for both self-hosted and Cloud Mattermost deployments can manage M
:hidden:
:titlesonly:
- Self-hosted workspace edition and license settings
- Cloud workspace subscription, billing, and account settings
Reporting configuration settings
- User management configuration settings
- System attributes
- Environment configuration settings
- Site configuration settings
- Authentication configuration settings
Plugins configuration settings
Integrations configuration settings
- Compliance configuration settings
Experimental configuration settings
Deprecated configuration settings
- Bleve search
Mattermost configuration settings are organized into the following categories within the System Console:
@@ -38,7 +29,7 @@ Mattermost configuration settings are organized into the following categories wi
- :doc:`Reporting configuration settings `
- :doc:`User management configuration settings `
- :doc:`System attributes `
-- :doc:`Environment configuration settings `
+- :doc:`Environment configuration settings `
- :doc:`Site configuration settings `
- :doc:`Authentication configuration settings `
- :doc:`Plugins configuration settings `
diff --git a/source/administration-guide/configuration-reference/experimental-configuration-settings.rst b/source/administration-guide/configuration-reference/experimental-configuration-settings.rst
index ef80c0344f5..f05375fb45b 100644
--- a/source/administration-guide/configuration-reference/experimental-configuration-settings.rst
+++ b/source/administration-guide/configuration-reference/experimental-configuration-settings.rst
@@ -999,7 +999,7 @@ File Location
This setting isn't available in the System Console and can only be set in ``config.json``.
-Set the file location of the compliance exports. By default, they are written to the ``exports`` subdirectory of the configured :ref:`Local Storage directory `.
+Set the file location of the compliance exports. By default, they are written to the ``exports`` subdirectory of the configured :ref:`Local Storage directory `.
+-------------------------------------------------------------------------------------------+
| This feature's ``config.json`` setting is ``"FileLocation": "export"`` with string input. |
@@ -1631,7 +1631,7 @@ The following values are currently supported:
- ``unsafe-eval``: Adds the ``unsafe-eval`` CSP directive to the root webapp, allowing increased debugging in developer environments.
- ``unsafe-inline``: Adds the ``unsafe-inline`` CSP directive to the root webapp, allowing increased debugging in developer environments.
-This configuration setting is disabled by default and requires :ref:`developer mode ` to be enabled.
+This configuration setting is disabled by default and requires :ref:`developer mode ` to be enabled.
+----------------------------------------------------------------------------------------+
| This feature's ``config.json`` setting is ``"DeveloperFlags": ""`` with string input. |
@@ -1680,7 +1680,7 @@ This setting isn't available in the System Console and can only be set in ``conf
.. important::
- This experimental configuration setting enables users to search documents attached to messages by filename. To enable users to search documents by their content, you must also enable the ``ExtractContent`` configuration setting. See our :ref:`Enable Document Search by Content ` documentation for details. Document content search is available in Mattermost Server from v5.35, with mobile support coming soon.
+ This experimental configuration setting enables users to search documents attached to messages by filename. To enable users to search documents by their content, you must also enable the ``ExtractContent`` configuration setting. See our :ref:`Enable Document Search by Content ` documentation for details. Document content search is available in Mattermost Server from v5.35, with mobile support coming soon.
**True**: Supported document types are searchable by their filename.
@@ -1736,7 +1736,7 @@ This setting isn't available in the System Console and can only be set in ``conf
+------------------------------------------------------------------------------------------------+
.. note::
- This is a client only override that doesn't affect the listening port of the server process which is controlled by the :ref:`Web server listen address ` setting.
+ This is a client only override that doesn't affect the listening port of the server process which is controlled by the :ref:`Web server listen address ` setting.
.. config:setting:: websocket-port
:displayname: Websocket port (Experimental)
@@ -1757,7 +1757,7 @@ This setting isn't available in the System Console and can only be set in ``conf
+----------------------------------------------------------------------------------------+
.. note::
- This is a client only override that doesn't affect the listening port of the server process which is controlled by the :ref:`Web server listen address ` setting.
+ This is a client only override that doesn't affect the listening port of the server process which is controlled by the :ref:`Web server listen address ` setting.
.. config:setting:: enable-local-mode-for-mmctl
diff --git a/source/administration-guide/configuration-reference/integrations-configuration-settings.rst b/source/administration-guide/configuration-reference/integrations-configuration-settings.rst
index fb6374c670e..e1ef37d967a 100644
--- a/source/administration-guide/configuration-reference/integrations-configuration-settings.rst
+++ b/source/administration-guide/configuration-reference/integrations-configuration-settings.rst
@@ -177,7 +177,7 @@ Enable integrations to override usernames
:configjson: .ServiceSettings.EnablePostIconOverride
:environment: MM_SERVICESETTINGS_ENABLEPOSTICONOVERRIDE
- - **true**: Webhooks, slash commands, and other integrations, such as :doc:`Zapier `, will be allowed to change the profile picture they post with.
+ - **true**: Webhooks, slash commands, and other integrations, such as Zapier, will be allowed to change the profile picture they post with.
- **false**: **(Default)** Webhooks, slash commands, and OAuth 2.0 apps can only post with the profile picture of the account they were set up with.
Enable integrations to override profile picture icons
@@ -294,7 +294,8 @@ Enable GIF picker
+------------------------------------------------------------------------------------------------------------+
.. important::
- :ref:`Link previews ` must be enabled in order to display GIF link previews. Mattermost deployments restricted to access behind a firewall must open port 443 (for all request types) for this feature to work.
+
+ :ref:`Link previews ` must be enabled in order to display GIF link previews. Mattermost deployments restricted to access behind a firewall must open port 443 (for all request types) for this feature to work.
----
@@ -325,7 +326,7 @@ Enable HTTP cross-origin requests from specific domains.
.. note::
- Ensure you've entered your :ref:`Site URL ` before enabling this setting to prevent losing access to the System Console after saving. If you lose access to the System Console after changing this setting, you can set your Site URL through the ``config.json`` file.
+ Ensure you've entered your :ref:`Site URL ` before enabling this setting to prevent losing access to the System Console after saving. If you lose access to the System Console after changing this setting, you can set your Site URL through the ``config.json`` file.
+--------------------------------------------------------------------------------------+
| This feature's ``config.json`` setting is ``"AllowCorsFrom": ""`` with string input. |
diff --git a/source/administration-guide/configuration-reference/plugins-configuration-settings.rst b/source/administration-guide/configuration-reference/plugins-configuration-settings.rst
index c05cd18b417..43fa922338f 100644
--- a/source/administration-guide/configuration-reference/plugins-configuration-settings.rst
+++ b/source/administration-guide/configuration-reference/plugins-configuration-settings.rst
@@ -137,7 +137,7 @@ Upload Plugin
.. note::
- When plugin uploads are enabled, the error ``Received invlaid response from the server`` when uploading a plugin file typically indicates that the
- :ref:`MaxFileSize ` configuration setting isn't large enough to support the plugin file upload. Additional proxy setting updateds
+ :ref:`MaxFileSize ` configuration setting isn't large enough to support the plugin file upload. Additional proxy setting updateds
may also be required.
- The ability to upload plugin files is disabled when the `Require plugin signature <#require-plugin-signature>`__ configuration setting is enabled.
diff --git a/source/administration-guide/configuration-reference/reporting-configuration-settings.rst b/source/administration-guide/configuration-reference/reporting-configuration-settings.rst
index 50a9154628e..06007d4c5aa 100644
--- a/source/administration-guide/configuration-reference/reporting-configuration-settings.rst
+++ b/source/administration-guide/configuration-reference/reporting-configuration-settings.rst
@@ -60,7 +60,7 @@ Server logs
.. tip::
- From Mattermost v10.9, you can toggle between JSON and plain text server logs in the System Console when console log output is configured as :ref:`JSON ` by specifying the log format as **JSON** or **Plain text**. This option is located in the top right corner of the page **Server logs** page.
+ From Mattermost v10.9, you can toggle between JSON and plain text server logs in the System Console when console log output is configured as :ref:`JSON ` by specifying the log format as **JSON** or **Plain text**. This option is located in the top right corner of the page **Server logs** page.
----
diff --git a/source/administration-guide/configuration-reference/server-configuration.rst b/source/administration-guide/configuration-reference/server-configuration.rst
index 88819371a4e..93694d19cf3 100644
--- a/source/administration-guide/configuration-reference/server-configuration.rst
+++ b/source/administration-guide/configuration-reference/server-configuration.rst
@@ -12,30 +12,30 @@ Whether you’re setting up email notifications, optimizing search capabilities,
Store configuration in your database
Server configuration options
- Set up attribute-based access controls
- Set up Mattermost Agents
- Install Mattermost Boards
- Manage user attributes
+ Set up attribute-based access controls
+ Set up Mattermost Agents
+ Install Mattermost Boards
+ Manage user attributes
Environment variables
- Customize the server
- SMTP email setup
- Email templates
- Chinese, Japanese, and Korean search
+ Customize the server
+ SMTP email setup
+ Email templates
+ Chinese, Japanese, and Korean search
SSL client certificate setup
Connected workspaces
Telemetry
* :doc:`Store configuration in your database ` - Learn how to store configuration information in your Mattermost database rather than as a JSON file.
* :doc:`Server configuration options ` - Learn about server configuration options for Mattermost.
-* :doc:`Set up attribute-based access controls ` - Learn how to set up attribute-based access controls for your Mattermost instance for Zero Trust Security.
-* :doc:`Set up Mattermost Agents` - Learn how to enable AI-powered Agents for your Mattermost instance.
-* :doc:`Install Mattermost Boards ` - Learn how to install and configure the Boards plugin for your Mattermost instance.
-* :doc:`Manage custom user attributes ` - Learn how to manage custom user attributes in user profiles in Mattermost.
+* :doc:`Set up attribute-based access controls ` - Learn how to set up attribute-based access controls for your Mattermost instance for Zero Trust Security.
+* :doc:`Set up Mattermost Agents` - Learn how to enable AI-powered Agents for your Mattermost instance.
+* :doc:`Install Mattermost Boards ` - Learn how to install and configure the Boards plugin for your Mattermost instance.
+* :doc:`Manage custom user attributes ` - Learn how to manage custom user attributes in user profiles in Mattermost.
* :doc:`Environment variables ` - Learn how to use environment variables for Mattermost configuration.
-* :doc:`Customize the server ` - Learn about customizing branding for Mattermost server.
-* :doc:`SMTP email setup ` - Learn how to set up SMTP email for Mattermost.
-* :doc:`Email templates ` - Learn about customizing email templates for Mattermost.
-* :doc:`Chinese, Japanese, and Korean search ` - Learn about enabling Chinese, Japanese, and Korean search for Mattermost.
+* :doc:`Customize the server ` - Learn about customizing branding for Mattermost server.
+* :doc:`SMTP email setup ` - Learn how to set up SMTP email for Mattermost.
+* :doc:`Email templates ` - Learn about customizing email templates for Mattermost.
+* :doc:`Chinese, Japanese, and Korean search ` - Learn about enabling Chinese, Japanese, and Korean search for Mattermost.
* :doc:`SSL client certificate setup ` - Learn how to set up SSL client certificates for Mattermost.
* :doc:`Connected workspaces ` - Learn how to connect Mattermost workspaces.
* :doc:`Telemetry ` - Learn about Mattermost telemetry and data collection.
\ No newline at end of file
diff --git a/source/administration-guide/getting-started/admin-onboarding-tasks.rst b/source/administration-guide/getting-started/admin-onboarding-tasks.rst
index d509249f2c5..ac837e285a8 100644
--- a/source/administration-guide/getting-started/admin-onboarding-tasks.rst
+++ b/source/administration-guide/getting-started/admin-onboarding-tasks.rst
@@ -105,11 +105,11 @@ To enable integrations such as webhooks, slash commands, OAuth2.0, and bots, to
**3. Enable automatically extended sessions**
-Keep your desktop and mobile users logged in and `extend user sessions automatically `__ by setting **System Console > Sessions > Extend session length with activity** to **true**. See the :ref:`Extend session length with activity ` configuration settings documentation for details.
+Keep your desktop and mobile users logged in and `extend user sessions automatically `__ by setting **System Console > Sessions > Extend session length with activity** to **true**. See the :ref:`Extend session length with activity ` configuration settings documentation for details.
**4. Enable full content push notifications**
-Enable push notifications on mobile devices to deliver messages in real time by setting **System Console > Push Notification Server > Enable Push Notifications** to **Use TPNS**. See the :ref:`Push notification server ` configuration settings documentation for details.
+Enable push notifications on mobile devices to deliver messages in real time by setting **System Console > Push Notification Server > Enable Push Notifications** to **Use TPNS**. See the :ref:`Push notification server ` configuration settings documentation for details.
Enable full content push notifications, including the sender’s name, the channel name, and the message text, by setting **System Console > Notifications > Push Notification Contents** to **Full message contents**. See the :ref:`Push notification contents ` configuration settings documentation for details.
@@ -137,7 +137,7 @@ Link previews provide a visual glimpse of relevant content for links shared in m
Email notifications can be batched together so users don’t get overwhelmed with too many emails.
-Enable email notifications first by setting **System Console > Notifications > Enable Email Notifications** to **true**. See the :ref:`Enable email notifications ` configuration settings documentation for details. Note that email notifications require an :ref:`SMTP email server ` to be configured.
+Enable email notifications first by setting **System Console > Notifications > Enable Email Notifications** to **true**. See the :ref:`Enable email notifications ` configuration settings documentation for details. Note that email notifications require an :ref:`SMTP email server ` to be configured.
Then, enable batched email notifications by setting **System Console > Notifications > Enable Email Batching** to **true**. See the :ref:`Enable email batching ` configuration settings documentation for details. Note that email batching is not available if you are running your deployment in :doc:`High Availability `.
@@ -145,4 +145,4 @@ Then, enable batched email notifications by setting **System Console > Notificat
Mattermost Enterprise customers can enable :doc:`enterprise search ` for optimized search performance at enterprise-scale. Both Elasticsearch and AWS OpenSearch solve many known issues with full text database search, such as dots, dashes, and email addresses returning unexpected results.
-Enable Elasticsearch by setting **System Console > Elasticsearch > Enable Indexing** to **true**. See the :ref:`Elasticsearch ` configuration settings documentation for details. Enabling Elasticsearch requires :ref:`setting up an Elasticsearch server `.
+Enable Elasticsearch by setting **System Console > Elasticsearch > Enable Indexing** to **true**. See the :ref:`Elasticsearch ` configuration settings documentation for details. Enabling Elasticsearch requires :ref:`setting up an Elasticsearch server `.
diff --git a/source/administration-guide/getting-started/bulk-loading-data.rst b/source/administration-guide/getting-started/bulk-loading-data.rst
index 9f30ee8d065..dc9424b58d6 100644
--- a/source/administration-guide/getting-started/bulk-loading-data.rst
+++ b/source/administration-guide/getting-started/bulk-loading-data.rst
@@ -1600,7 +1600,7 @@ Common issues
Run the bulk import command as the *mattermost* user. Running it as *root* or any other user will cause issues with file permissions on imported attachments.
-Ensure that :ref:`file attachments are enabled `, that you have enough free space in your :ref:`file storage system ` to support the incoming attachments, and that your :ref:`maximum file size ` is appropriate.
+Ensure that :ref:`file attachments are enabled `, that you have enough free space in your :ref:`file storage system ` to support the incoming attachments, and that your :ref:`maximum file size ` is appropriate.
Make sure you have enough free space for logs on the Mattermost server as well as free space on the database server for both the database itself and transaction logs.
diff --git a/source/administration-guide/getting-started/environment-configuration-settings.rst b/source/administration-guide/getting-started/environment-configuration-settings.rst
index d6ace388198..0a4e565db3f 100644
--- a/source/administration-guide/getting-started/environment-configuration-settings.rst
+++ b/source/administration-guide/getting-started/environment-configuration-settings.rst
@@ -944,20 +944,20 @@ Recycle database connections
Disable database search
~~~~~~~~~~~~~~~~~~~~~~~
-+------------------------------------------------------------------------------------+-------------------------------------------------------------------------------------+
++-------------------------------------------------------------------------------------------------+-------------------------------------------------------------------------------------+
| When `enterprise-scale search `, | - System Config path: **Environment > Database** |
-| database search can be disabled from performing searches. | - ``config.json`` setting: ``SqlSettings`` > ``DisableDatabaseSearch`` > ``false`` |
-| | - Environment variable: ``MM_SQLSETTINGS_DISABLEDATABASESEARCH`` |
-| - **true**: Disables the use of the database to perform | |
-| searches. If another search engine isn't configured, | |
-| setting this value to ``true`` will result in empty search | |
-| results. | |
-| - **false**: **(Default)** Database search isn't disabled. | |
-+------------------------------------------------------------------------------------+-------------------------------------------------------------------------------------+
+| database search can be disabled from performing searches. | - ``config.json`` setting: ``SqlSettings`` > ``DisableDatabaseSearch`` > ``false`` |
+| | - Environment variable: ``MM_SQLSETTINGS_DISABLEDATABASESEARCH`` |
+| - **true**: Disables the use of the database to perform | |
+| searches. If another search engine isn't configured, | |
+| setting this value to ``true`` will result in empty search | |
+| results. | |
+| - **false**: **(Default)** Database search isn't disabled. | |
++-------------------------------------------------------------------------------------------------+-------------------------------------------------------------------------------------+
Search behavior in Mattermost depends on which search engines are enabled:
-- When :doc:`Elasticsearch ` or :doc:`AWS OpenSearch ` is enabled, Mattermost will try to use it first.
+- When :doc:`Elasticsearch ` or :doc:`AWS OpenSearch ` is enabled, Mattermost will try to use it first.
- If Elasticsearch fails or is disabled, Mattermost will attempt to use :doc:`Bleve `, if enabled. If this occurs, you will see the warning ``Encountered error on SearchPostsInTeamForUser``.
- If these fail or are disabled, Mattermost tries to search the database directly, if this is enabled.
- If all of the above methods fail or are disabled, the search results will be empty.
@@ -1261,7 +1261,7 @@ Enable Elasticsearch indexing
Backend type
~~~~~~~~~~~~~
-Both :doc:`Elasticsearch ` and :doc:`AWS OpenSearch ` provide enterprise-scale deployments with optimized search performance and prevents performance degradation and timeouts. Learn more about :doc:`enterprise search ` in our product documentation.
+Both :doc:`Elasticsearch ` and :doc:`AWS OpenSearch ` provide enterprise-scale deployments with optimized search performance and prevents performance degradation and timeouts. Learn more about :doc:`enterprise search ` in our product documentation.
+----------------------------------------------------+--------------------------------------------------------------------------------------------+
| The type of search backend. | - System Config path: **Environment > Elasticsearch** |
@@ -2675,7 +2675,7 @@ Push notification server
.. include:: ../../_static/badges/allplans-selfhosted.rst
:start-after: :nosearch:
-.. include:: push-notification-server-configuration-settings.rst
+.. include:: ../configuration-reference/push-notification-server-configuration-settings.rst
:start-after: :nosearch:
----
@@ -2928,7 +2928,7 @@ Rate limiting
.. include:: ../../_static/badges/allplans-selfhosted.rst
:start-after: :nosearch:
-.. include:: rate-limiting-configuration-settings.rst
+.. include:: ../configuration-reference/rate-limiting-configuration-settings.rst
:start-after: :nosearch:
----
@@ -4576,37 +4576,37 @@ Enable webhub channel iteration
Enable dedicated export filestore target
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-+--------------------------------------------------------------------------------------+-------------------------------------------------------------------------+
-| Enables the ability to specify an alternate filestore | - System Config path: **N/A** |
-| target for Mattermost | - ``config.json`` setting: ``FileSettings`` > ``DedicatedExportStore`` |
-| :doc:`bulk exports ` and | - Environment variable: ``MM_FILESETTINGS_DEDICATEDEXPORTSTORE`` |
-| :doc:`compliance exports `. | |
-| | |
-| - **True**: A new ``ExportFileBackend()`` is generated | |
-| under ``FileSettings`` using new configuration values | |
-| for the following configuration settings: | |
-| | |
-| - ``ExportDriverName`` | |
-| - ``ExportDirectory`` | |
-| - ``ExportAmazonS3AccessKeyId`` | |
-| - ``ExportAmazonS3SecretAccessKey`` | |
-| - ``ExportAmazonS3Bucket`` | |
-| - ``ExportAmazonS3PathPrefix`` | |
-| - ``ExportAmazonS3Region`` | |
-| - ``ExportAmazonS3Endpoint`` | |
-| - ``ExportAmazonS3SSL`` | |
-| - ``ExportAmazonS3SignV2`` | |
-| - ``ExportAmazonS3SSE`` | |
-| - ``ExportAmazonS3Trace`` | |
-| - ``ExportAmazonS3RequestTimeoutMilliseconds`` | |
-| - ``ExportAmazonS3PresignExpiresSeconds`` | |
-| | |
-| - **False**: (**Default**) Standard | |
-| :ref:`file storage | |
-| ` | |
-| is used. Standard file storage will also be used when the configuration setting | |
-| or value is omitted. | |
-+--------------------------------------------------------------------------------------+-------------------------------------------------------------------------+
++------------------------------------------------------------------------------------------------------+-------------------------------------------------------------------------+
+| Enables the ability to specify an alternate filestore | - System Config path: **N/A** |
+| target for Mattermost | - ``config.json`` setting: ``FileSettings`` > ``DedicatedExportStore`` |
+| :doc:`bulk exports ` and | - Environment variable: ``MM_FILESETTINGS_DEDICATEDEXPORTSTORE`` |
+| :doc:`compliance exports `. | |
+| | |
+| - **True**: A new ``ExportFileBackend()`` is generated | |
+| under ``FileSettings`` using new configuration values | |
+| for the following configuration settings: | |
+| | |
+| - ``ExportDriverName`` | |
+| - ``ExportDirectory`` | |
+| - ``ExportAmazonS3AccessKeyId`` | |
+| - ``ExportAmazonS3SecretAccessKey`` | |
+| - ``ExportAmazonS3Bucket`` | |
+| - ``ExportAmazonS3PathPrefix`` | |
+| - ``ExportAmazonS3Region`` | |
+| - ``ExportAmazonS3Endpoint`` | |
+| - ``ExportAmazonS3SSL`` | |
+| - ``ExportAmazonS3SignV2`` | |
+| - ``ExportAmazonS3SSE`` | |
+| - ``ExportAmazonS3Trace`` | |
+| - ``ExportAmazonS3RequestTimeoutMilliseconds`` | |
+| - ``ExportAmazonS3PresignExpiresSeconds`` | |
+| | |
+| - **False**: (**Default**) Standard | |
+| :ref:`file storage | |
+| ` | |
+| is used. Standard file storage will also be used when the configuration setting | |
+| or value is omitted. | |
++------------------------------------------------------------------------------------------------------+-------------------------------------------------------------------------+
.. note::
diff --git a/source/administration-guide/getting-started/migration.rst b/source/administration-guide/getting-started/migration.rst
index 2e0653403fe..be20862349b 100644
--- a/source/administration-guide/getting-started/migration.rst
+++ b/source/administration-guide/getting-started/migration.rst
@@ -13,13 +13,13 @@ Whether you’re migrating from another platform, upgrading your database, or us
Migrate from MySQL to PostgreSQL
Server migration guide
Migrate from Slack
- Bulk export tool
+ Bulk export tool
Bulk loading tool
Migration announcement email template
* :doc:`Migrate from MySQL to PostgreSQL ` - Learn how to migrate from MySQL to PostgreSQL.
* :doc:`Server migration guide ` - Learn about about migrating to Mattermost.
* :doc:`Migrate from Slack ` - Learn how to migrate from Slack to Mattermost.
-* :doc:`Bulk export tool ` - Learn about the bulk export tool for Mattermost.
+* :doc:`Bulk export tool ` - Learn about the bulk export tool for Mattermost.
* :doc:`Bulk loading tool ` - Learn about the bulk loading tool for Mattermost.
* :doc:`Migration announcement email template ` - Use this email template to notify your users that you've migrated to Mattermost.
\ No newline at end of file
diff --git a/source/administration-guide/getting-started/roll-out-checklist.rst b/source/administration-guide/getting-started/roll-out-checklist.rst
index f641ab21158..94155149696 100644
--- a/source/administration-guide/getting-started/roll-out-checklist.rst
+++ b/source/administration-guide/getting-started/roll-out-checklist.rst
@@ -159,7 +159,7 @@ Much of the preparation work is focused on ensuring the environment is deployed
- Set up Elasticsearch (highly recommended if your organization anticipates over two million posts)
- - Resource: https://docs.mattermost.com/administration-guide/operations-scaling/elasticsearch-setup.html
+ - Resource: https://docs.mattermost.com/administration-guide/platform-features/elasticsearch-setup.html
- Document network configuration
@@ -230,7 +230,7 @@ Now that you have an environment in place, we recommend working through the foll
- (Optional) Migrate messages and channels from legacy systems
- - Resource: :doc:`Migrating to Mattermost `
+ - Resource: https://docs.mattermost.com/administration-guide/getting-started/migrating-to-mattermost.html
2. Enable key integrations
^^^^^^^^^^^^^^^^^^^^^^^^^^
@@ -295,7 +295,7 @@ Now that you have an environment in place, we recommend working through the foll
- (Optional) Bulk Load users
- - Resource: :doc:`Bulk loading data `
+ - Resource: https://docs.mattermost.com/administration-guide/getting-started/bulk-loading-data.html
- Onboard users to teams and channels
@@ -326,8 +326,8 @@ Now that you have an environment in place, we recommend working through the foll
- Understand management tools available to support users
- - mmctl Command Line Tool Resource: :doc:`mmctl `
- - Command Line Tools Resource: :doc:`CLI `
+ - mmctl Command Line Tool Resource: https://docs.mattermost.com/administration-guide/admin-tools/mmctl-command-line-tool.html
+ - Command Line Tools Resource: https://docs.mattermost.com/administration-guide/admin-tools/command-line-tools.html
Review the roll out
~~~~~~~~~~~~~~~~~~~
@@ -352,7 +352,7 @@ We recommend that you review your rollout on a cadence that matches your iterati
- Monitor site and team statistics
- - Resource: :doc:`Statistics `
+ - Resource: https://docs.mattermost.com/administration-guide/admin-tools/statistics.html
- Review: Total posts, total teams, total channels, total group chats, total direct chats, top channels, top teams
- Analyze usage by lines of business and peak usage times
diff --git a/source/administration-guide/getting-started/site-configuration-settings.rst b/source/administration-guide/getting-started/site-configuration-settings.rst
index 094ba211458..13bfb1dc8cc 100644
--- a/source/administration-guide/getting-started/site-configuration-settings.rst
+++ b/source/administration-guide/getting-started/site-configuration-settings.rst
@@ -979,10 +979,10 @@ Enable email batching
.. note::
- Cloud admins can't modify this configuration setting.
- - The :ref:`Site Url ` and :ref:`SMTP Email Server ` must be configured to allow email batching.
+ - The :ref:`Site Url ` and :ref:`SMTP Email Server ` must be configured to allow email batching.
- Regardless of how this setting is configured, users can :ref:`disable email-based notifications altogether `.
- When email batching is enabled, users can :ref:`customize how often to receive batched notifications `. The default frequency is 15 minutes.
- - Email batching in :ref:`High Availability Mode ` is planned, but not yet supported.
+ - Email batching in :ref:`High Availability Mode ` is planned, but not yet supported.
.. config:setting:: email-notification-contents
:displayname: Email notification contents (Notifications)
@@ -1927,7 +1927,7 @@ Access the following configuration settings in the System Console by going to **
:configjson: .AnnouncementSettings.AdminNoticesEnabled
:environment: MM_ANNOUNCEMENTSETTINGS_ADMINNOTICESENABLED
- - **true**: **(Default)** System admins will receive :doc:`in-product notices ` about server upgrades and administration features.
+ - **true**: **(Default)** System admins will receive `in-product notices `__ about server upgrades and administration features.
- **false**: System admins will not receive specific notices. Admins will still receive notices for all users (see **Enable end user notices**).
Enable admin notices
@@ -1945,7 +1945,7 @@ Enable admin notices
:configjson: .AnnouncementSettings.UserNoticesEnabled
:environment: MM_ANNOUNCEMENTSETTINGS_USERNOTICESENABLED
- - **true**: **(Default)** All users receive :doc:`in-product notices ` about client upgrades and end user features.
+ - **true**: **(Default)** All users receive `in-product notices `__ about client upgrades and end user features.
- **false**: Users will not receive in-product notices.
Enable end user notices
diff --git a/source/administration-guide/identity-access/attributes/system-attributes.rst b/source/administration-guide/identity-access/attributes/system-attributes.rst
index f2a630a7254..a6cc8e07b2a 100644
--- a/source/administration-guide/identity-access/attributes/system-attributes.rst
+++ b/source/administration-guide/identity-access/attributes/system-attributes.rst
@@ -1,7 +1,7 @@
System Attributes
=================
-.. include:: ../../_static/badges/ent-cloud-selfhosted.rst
+.. include:: ../../../_static/badges/ent-cloud-selfhosted.rst
:start-after: :nosearch:
System attributes configuration settings provide system admins with centralized control over key user account properties.
diff --git a/source/administration-guide/identity-access/authentication-methods/active-directory/ad-ldap-groups-synchronization.rst b/source/administration-guide/identity-access/authentication-methods/active-directory/ad-ldap-groups-synchronization.rst
index bf84a9039ad..e0d943149b7 100644
--- a/source/administration-guide/identity-access/authentication-methods/active-directory/ad-ldap-groups-synchronization.rst
+++ b/source/administration-guide/identity-access/authentication-methods/active-directory/ad-ldap-groups-synchronization.rst
@@ -3,7 +3,7 @@
AD/LDAP groups
==============
-.. include:: ../../_static/badges/ent-cloud-selfhosted.rst
+.. include:: ../../../../_static/badges/ent-cloud-selfhosted.rst
:start-after: :nosearch:
Overview
@@ -48,8 +48,8 @@ To synchronize specific AD/LDAP groups to Mattermost, specify the ``Group ID Att
Additionally, you can specify the **Group** filter used to retrieve groups. If the **Group** filter configuration is left blank, then all groups matching the default filter ``(|(objectClass=group)(objectClass=groupOfNames)(objectClass=groupOfUniqueNames))`` are returned. Attribute values for **Group ID** and **Group Display Name** are case-sensitive.
-.. image:: ../../images/Group_filter.png
- :alt: Specify the group filter in the System Console by going to Authentication > AD/LDAP.
+.. image:: /images/Group_filter.png
+ :alt: Group filter
Group synchronization occurs after user synchronization and results for group synchronization are available on the synchonization status table (located at the bottom of the **AD/LDAP** configuration page). After the AD/LDAP groups have been synchronized, go to **System Console > User Management > Groups** to link and configure Mattermost groups.
@@ -62,20 +62,20 @@ On subsequent synchronizations and once groups are linked:
- Mattermost groups that are linked to AD/LDAP groups no longer included in your filter are deleted.
- Users removed from an AD/LDAP group are removed from the linked Mattermost group, but their channel and team membership is only revoked when the channel or team is synchronized to an AD/LDAP group.
-.. image:: ../../images/Group_Group_Member_Sync.png
+.. image:: /images/Group_Group_Member_Sync.png
Link AD/LDAP groups to Mattermost groups
-----------------------------------------
Groups that have been returned from the default filter or your AD/LDAP group filter will be available in a list view on the Groups page. The link action will create Mattermost groups corresponding to the AD/LDAP group. AD/LDAP groups linked to a Mattermost group will display the **Linked** icon. AD/LDAP groups that have not been linked to a Mattermost group will display the **Not Linked** icon. An AD/LDAP group that is not linked does not create a Mattermost group.
-.. image:: ../../images/Groups_listing.png
+.. image:: /images/Groups_listing.png
You can link groups individually by the inline **Linked** button and use the checkbox next to the group name to select multiple groups and choose **Link Selected Groups**. When selecting multiple groups with a mix of **Linked** and **Not Linked** states, the bulk action of the button will be **Link Selected Groups** until all selected are marked **Linked**. Using the bulk action speeds the process of creating Mattermost groups from your AD/LDAP Groups.
If you see a **Link Failed** message, either select the message, or check the box alongside the group name to expose the inline link message and try again.
-.. image:: ../../images/LinkFailed.png
+.. image:: /images/LinkFailed.png
Configure the linked group
--------------------------
@@ -87,7 +87,7 @@ Add default teams or channels for the group
To add the teams and channels that you want the group members to default in, select either **Add Team** or **Add Channel** from the **Add Team or Channel** button. You can assign roles to group members using the options provided in the **Assigned Roles** column. Roles are updated on the next scheduled AD/LDAP synchronization.
-.. image:: ../../images/Group_Configuration.png
+.. image:: /images/Group_Configuration.png
Channels are nested below the team they belong to in the team and channel list. The following table describes the icons available on this page and what they indicate:
@@ -126,7 +126,7 @@ It may take a few seconds to load all team and channel memberships for a user de
.. note::
Users aren't removed from the team or channel on subsequent synchronizations of the AD/LDAP groups. Users need to be manually removed from the team or channel per the existing functionality. They won't be automatically re-added if they were manually removed or removed themselves. To manage a team or Private channel membership with synchronized groups, please see the section below on **Disable and re-activate AD/LDAP users** for details.
-.. image:: ../../images/Team_Channel_Membership_Sync.png
+.. image:: /images/Team_Channel_Membership_Sync.png
Remove configured teams and channels from a group
--------------------------------------------------
@@ -138,7 +138,7 @@ View users belonging to the group
Users who have logged in and accessed Mattermost will be visible in the members list on the group object. Members are read-only at this time and new members can be added through management in your AD/LDAP system.
-.. image:: ../../images/Group_Members.png
+.. image:: /images/Group_Members.png
Users can be removed from the Mattermost group on subsequent synchronizations. However, they won't be removed from teams and channels unless the team or channel is group-synchronized.
diff --git a/source/administration-guide/identity-access/authentication-methods/active-directory/ad-ldap.rst b/source/administration-guide/identity-access/authentication-methods/active-directory/ad-ldap.rst
index 3e95a9743b2..9acb79db221 100644
--- a/source/administration-guide/identity-access/authentication-methods/active-directory/ad-ldap.rst
+++ b/source/administration-guide/identity-access/authentication-methods/active-directory/ad-ldap.rst
@@ -1,15 +1,15 @@
AD/LDAP setup
=============
-.. include:: ../../_static/badges/ent-pro-cloud-selfhosted.rst
+.. include:: ../../../../_static/badges/ent-pro-cloud-selfhosted.rst
:start-after: :nosearch:
.. toctree::
:maxdepth: 1
:titlesonly:
- /identity-access/authentication-methods/active-directory/ad-ldap-groups-synchronization
- /identity-access/authentication-methods/active-directory/managing-team-channel-membership-using-ad-ldap-sync-groups
+ /administration-guide/identity-access/authentication-methods/active-directory/ad-ldap-groups-synchronization
+ /administration-guide/identity-access/authentication-methods/active-directory/managing-team-channel-membership-using-ad-ldap-sync-groups
Overview
--------
diff --git a/source/administration-guide/identity-access/authentication-methods/active-directory/managing-team-channel-membership-using-ad-ldap-sync-groups.rst b/source/administration-guide/identity-access/authentication-methods/active-directory/managing-team-channel-membership-using-ad-ldap-sync-groups.rst
index ae9e5a4c5d9..ebe1bc0d0e9 100644
--- a/source/administration-guide/identity-access/authentication-methods/active-directory/managing-team-channel-membership-using-ad-ldap-sync-groups.rst
+++ b/source/administration-guide/identity-access/authentication-methods/active-directory/managing-team-channel-membership-using-ad-ldap-sync-groups.rst
@@ -3,7 +3,7 @@
Using AD/LDAP synchronized groups to manage team or private channel membership
------------------------------------------------------------------------------
-.. include:: ../../_static/badges/ent-cloud-selfhosted.rst
+.. include:: ../../../../_static/badges/ent-cloud-selfhosted.rst
:start-after: :nosearch:
Mattermost groups created with :doc:`synchronized AD/LDAP groups ` can be used to manage the membership of private teams and private channels. When a team or private channel is managed by synchronized groups, users will be added and removed based on their membership to the synchronized AD/LDAP group.
diff --git a/source/administration-guide/identity-access/authentication-methods/saml-based-sso/sso-saml-adfs-msws2016.rst b/source/administration-guide/identity-access/authentication-methods/saml-based-sso/sso-saml-adfs-msws2016.rst
index 987560bbca5..2c8b123e174 100644
--- a/source/administration-guide/identity-access/authentication-methods/saml-based-sso/sso-saml-adfs-msws2016.rst
+++ b/source/administration-guide/identity-access/authentication-methods/saml-based-sso/sso-saml-adfs-msws2016.rst
@@ -29,29 +29,29 @@ Add a relying party trust
3. On the **Select Data Source** screen, select **Enter data about the relying party manually**.
- .. image:: ../../images/SSO-SAML-ADFS_add-new-relying-party-trust_002.png
+ .. image:: /images/SSO-SAML-ADFS_add-new-relying-party-trust_002.png
4. On the **Specify Display Name** screen, enter a **Display Name** (e.g., ``Mattermost``). You can add optional notes.
- .. image:: ../../images/SSO-SAML-ADFS_add-new-relying-party-trust_003.png
+ .. image:: /images/SSO-SAML-ADFS_add-new-relying-party-trust_003.png
5. On the **Configure Certificate** screen, leave the certificate settings at their default values.
- .. image:: ../../images/SSO-SAML-ADFS_add-new-relying-party-trust_004.png
+ .. image:: /images/SSO-SAML-ADFS_add-new-relying-party-trust_004.png
If you would like to set up encryption for your SAML connection, select **Browse**, then upload your Service Provider Public Certificate.
- .. image:: ../../images/SSO-SAML-ADFS_add-new-relying-party-trust_005.png
+ .. image:: /images/SSO-SAML-ADFS_add-new-relying-party-trust_005.png
-6. On the **Configure URL** screen, select **Enable Support for the SAML 2.0 WebSSO protocol**, then enter the **SAML 2.0 SSO service URL** in the following format:``https:///login/sso/saml`` where ```` should typically match the :ref:`Mattermost Site URL `.
+6. On the **Configure URL** screen, select **Enable Support for the SAML 2.0 WebSSO protocol**, then enter the **SAML 2.0 SSO service URL** in the following format:``https:///login/sso/saml`` where ```` should typically match the :ref:`Mattermost Site URL `.
- .. image:: ../../images/SSO-SAML-ADFS_add-new-relying-party-trust_006.png
+ .. image:: /images/SSO-SAML-ADFS_add-new-relying-party-trust_006.png
-7. On the **Configure Identifiers** screen, enter the **Relying party trust identifier**. This identifies the claims being requested. The **SAML 2.0 SSO service URL** format should be ``https:///login/sso/saml`` where ```` matches your :ref:`Mattermost Site URL `. Then choose **Next**.
+7. On the **Configure Identifiers** screen, enter the **Relying party trust identifier**. This identifies the claims being requested. The **SAML 2.0 SSO service URL** format should be ``https:///login/sso/saml`` where ```` matches your :ref:`Mattermost Site URL `. Then choose **Next**.
- .. image:: ../../images/SSO-SAML-ADFS_add-new-relying-party-trust_007.png
+ .. image:: /images/SSO-SAML-ADFS_add-new-relying-party-trust_007.png
- .. image:: ../../images/SSO-SAML-ADFS_add-new-relying-party-trust_008.png
+ .. image:: /images/SSO-SAML-ADFS_add-new-relying-party-trust_008.png
This string must match the **Service Provider Identifier** string. For more information about the Relying party trust identifier and how prefix matching is applied see `this documentation `_.
@@ -59,26 +59,26 @@ Add your **SAML 2.0 SSO service URL** using this same process.
8. On the **Choose Access Control Policy** screen, select the access control policy suitable for your environment. This guide assumes the default values **Permit everyone** and an unchecked box.
- .. image:: ../../images/SSO-SAML-ADFS_add-new-relying-party-trust_009.png
+ .. image:: /images/SSO-SAML-ADFS_add-new-relying-party-trust_009.png
9. On the **Ready to Add Trust** screen, review your settings.
- .. image:: ../../images/SSO-SAML-ADFS_add-new-relying-party-trust_010.png
+ .. image:: /images/SSO-SAML-ADFS_add-new-relying-party-trust_010.png
10. On the **Finish** screen, select **Configure claims issuance policy for this application**, then select **Close**.
- .. image:: ../../images/SSO-SAML-ADFS_add-new-relying-party-trust_011.png
+ .. image:: /images/SSO-SAML-ADFS_add-new-relying-party-trust_011.png
Create claim rules
------------------
1. In the **Issuance Transform Rules** tab of the **Claim Rules** editor, select **Add Rule…**.
- .. image:: ../../images/SSO-SAML-ADFS_create-claim-rules_001.png
+ .. image:: /images/SSO-SAML-ADFS_create-claim-rules_001.png
2. On the **Choose Rule Type** screen, select **Send LDAP Attributes as Claims** from the drop-down menu, then select **Next**.
- .. image:: ../../images/SSO-SAML-ADFS_create-claim-rules_002.png
+ .. image:: /images/SSO-SAML-ADFS_create-claim-rules_002.png
3. On the **Configure Claim Rule** screen, enter a **Claim Rule Name** of your choice, select **Active Directory** as the **Attribute Store**, then add the following mapping:
@@ -94,13 +94,13 @@ Select **Finish** to add the rule.
The entries in the **Outgoing Claim Type** column can be modified. The entries may contain dashes but no spaces. They are used to map the corresponding fields in Mattermost.
- .. image:: ../../images/SSO-SAML-ADFS_create-claim-rules_003.png
+ .. image:: /images/SSO-SAML-ADFS_create-claim-rules_003.png
4. Select **Add Rule** to create another new rule.
5. On the **Choose Rule Type** screen, select **Transform an Incoming Claim** from the drop-down menu, then select **Next**.
- .. image:: ../../images/SSO-SAML-ADFS_create-claim-rules_004.png
+ .. image:: /images/SSO-SAML-ADFS_create-claim-rules_004.png
6. On the **Configure Claim Rule** screen, enter a **Claim Rule Name** of your choice, then:
@@ -129,29 +129,29 @@ Next, export the identity provider certificate, which will be later uploaded to
1. Open the ADFS management snap-in, select **AD FS > Service > Certificates**, then double-click on the certificate under **Token-signing**. You can also right-click the field, then select **View Certificate** in the context menu.
- .. image:: ../../images/SSO-SAML-ADFS_export-id-provider-cert_001.png
+ .. image:: /images/SSO-SAML-ADFS_export-id-provider-cert_001.png
2. On the **Certificate** screen, open the **Details** tab, select **Copy to File**, then select **OK**.
- .. image:: ../../images/SSO-SAML-ADFS_export-id-provider-cert_003.png
+ .. image:: /images/SSO-SAML-ADFS_export-id-provider-cert_003.png
3. On the **Certificate Export Wizard** screen, select **Next**.
- .. image:: ../../images/SSO-SAML-ADFS_export-id-provider-cert_004.png
+ .. image:: /images/SSO-SAML-ADFS_export-id-provider-cert_004.png
4. Select **Base-64 encoded X.509 (.CER)**, then select **Next** again.
- .. image:: ../../images/SSO-SAML-ADFS_export-id-provider-cert_005.png
+ .. image:: /images/SSO-SAML-ADFS_export-id-provider-cert_005.png
5. On the **Certificate Export Wizard** screen, select **Browse** to specify the location where you want the Identity Provider Certificate to be exported, then specify the file name.
- .. image:: ../../images/SSO-SAML-ADFS_export-id-provider-cert_006.png
+ .. image:: /images/SSO-SAML-ADFS_export-id-provider-cert_006.png
6. Select **Save**. On the **Certificate Export Wizard** screen, verify the file path is correct, then select **Next**.
7. In the **Completing the Certificate Export Wizard**, select **Finish**, then select **OK** to confirm the export was successful.
- .. image:: ../../images/SSO-SAML-ADFS_export-id-provider-cert_007.png
+ .. image:: /images/SSO-SAML-ADFS_export-id-provider-cert_007.png
Configure SAML Sign-On for Mattermost
--------------------------------------
@@ -172,14 +172,14 @@ If you don't plan to use a metadata URL, you can manually enter the following fi
- For **Identity Provider Issuer URL** use the ``Relying party trust identifier`` from ADFS.
- For **Identity Provider Public Certificate** use the``X.509 Public Certificate``.
- .. image:: ../../images/SSO-SAML-ADFS_configure-saml_001.png
+ .. image:: /images/SSO-SAML-ADFS_configure-saml_001.png
2. Configure Mattermost to verify the signature.
- Set **Verify Signature** to ``true``.
- For **Service Provider Login URL** use the ``SAML 2.0 SSO service URL`` you specified in ADFS.
- .. image:: ../../images/SSO-SAML-ADFS_configure-saml_002.png
+ .. image:: /images/SSO-SAML-ADFS_configure-saml_002.png
3. Enable encryption.
@@ -188,13 +188,13 @@ If you don't plan to use a metadata URL, you can manually enter the following fi
- For **Service Provider Public Certificate** use the Service Provider Public Certificate you generated at the start of this process.
- Set **Sign Request** to suit your environment.
- .. image:: ../../images/SSO-SAML-ADFS_configure-saml_003.png
+ .. image:: /images/SSO-SAML-ADFS_configure-saml_003.png
4. Set attributes for the SAML Assertions, which will be used to update user information in Mattermost. Attributes for email and username are required and should match the values you entered in ADFS earlier. See :ref:`documentation on SAML configuration settings ` for more detail.
For Mattermost servers running 3.3 and earlier, the first name and last name attributes are also required fields.
- .. image:: ../../images/SSO-SAML-ADFS_configure-saml_004.png
+ .. image:: /images/SSO-SAML-ADFS_configure-saml_004.png
5. Select **Save**.
diff --git a/source/administration-guide/identity-access/authentication-methods/saml-based-sso/sso-saml-adfs.rst b/source/administration-guide/identity-access/authentication-methods/saml-based-sso/sso-saml-adfs.rst
index da77b9c4dc1..252bc4b6491 100644
--- a/source/administration-guide/identity-access/authentication-methods/saml-based-sso/sso-saml-adfs.rst
+++ b/source/administration-guide/identity-access/authentication-methods/saml-based-sso/sso-saml-adfs.rst
@@ -45,7 +45,7 @@ However, if you would like to set up encryption for your SAML connection, select
.. image:: /images/adfs_7_configure_certificate_encryption.png
-7. On the **Configure URL** screen, select **Enable Support for the SAML 2.0 WebSSO protocol**, then enter the **SAML 2.0 SSO service URL**, similar to ``https:///login/sso/saml`` where ```` should typically match the :ref:`Mattermost Site URL `.
+7. On the **Configure URL** screen, select **Enable Support for the SAML 2.0 WebSSO protocol**, then enter the **SAML 2.0 SSO service URL**, similar to ``https:///login/sso/saml`` where ```` should typically match the :ref:`Mattermost Site URL `.
.. image:: /images/adfs_8_configure_url.png
@@ -67,7 +67,7 @@ However, if you would like to set up encryption for your SAML connection, select
12. On the **Finish** screen, select **Open the Edit Claim Rules dialog for this relying party trust when the wizard closes**, then select **Close**. You exit the configuration wizard, and a **Claim Rules** editor opens.
- .. image:: ../../images/adfs_13_finish_trust.png
+ .. image:: /images/adfs_13_finish_trust.png
Create claim rules
------------------
diff --git a/source/administration-guide/identity-access/authentication-methods/saml-based-sso/sso-saml-keycloak.rst b/source/administration-guide/identity-access/authentication-methods/saml-based-sso/sso-saml-keycloak.rst
index 27632f5b9b1..162e0725566 100644
--- a/source/administration-guide/identity-access/authentication-methods/saml-based-sso/sso-saml-keycloak.rst
+++ b/source/administration-guide/identity-access/authentication-methods/saml-based-sso/sso-saml-keycloak.rst
@@ -1,7 +1,7 @@
Configure SAML with Keycloak
============================
-.. include:: ../../../_static/badges/ent-cloud-selfhosted.rst
+.. include:: ../../../../_static/badges/ent-cloud-selfhosted.rst
:start-after: :nosearch:
The following process provides steps to configure SAML with Keycloak for Mattermost.
@@ -88,7 +88,7 @@ Set up a connection app for Mattermost SSO
Once done your Mappers should look like this:
.. image:: /images/keycloak_4_create_username_attribute_finished.png
- :alt: Example of protocol mapper configuration.
+ :alt: Example of protocol mapper configuration.
9. Get the metadata URL from Keycloak:
diff --git a/source/administration-guide/identity-access/authentication-methods/saml-based-sso/sso-saml-okta.rst b/source/administration-guide/identity-access/authentication-methods/saml-based-sso/sso-saml-okta.rst
index f2d4fa369fc..874a328c3be 100644
--- a/source/administration-guide/identity-access/authentication-methods/saml-based-sso/sso-saml-okta.rst
+++ b/source/administration-guide/identity-access/authentication-methods/saml-based-sso/sso-saml-okta.rst
@@ -29,7 +29,7 @@ Set Up a connection app for Mattermost Single Sign-On
6. Enter **SAML Settings**, including:
- - **Single sign on URL:** ``https:///login/sso/saml`` where ``https://`` should typically match the :ref:`Mattermost Site URL `.
+ - **Single sign on URL:** ``https:///login/sso/saml`` where ``https://`` should typically match the :ref:`Mattermost Site URL `.
- **Audience URI:** For instance, ``mattermost``
- **Name ID format:** ``unspecified``
- **Application username:** ``Email``
diff --git a/source/administration-guide/identity-access/authentication-methods/saml-based-sso/sso-saml-onelogin.rst b/source/administration-guide/identity-access/authentication-methods/saml-based-sso/sso-saml-onelogin.rst
index 33c96cc55bb..7168fc59889 100644
--- a/source/administration-guide/identity-access/authentication-methods/saml-based-sso/sso-saml-onelogin.rst
+++ b/source/administration-guide/identity-access/authentication-methods/saml-based-sso/sso-saml-onelogin.rst
@@ -34,7 +34,7 @@ Create a OneLogin connection app for Mattermost SSO
- **RelayState**: leave blank
- **Audience**: leave blank
- - **Recipient**: ``https:///login/sso/saml`` where ``https://`` should typically match the :ref:`Mattermost Site URL `.
+ - **Recipient**: ``https:///login/sso/saml`` where ``https://`` should typically match the :ref:`Mattermost Site URL `.
- **ACS (Consumer) URL Validator**: ``https:\/\/\/login\/sso\/saml``
- **ACS (Consumer) URL**: ``https:///login/sso/saml``
diff --git a/source/administration-guide/identity-access/authentication-methods/saml-based-sso/sso-saml-technical.rst b/source/administration-guide/identity-access/authentication-methods/saml-based-sso/sso-saml-technical.rst
index fc57cd358bb..407814a06b1 100644
--- a/source/administration-guide/identity-access/authentication-methods/saml-based-sso/sso-saml-technical.rst
+++ b/source/administration-guide/identity-access/authentication-methods/saml-based-sso/sso-saml-technical.rst
@@ -3,7 +3,7 @@
SAML Single Sign-On: technical documentation
============================================
-.. include:: ../../../_static/badges/ent-pro-cloud-selfhosted.rst
+.. include:: ../../../../_static/badges/ent-pro-cloud-selfhosted.rst
:start-after: :nosearch:
Security Assertion Markup Language (SAML) is an open standard that allows identity providers (IdP), like OneLogin, to pass authorization credentials to service providers (SP), like Mattermost.
diff --git a/source/administration-guide/identity-access/authentication-methods/saml-based-sso/sso-saml.rst b/source/administration-guide/identity-access/authentication-methods/saml-based-sso/sso-saml.rst
index 1048dcae327..7bc84726717 100644
--- a/source/administration-guide/identity-access/authentication-methods/saml-based-sso/sso-saml.rst
+++ b/source/administration-guide/identity-access/authentication-methods/saml-based-sso/sso-saml.rst
@@ -1,7 +1,7 @@
SAML Single Sign-On
===================
-.. include:: ../../../_static/badges/ent-pro-cloud-selfhosted.rst
+.. include:: ../../../../_static/badges/ent-pro-cloud-selfhosted.rst
:start-after: :nosearch:
Single sign-on (SSO) is a way for users to log into multiple applications with a single user ID and password without having to re-enter their credentials. The SAML standard allows identity providers to pass credentials to service providers. Mattermost can be configured to act as a SAML 2.0 Service Provider.
diff --git a/source/administration-guide/identity-access/authentication-methods/sso/convert-oauth20-service-providers-to-openidconnect.rst b/source/administration-guide/identity-access/authentication-methods/sso/convert-oauth20-service-providers-to-openidconnect.rst
index 0c740edf4e7..0915286fbe4 100644
--- a/source/administration-guide/identity-access/authentication-methods/sso/convert-oauth20-service-providers-to-openidconnect.rst
+++ b/source/administration-guide/identity-access/authentication-methods/sso/convert-oauth20-service-providers-to-openidconnect.rst
@@ -1,7 +1,7 @@
Converting OAuth 2.0 Service Providers to OpenID Connect
========================================================
-.. include:: ../../../_static/badges/ent-pro-cloud-selfhosted.rst
+.. include:: ../../../../_static/badges/ent-pro-cloud-selfhosted.rst
:start-after: :nosearch:
.. include:: common-converting-oauth-to-openidconnect.rst
@@ -10,7 +10,7 @@ Converting OAuth 2.0 Service Providers to OpenID Connect
Configuring OpenID Connect Single Sign-On
-----------------------------------------
-.. include:: ../../../_static/badges/selfhosted-only.rst
+.. include:: ../../../../_static/badges/selfhosted-only.rst
:start-after: :nosearch:
For details on configuring Mattermost to use a service provider as a Single Sign-on (SSO) service for team creation, account creation, and user sign-in using OpenID Connect, refer to the following documentation:
diff --git a/source/administration-guide/identity-access/authentication-methods/sso/sso-entraid.rst b/source/administration-guide/identity-access/authentication-methods/sso/sso-entraid.rst
index bd3803d329e..92c7ca01d81 100644
--- a/source/administration-guide/identity-access/authentication-methods/sso/sso-entraid.rst
+++ b/source/administration-guide/identity-access/authentication-methods/sso/sso-entraid.rst
@@ -1,7 +1,7 @@
Entra ID Single Sign-On
=========================
-.. include:: ../../../_static/badges/ent-pro-cloud-selfhosted.rst
+.. include:: ../../../../_static/badges/ent-pro-cloud-selfhosted.rst
:start-after: :nosearch:
Configuring EntraID as a Single Sign-On (SSO) service
@@ -81,7 +81,7 @@ If you don't register Mattermost in the Microsoft Azure AD tenant your organizat
Configure Mattermost ``config.json`` for Entra ID SSO
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-.. include:: ../../../_static/badges/ent-pro-cloud-selfhosted.rst
+.. include:: ../../../../_static/badges/ent-pro-cloud-selfhosted.rst
:start-after: :nosearch:
Instead of using the System Console, you can add the Entra ID settings directly to the ``config.json`` file on your Mattermost server.
diff --git a/source/administration-guide/identity-access/authentication-methods/sso/sso-gitlab.rst b/source/administration-guide/identity-access/authentication-methods/sso/sso-gitlab.rst
index 566f7f91263..a7803f41223 100644
--- a/source/administration-guide/identity-access/authentication-methods/sso/sso-gitlab.rst
+++ b/source/administration-guide/identity-access/authentication-methods/sso/sso-gitlab.rst
@@ -1,7 +1,7 @@
GitLab Single Sign-On
=====================
-.. include:: ../../../_static/badges/ent-pro-cloud-selfhosted.rst
+.. include:: ../../../../_static/badges/ent-pro-cloud-selfhosted.rst
:start-after: :nosearch:
Configuring GitLab as a Single Sign-On (SSO) service
diff --git a/source/administration-guide/identity-access/authentication-methods/sso/sso-google.rst b/source/administration-guide/identity-access/authentication-methods/sso/sso-google.rst
index 4c5d1ea75d5..7fa8b27e503 100644
--- a/source/administration-guide/identity-access/authentication-methods/sso/sso-google.rst
+++ b/source/administration-guide/identity-access/authentication-methods/sso/sso-google.rst
@@ -1,7 +1,7 @@
Google Single Sign-On
=====================
-.. include:: ../../../_static/badges/ent-pro-cloud-selfhosted.rst
+.. include:: ../../../../_static/badges/ent-pro-cloud-selfhosted.rst
:start-after: :nosearch:
Configuring Google Apps as a Single Sign-On (SSO) service
@@ -68,7 +68,7 @@ Step 3: Configure Mattermost for Google Apps SSO
Configure Mattermost ``config.json`` for Google Apps SSO
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-.. include:: ../../../_static/badges/selfhosted-only.rst
+.. include:: ../../../../_static/badges/selfhosted-only.rst
:start-after: :nosearch:
Instead of using the System Console, you can add the Google settings directly to the ``config.json`` file directly on your Mattermost server.
diff --git a/source/administration-guide/identity-access/authentication-methods/sso/sso-openidconnect.rst b/source/administration-guide/identity-access/authentication-methods/sso/sso-openidconnect.rst
index 7a0b4dfd7c7..7cc7d105671 100644
--- a/source/administration-guide/identity-access/authentication-methods/sso/sso-openidconnect.rst
+++ b/source/administration-guide/identity-access/authentication-methods/sso/sso-openidconnect.rst
@@ -1,7 +1,7 @@
OpenID Connect Single Sign-On
==============================
-.. include:: ../../_static/badges/ent-pro-cloud-selfhosted.rst
+.. include:: ../../../../_static/badges/ent-pro-cloud-selfhosted.rst
:start-after: :nosearch:
Mattermost provides OpenID Connect support for :doc:`GitLab `, :doc:`Google Apps `, and :doc:`Entra ID `. With OpenID Connect, users can also use their login to Keycloak, Atlassian Crowd, Apple, Microsoft, Salesforce, Auth0, Ory.sh, Facebook, Okta, OneLogin, and Azure AD, as well as others, as a Single Sign-on (SSO) service for team creation, account creation, and user login.
diff --git a/source/administration-guide/identity-access/permissions-and-roles/advanced-permissions.rst b/source/administration-guide/identity-access/permissions-and-roles/advanced-permissions.rst
index ddc444315a4..6551d701ad6 100644
--- a/source/administration-guide/identity-access/permissions-and-roles/advanced-permissions.rst
+++ b/source/administration-guide/identity-access/permissions-and-roles/advanced-permissions.rst
@@ -32,7 +32,7 @@ To override the System Scheme default permissions in a specific team, you must s
You can access the System Scheme interface by going to **System Console > User Management > Permissions > System Scheme**.
-.. image:: ../../../../images/system-scheme.png
+.. image:: /images/system-scheme.png
Team override scheme
~~~~~~~~~~~~~~~~~~~~
@@ -50,7 +50,7 @@ When you use this permission scheme:
You can access the Team Override Scheme interface by going to **System Console > User Management > Permissions > Team Override Schemes**.
-.. image:: ../../../../images/team-scheme.png
+.. image:: /images/team-scheme.png
Channel permissions
--------------------
diff --git a/source/administration-guide/identity-access/permissions-and-roles/guest-accounts.rst b/source/administration-guide/identity-access/permissions-and-roles/guest-accounts.rst
index 3a5a348140d..0f43bf900d8 100644
--- a/source/administration-guide/identity-access/permissions-and-roles/guest-accounts.rst
+++ b/source/administration-guide/identity-access/permissions-and-roles/guest-accounts.rst
@@ -3,7 +3,7 @@
Guest accounts
==============
-.. include:: ../../../../_static/badges/ent-pro-cloud-selfhosted.rst
+.. include:: ../../../_static/badges/ent-pro-cloud-selfhosted.rst
:start-after: :nosearch:
Guest accounts in Mattermost are a way to collaborate with individuals, such as vendors and contractors, outside of your organization by controlling their access to channels and team members. For example, guest accounts can be used to collaborate with customers on a support issue or work on a website project with resources from an external design firm.
diff --git a/source/administration-guide/identity-access/user-provisioning.rst b/source/administration-guide/identity-access/user-provisioning.rst
index 2958156c201..1244a3ffced 100644
--- a/source/administration-guide/identity-access/user-provisioning.rst
+++ b/source/administration-guide/identity-access/user-provisioning.rst
@@ -7,9 +7,9 @@ User provisioning
:titlesonly:
Corporate directory integrations
- Provisioning workflows
- AD/LDAP setup
- AD/LDAP manage team or private channel membership
+ Provisioning workflows
+ AD/LDAP setup
+ AD/LDAP manage team or private channel membership
GitLab SSO
OpenID Connect SSO
Google SSO
@@ -17,9 +17,9 @@ User provisioning
Convert OAuth 2.0 providers to OpenID
* :doc:`Corporate directory integrations ` - Mattermost integrates with all major account providers via Active Directory, SAML, and OAuth.
-* :doc:`Provisioning workflows ` - Learn about provisioning workflows in Mattermost.
-* :doc:`AD/LDAP setup ` - Learn how to set up AD/LDAP in Mattermost.
-* :doc:`AD/LDAP manage team or private channel membership ` - Learn how to manage team or private channel membership using AD/LDAP sync groups in Mattermost.
+* :doc:`Provisioning workflows ` - Learn about provisioning workflows in Mattermost.
+* :doc:`AD/LDAP setup ` - Learn how to set up AD/LDAP in Mattermost.
+* :doc:`AD/LDAP manage team or private channel membership ` - Learn how to manage team or private channel membership using AD/LDAP sync groups in Mattermost.
* :doc:`GitLab SSO ` - Learn how to use GitLab SSO in Mattermost.
* :doc:`OpenID Connect SSO ` - Learn how to use about OpenID Connect SSO in Mattermost.
* :doc:`Google SSO ` - Learn how to use Google SSO in Mattermost.
diff --git a/source/administration-guide/licensing/cloud-workspace-management.rst b/source/administration-guide/licensing/cloud-workspace-management.rst
index 4debe99b7e0..e183a8ee05f 100644
--- a/source/administration-guide/licensing/cloud-workspace-management.rst
+++ b/source/administration-guide/licensing/cloud-workspace-management.rst
@@ -13,13 +13,13 @@ This section of the guide is for system admins of Mattermost Cloud deployments.
:titlesonly:
Workspace migration
- Cloud data residency
- Cloud IP Filtering
- Cloud Bring Your Own Key (BYOK)
+ Cloud data residency
+ Cloud IP Filtering
+ Cloud Bring Your Own Key (BYOK)
* :doc:`Workspace migration ` - Migrate your workspace using the mmctl tool.
-* :doc:`Cloud data residency ` - Find information about your data in the Cloud.
-* :doc:`Cloud IP Filtering ` - Restrict access to your Mattermost Cloud workspace to a specific IP address range.
-* :doc:`Cloud Bring Your Own Key (BYOK) ` - Learn how to manage data encryption processes within a Mattermost Cloud Enterprise Dedicated deployment.
+* :doc:`Cloud data residency ` - Find information about your data in the Cloud.
+* :doc:`Cloud IP Filtering ` - Restrict access to your Mattermost Cloud workspace to a specific IP address range.
+* :doc:`Cloud Bring Your Own Key (BYOK) ` - Learn how to manage data encryption processes within a Mattermost Cloud Enterprise Dedicated deployment.
`Book a live demo `_ or `talk to a Mattermost expert `_ to explore tailored solutions for your organization's secure collaboration needs. Or try Mattermost yourself with a `1-hour preview `_ for instant access to a live sandbox environment.
diff --git a/source/administration-guide/licensing/licensing-index.rst b/source/administration-guide/licensing/licensing-index.rst
index 806d83c5e2d..0a42e508b48 100644
--- a/source/administration-guide/licensing/licensing-index.rst
+++ b/source/administration-guide/licensing/licensing-index.rst
@@ -8,13 +8,13 @@ Manage editions, licenses, billing, and workspace-wide policies for Cloud and se
:titlesonly:
self-hosted-billing
- /administration-guide/admin-tools/installing-license-key
+ /administration-guide/platform-features/installing-license-key
cloud-workspace-management
- /administration-guide/configuration-reference/self-hosted-account-settings
- /administration-guide/configuration-reference/cloud-billing-account-settings
- /administration-guide/admin-tools/cloud-byok
- /administration-guide/admin-tools/cloud-data-residency
- /administration-guide/admin-tools/cloud-ip-filtering
+ /administration-guide/licensing/self-hosted-account-settings
+ /administration-guide/licensing/cloud-billing-account-settings
+ /administration-guide/licensing/cloud-byok
+ /administration-guide/licensing/cloud-data-residency
+ /administration-guide/licensing/cloud-ip-filtering
Govern your workspace, control data residency and billing, and enable licensed features.
diff --git a/source/administration-guide/monitoring-observability/deploy-prometheus-grafana-for-performance-monitoring.rst b/source/administration-guide/monitoring-observability/deploy-prometheus-grafana-for-performance-monitoring.rst
index fcf4dd5154b..85cc42f3387 100644
--- a/source/administration-guide/monitoring-observability/deploy-prometheus-grafana-for-performance-monitoring.rst
+++ b/source/administration-guide/monitoring-observability/deploy-prometheus-grafana-for-performance-monitoring.rst
@@ -58,7 +58,7 @@ Install Prometheus
3. Replace the ``:`` parameter with your Mattermost host IP address and port to scrape the data. It connects to ``/metrics`` using HTTP.
-4. In the Mattermost System Console, go to **Environment > Performance Monitoring** to set **Enable Performance Monitoring** to **true**, then specify the **Listen Address** and select **Save**. See our :ref:`Configuration Settings ` documentation for details.
+4. In the Mattermost System Console, go to **Environment > Performance Monitoring** to set **Enable Performance Monitoring** to **true**, then specify the **Listen Address** and select **Save**. See our :ref:`Configuration Settings ` documentation for details.
.. image:: ../../images/perf_monitoring_system_console.png
:scale: 70
diff --git a/source/administration-guide/monitoring-observability/monitoring-and-performance.rst b/source/administration-guide/monitoring-observability/monitoring-and-performance.rst
index 916cf2205db..e46916d4f5c 100644
--- a/source/administration-guide/monitoring-observability/monitoring-and-performance.rst
+++ b/source/administration-guide/monitoring-observability/monitoring-and-performance.rst
@@ -10,36 +10,34 @@ From collecting performance metrics and deploying monitoring tools to configurin
:hidden:
:titlesonly:
- Optimize your Mattermost workspace
- Collect performance metrics
- Deploy Prometheus and Grafana for performance monitoring
- Performance monitoring metrics
- Push notification health targets
- Performance alerting guide
+ Collect performance metrics
+ Deploy Prometheus and Grafana for performance monitoring
+ Performance monitoring metrics
+ Push notification health targets
+ Performance alerting guide
Ensuring releases perform at scale
- Manage user surveys
- User satisfaction surveys
- Notify admin
- System-wide notifications
- Statistics
- In-product notices
+ Manage user surveys
+ User satisfaction surveys
+ Notify admin
+ System-wide notifications
+ Statistics
+ In-product notices
Health checks
Health check probes
- Product limits
+ Product limits
-* :doc:`Optimize your Mattermost workspace ` - Learn about optimizing your Mattermost workspace.
-* :doc:`Collect performance metrics ` - Learn about collecting performance metrics for Mattermost.
-* :doc:`Deploy Prometheus and Grafana for performance monitoring ` - Learn how to deploy Prometheus and Grafana for performance monitoring.
-* :doc:`Performance monitoring metrics ` - Learn about performance monitoring metrics for Mattermost.
-* :doc:`Push notification health targets ` - Learn about push notification health targets for Mattermost.
-* :doc:`Performance alerting guide ` - Learn about performance alerting for Mattermost.
+* :doc:`Collect performance metrics ` - Learn about collecting performance metrics for Mattermost.
+* :doc:`Deploy Prometheus and Grafana for performance monitoring ` - Learn how to deploy Prometheus and Grafana for performance monitoring.
+* :doc:`Performance monitoring metrics ` - Learn about performance monitoring metrics for Mattermost.
+* :doc:`Push notification health targets ` - Learn about push notification health targets for Mattermost.
+* :doc:`Performance alerting guide ` - Learn about performance alerting for Mattermost.
* :doc:`Ensuring releases perform at scale ` - Learn how to ensure releases perform at scale for Mattermost.
-* :doc:`Manage user surveys ` - Learn about managing user surveys for Mattermost.
-* :doc:`User satisfaction surveys ` - Learn how to send user satisfaction surveys for Mattermost.
-* :doc:`Notify admin ` - Learn how to notify admins for Mattermost.
-* :doc:`System-wide notifications ` - Learn about system-wide notifications for Mattermost.
-* :doc:`Statistics ` - Learn about Mattermost statistics .
-* :doc:`In-product notices ` - Learn how to use in-product notices for Mattermost.
+* :doc:`Manage user surveys ` - Learn about managing user surveys for Mattermost.
+* :doc:`User satisfaction surveys ` - Learn how to send user satisfaction surveys for Mattermost.
+* :doc:`Notify admin ` - Learn how to notify admins for Mattermost.
+* :doc:`System-wide notifications ` - Learn about system-wide notifications for Mattermost.
+* :doc:`Statistics ` - Learn about Mattermost statistics .
+* :doc:`In-product notices ` - Learn how to use in-product notices for Mattermost.
* :doc:`Health checks ` - Learn about health checks for Mattermost.
* :doc:`Health check probes ` - Learn how to set up health check probes for Mattermost.
-* :doc:`Product limits ` - Learn about product limits for Mattermost.
\ No newline at end of file
+* :doc:`Product limits ` - Learn about product limits for Mattermost.
\ No newline at end of file
diff --git a/source/administration-guide/monitoring-observability/monitoring-observability-index.rst b/source/administration-guide/monitoring-observability/monitoring-observability-index.rst
index a867dedab39..ff7431b9641 100644
--- a/source/administration-guide/monitoring-observability/monitoring-observability-index.rst
+++ b/source/administration-guide/monitoring-observability/monitoring-observability-index.rst
@@ -7,13 +7,13 @@ Gain visibility into system health and performance. Configure logging, telemetry
:maxdepth: 1
:titlesonly:
- /administration-guide/admin-tools/logging
+ /administration-guide/compliance-security-auditing/logging
/administration-guide/admin-tools/telemetry
- /administration-guide/admin-tools/statistics
+ /administration-guide/monitoring-observability/statistics
/administration-guide/admin-tools/configure-health-check-probes
- /administration-guide/operations-scaling/performance-monitoring-metrics
- /administration-guide/operations-scaling/deploy-prometheus-grafana-for-performance-monitoring
- /administration-guide/operations-scaling/performance-alerting
+ /administration-guide/monitoring-observability/performance-monitoring-metrics
+ /administration-guide/monitoring-observability/deploy-prometheus-grafana-for-performance-monitoring
+ /administration-guide/monitoring-observability/performance-alerting
/administration-guide/admin-tools/request-server-health-check
diff --git a/source/administration-guide/operations-scaling/additional-ha-considerations.rst b/source/administration-guide/operations-scaling/additional-ha-considerations.rst
index b6c55dc13b8..2e0d3944ed3 100644
--- a/source/administration-guide/operations-scaling/additional-ha-considerations.rst
+++ b/source/administration-guide/operations-scaling/additional-ha-considerations.rst
@@ -3,6 +3,6 @@
.. This page intentionally not accessible via the LHS navigation pane because it's included in other pages
-`Elasticsearch `__ provides enterprise-scale deployments with optimized search performance and prevents performance degradation and timeouts. Elasticsearch allows you to search large volumes of data quickly, in near real-time, by creating and managing an index of post data. Mattermost’s implementation uses `Elasticsearch `_ as a distributed, RESTful search engine supporting highly efficient database searches in a :doc:`cluster environment `. Visit the :doc:`Mattermost Elasticsearch product documentation ` for deployment and configuration details.
+`Elasticsearch `__ provides enterprise-scale deployments with optimized search performance and prevents performance degradation and timeouts. Elasticsearch allows you to search large volumes of data quickly, in near real-time, by creating and managing an index of post data. Mattermost’s implementation uses `Elasticsearch `_ as a distributed, RESTful search engine supporting highly efficient database searches in a :doc:`cluster environment `. Visit the :doc:`Mattermost Elasticsearch product documentation ` for deployment and configuration details.
Performance monitoring support enables a Mattermost server to track system health for large Enterprise deployments through integrations with `Prometheus `__ and `Grafana `__. These integrations support data collection from several Mattermost servers, which is particularly useful if you’re running Mattermost :doc:`in high availability mode `. Once you’re tracking system health, you can :doc:`set up performance alerts ` on your Grafana dashboard. Visit the :doc:`Mattermost Performance Monitoring product documentation ` for installation details.
\ No newline at end of file
diff --git a/source/administration-guide/operations-scaling/backing-storage-benchmarks.rst b/source/administration-guide/operations-scaling/backing-storage-benchmarks.rst
index cb812bb9afc..8754b56925e 100644
--- a/source/administration-guide/operations-scaling/backing-storage-benchmarks.rst
+++ b/source/administration-guide/operations-scaling/backing-storage-benchmarks.rst
@@ -71,9 +71,9 @@ Read operations
Testing notes
--------------
-- For S3 tests, :ref:`Amazon S3 exported upload part size ` was set to the default value (100MB).
+- For S3 tests, :ref:`Amazon S3 exported upload part size ` was set to the default value (100MB).
- Local EBS storage is the stock gp3 (3000 IOPS) provided by EC2 instances.
-- Both EBS and EFS solutions tested are considered ``local`` storage options from the application's perspective, where the :ref:`file storage system ` is set to ``local`` in both cases. EFS is essentially AWS's managed NFS, which enables it to serve as a potential alternative to S3 by allowing multiple Mattermost nodes in a high-availability (HA) deployment to share a common file system. In such HA scenarios, the standard local file storage (e.g., an EBS volume attached to a single instance) :ref:`is not suitable, as it can't be shared across multiple nodes `. EFS is a good alternative in this case, but EFS is not a block storage solution like EBS.
+- Both EBS and EFS solutions tested are considered ``local`` storage options from the application's perspective, where the :ref:`file storage system ` is set to ``local`` in both cases. EFS is essentially AWS's managed NFS, which enables it to serve as a potential alternative to S3 by allowing multiple Mattermost nodes in a high-availability (HA) deployment to share a common file system. In such HA scenarios, the standard local file storage (e.g., an EBS volume attached to a single instance) :ref:`is not suitable, as it can't be shared across multiple nodes `. EFS is a good alternative in this case, but EFS is not a block storage solution like EBS.
Supported storage options
diff --git a/source/administration-guide/operations-scaling/high-availability-cluster-based-deployment.rst b/source/administration-guide/operations-scaling/high-availability-cluster-based-deployment.rst
index f41219c3b6c..31b455b25ec 100644
--- a/source/administration-guide/operations-scaling/high-availability-cluster-based-deployment.rst
+++ b/source/administration-guide/operations-scaling/high-availability-cluster-based-deployment.rst
@@ -39,7 +39,7 @@ To ensure your instance and configuration are compatible with a high availabilit
Back up your Mattermost database and file storage locations before configuring high availability. For more information about backing up, see :doc:`/deployment-guide/backup-disaster-recovery`.
1. Set up a new Mattermost server by following one of our **Install Guides**. This server must use an identical copy of the configuration file, ``config.json``. Verify the servers are functioning by hitting each independent server through its private IP address.
-2. Modify the ``config.json`` files on both servers to add ``ClusterSettings``. See the :ref:`high availability cluster-based deployment configuration settings ` documentation for details.
+2. Modify the ``config.json`` files on both servers to add ``ClusterSettings``. See the :ref:`high availability cluster-based deployment configuration settings ` documentation for details.
3. Verify the configuration files are identical on both servers then restart each machine in the cluster.
4. Modify your NGINX setup so that it proxies to both servers. For more information about this, see `proxy server configuration`_.
5. Open **System Console > Environment > High Availability** to verify that each machine in the cluster is communicating as expected with green status indicators. If not, investigate the log files for any extra information.
@@ -83,7 +83,7 @@ Configuration settings
"GossipPort": 8074
}
- For more details on these settings, see the :ref:`high availability configuration settings ` documentation.
+ For more details on these settings, see the :ref:`high availability configuration settings ` documentation.
2. Change the process limit to 8192 and the maximum number of open files to 65536.
@@ -149,7 +149,7 @@ You can do the same for the proxy server.
Cluster discovery
^^^^^^^^^^^^^^^^^
-If you have non-standard (i.e. complex) network configurations, then you may need to use the :ref:`Override Hostname ` setting to help the cluster nodes discover each other. The cluster settings in the config are removed from the config file hash for this reason, meaning you can have ``config.json`` files that are slightly different in high availability mode. The Override Hostname is intended to be different for each clustered node in ``config.json`` if you need to force discovery.
+If you have non-standard (i.e. complex) network configurations, then you may need to use the :ref:`Override Hostname ` setting to help the cluster nodes discover each other. The cluster settings in the config are removed from the config file hash for this reason, meaning you can have ``config.json`` files that are slightly different in high availability mode. The Override Hostname is intended to be different for each clustered node in ``config.json`` if you need to force discovery.
If ``UseIpAddress`` is set to ``true``, it attempts to obtain the IP address by searching for the first non-local IP address (non-loop-back, non-localunicast, non-localmulticast network interface). It enumerates the network interfaces using the built-in go function `net.InterfaceAddrs() `_. Otherwise it tries to get the hostname using the `os.Hostname() `_ built-in go function.
@@ -270,15 +270,15 @@ Database configuration
Specifying configuration setting values using Mattermost environment variables ensure that they always take precedent over any other configuration settings.
-For an AWS High Availability RDS cluster deployment, point the :ref:`datasource ` configuration setting to the write/read endpoint at the **cluster** level to benefit from the AWS failover handling. AWS takes care of promoting different database nodes to be the writer node. Mattermost doesn't need to manage this.
+For an AWS High Availability RDS cluster deployment, point the :ref:`datasource ` configuration setting to the write/read endpoint at the **cluster** level to benefit from the AWS failover handling. AWS takes care of promoting different database nodes to be the writer node. Mattermost doesn't need to manage this.
-Use the :ref:`read replica ` feature to scale the database. The Mattermost server can be set up to use one master database and one or more read replica databases.
+Use the :ref:`read replica ` feature to scale the database. The Mattermost server can be set up to use one master database and one or more read replica databases.
.. note::
For an AWS High Availability RDS cluster deployment, don't hard-code the IP addresses. Point this configuration setting to the write/read endpoint at the **cluster** level. This will benefit from the AWS failover handling where AWS takes care of promoting different database nodes to be the writer node. Mattermost doesn't need to manage this.
-On large deployments, also consider using the :ref:`search replicas ` feature to isolate search queries onto one or more search replicas. A search replica is similar to a read replica, but is used only for handling search queries.
+On large deployments, also consider using the :ref:`search replicas ` feature to isolate search queries onto one or more search replicas. A search replica is similar to a read replica, but is used only for handling search queries.
.. note::
diff --git a/source/administration-guide/operations-scaling/operations-scaling-index.rst b/source/administration-guide/operations-scaling/operations-scaling-index.rst
index bdb1130b718..97c57b50d77 100644
--- a/source/administration-guide/operations-scaling/operations-scaling-index.rst
+++ b/source/administration-guide/operations-scaling/operations-scaling-index.rst
@@ -7,19 +7,19 @@ Operate Mattermost reliably and scale capacity as your organization grows. Use t
:maxdepth: 1
:titlesonly:
- prepare-to-upgrade-mattermost
- important-upgrade-notes
- upgrading-mattermost-server
- upgrade-mattermost-kubernetes-ha
- downgrading-mattermost-server
+ /administration-guide/upgrade/prepare-to-upgrade-mattermost
+ /administration-guide/upgrade/important-upgrade-notes
+ /administration-guide/upgrade/upgrading-mattermost-server
+ /administration-guide/upgrade/upgrade-mattermost-kubernetes-ha
+ /administration-guide/upgrade/downgrading-mattermost-server
high-availability-cluster-based-deployment
scaling-for-enterprise
redis
- elasticsearch-setup
- opensearch-setup
+ /administration-guide/platform-features/elasticsearch-setup
+ /administration-guide/platform-features/opensearch-setup
ensuring-releases-perform-at-scale
- collect-performance-metrics
- /administration-guide/admin-tools/product-limits
+ /administration-guide/monitoring-observability/collect-performance-metrics
+ /administration-guide/operations-scaling/product-limits
Keep your deployment reliable and performant, scale as needed, and upgrade safely with minimal downtime.
diff --git a/source/administration-guide/operations-scaling/product-limits.rst b/source/administration-guide/operations-scaling/product-limits.rst
index 6317a6243c0..129a20eb16e 100644
--- a/source/administration-guide/operations-scaling/product-limits.rst
+++ b/source/administration-guide/operations-scaling/product-limits.rst
@@ -24,8 +24,8 @@ This page describes some of the product limits that apply to Mattermost, includi
":ref:`Emoji reactions ` per message", "50", ""
":ref:`Custom emoji uploads `", "6000", ""
":ref:`Team description `", "50 characters", ""
- ":ref:`SSO user session duration `", "30 days", ""
- ":ref:`Mobile user session duration `", "30 days", ""
+ ":ref:`SSO user session duration `", "30 days", ""
+ ":ref:`Mobile user session duration `", "30 days", ""
":doc:`Attachments per message ` (files or images)", "10", ""
":ref:`Attachment file size `", "100 MB", "Configurable"
":ref:`Attachment image file size `", "253 MB", "Configurable"
diff --git a/source/administration-guide/operations-scaling/scale-to-100000-users.rst b/source/administration-guide/operations-scaling/scale-to-100000-users.rst
index 62178a32a42..89b74643430 100644
--- a/source/administration-guide/operations-scaling/scale-to-100000-users.rst
+++ b/source/administration-guide/operations-scaling/scale-to-100000-users.rst
@@ -11,7 +11,7 @@ This page describes the Mattermost reference architecture designed for the load
.. note::
- Usage of CPU, RAM, and storage space can vary significantly based on user behavior. These hardware recommendations are based on traditional deployments and may grow or shrink depending on how active your users are.
- - From Mattermost v10.4, Mattermost Enterprise customers can configure `Redis `_ (Remote Dictionary Server) as an alternative cache backend. Using Redis can help ensure that Mattermost remains performant and efficient, even under heavy usage. See the :ref:`Redis cache backend ` configuration settings documentation for details.
+ - From Mattermost v10.4, Mattermost Enterprise customers can configure `Redis `_ (Remote Dictionary Server) as an alternative cache backend. Using Redis can help ensure that Mattermost remains performant and efficient, even under heavy usage. See the :ref:`Redis cache backend ` configuration settings documentation for details.
- While the following Elasticsearch specifications may be more than sufficient for some use cases, we have not extensively tested configurations with lower resource allocations for this user scale. If cost optimization is a priority, admins may choose to experiment with smaller configurations, but we recommend starting with the tested specifications to ensure system stability and performance. Keep in mind that under-provisioning can lead to degraded user experience and additional troubleshooting effort.
Requirements
diff --git a/source/administration-guide/operations-scaling/scale-to-200000-users.rst b/source/administration-guide/operations-scaling/scale-to-200000-users.rst
index 730f24c72b9..a32f00c17c0 100644
--- a/source/administration-guide/operations-scaling/scale-to-200000-users.rst
+++ b/source/administration-guide/operations-scaling/scale-to-200000-users.rst
@@ -11,7 +11,7 @@ This page describes the Mattermost reference architecture designed for the load
.. note::
- Usage of CPU, RAM, and storage space can vary significantly based on user behavior. These hardware recommendations are based on traditional deployments and may grow or shrink depending on how active your users are.
- - From Mattermost v10.4, Mattermost Enterprise customers can configure `Redis `_ (Remote Dictionary Server) as an alternative cache backend. Using Redis can help ensure that Mattermost remains performant and efficient, even under heavy usage. See the :ref:`Redis cache backend ` configuration settings documentation for details.
+ - From Mattermost v10.4, Mattermost Enterprise customers can configure `Redis `_ (Remote Dictionary Server) as an alternative cache backend. Using Redis can help ensure that Mattermost remains performant and efficient, even under heavy usage. See the :ref:`Redis cache backend ` configuration settings documentation for details.
- While the following Elasticsearch specifications may be more than sufficient for some use cases, we have not extensively tested configurations with lower resource allocations for this user scale. If cost optimization is a priority, admins may choose to experiment with smaller configurations, but we recommend starting with the tested specifications to ensure system stability and performance. Keep in mind that under-provisioning can lead to degraded user experience and additional troubleshooting effort.
User login scalability
diff --git a/source/administration-guide/operations-scaling/scaling-for-enterprise.rst b/source/administration-guide/operations-scaling/scaling-for-enterprise.rst
index 8b0d813ff23..ea37bebca8d 100644
--- a/source/administration-guide/operations-scaling/scaling-for-enterprise.rst
+++ b/source/administration-guide/operations-scaling/scaling-for-enterprise.rst
@@ -19,7 +19,7 @@ Enterprise search
We highly recommend a dedicated server for large enterprise deployments to run highly efficient database searches in a cluster environment.
-For deployments with over 5 million posts, :doc:`Enterprise search ` using :ref:`Elasticsearch ` or :ref:`AWS OpenSearch Service ` is required for optimized search performance, dedicated indexing and usage resourcing via cluster support without performance degradation and timeouts, resulting in faster, more predicable search results.
+For deployments with over 5 million posts, :doc:`Enterprise search ` using :ref:`Elasticsearch ` or :ref:`AWS OpenSearch Service ` is required for optimized search performance, dedicated indexing and usage resourcing via cluster support without performance degradation and timeouts, resulting in faster, more predicable search results.
High availability
-----------------
@@ -40,7 +40,7 @@ Available reference architectures
:titlesonly:
Backing storage benchmarks
- Enterprise search
+ Enterprise search
High availability
Redis
Scale up to 200 users
@@ -96,7 +96,7 @@ Visit the `Mattermost Load Test Tool ` with our :ref:`dashboards ` for ongoing monitoring and scale guidance.
- - If you encounter performance concerns, we recommend :doc:`collecting performance metrics ` and sharing them with us as a first troubleshooting step.
+ - We recommend deploying :doc:`Prometheus and Grafana ` with our :ref:`dashboards ` for ongoing monitoring and scale guidance.
+ - If you encounter performance concerns, we recommend :doc:`collecting performance metrics ` and sharing them with us as a first troubleshooting step.
`Book a live demo `_ or `talk to a Mattermost expert `_ to explore tailored solutions for your organization's secure collaboration needs. Or try Mattermost yourself with a `1-hour preview `_ for instant access to a live sandbox environment.
diff --git a/source/administration-guide/platform-features/common-configure-mattermost-for-enterprise-search.rst b/source/administration-guide/platform-features/common-configure-mattermost-for-enterprise-search.rst
index 454e3d850bd..c4f1bf60670 100644
--- a/source/administration-guide/platform-features/common-configure-mattermost-for-enterprise-search.rst
+++ b/source/administration-guide/platform-features/common-configure-mattermost-for-enterprise-search.rst
@@ -9,7 +9,7 @@ Set server connection details
1. (Optional) Enter **Server Username** used to access the enterprise search server.
2. (Optional) Enter **Server Password** associated with the username.
3. Set **Enable Cluster Sniffing** (Optional). Sniffing finds and connects to all data nodes in your cluster automatically.
-4. Optional CA and client certificate configuration settings are available for use with basic authentication credentials or to replace them. See the :ref:`Enterprise search configuration settings ` documentation for details.
+4. Optional CA and client certificate configuration settings are available for use with basic authentication credentials or to replace them. See the :ref:`Enterprise search configuration settings ` documentation for details.
5. Select **Test Connection** and then select **Save**. If the server connection is unsuccessful you won't be able to save the configuration or enable searching with Elasticsearch or AWS OpenSearch.
Build the post index of existing messages
@@ -26,7 +26,7 @@ Set **Enable Elasticsearch for search queries** to ``true``, and setting **Enabl
.. note::
- For high post volume deployments, we strongly encourage you to read and properly configure the Mattermost :ref:`LiveIndexingBatchSize ` configuration setting.
+ For high post volume deployments, we strongly encourage you to read and properly configure the Mattermost :ref:`LiveIndexingBatchSize ` configuration setting.
.. warning::
diff --git a/source/administration-guide/platform-features/enterprise-search.rst b/source/administration-guide/platform-features/enterprise-search.rst
index 9140d96ca45..b6457181147 100644
--- a/source/administration-guide/platform-features/enterprise-search.rst
+++ b/source/administration-guide/platform-features/enterprise-search.rst
@@ -15,8 +15,8 @@ Mattermost database search starts to show performance degradation at around 2 mi
:hidden:
:titlesonly:
- Elasticsearch setup
- AWS OpenSearch setup
+ Elasticsearch setup
+ AWS OpenSearch setup
Elasticsearch
-------------
@@ -55,7 +55,7 @@ Review the following support paths for enterprise search based on the version yo
1. Disable "compatibility mode" in OpenSearch.
2. Upgrade Mattermost server.
- 3. Update the Mattermost ``ElasticsearchSettings.Backend`` configuration setting value from ``elasticsearch`` to ```opensearch``` manually or using :ref:`mmctl `. This value cannot be changed using the System Console. See the Mattermost search :ref:`backend type ` configuration setting documentation for additional details.
+ 3. Update the Mattermost ``ElasticsearchSettings.Backend`` configuration setting value from ``elasticsearch`` to ```opensearch``` manually or using :ref:`mmctl `. This value cannot be changed using the System Console. See the Mattermost search :ref:`backend type ` configuration setting documentation for additional details.
4. Restart the Mattermost server.
Frequently asked questions (FAQ)
@@ -84,7 +84,7 @@ Yes. From Mattermost v6.7, the search indexing job is resumable. Stopping a serv
Can an index rollover policy be defined?
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-The :ref:`AggregatePostsAfterDays ` configuration setting defines a cutoff value. All posts preceding this value are reindexed and aggregated into new and bigger indexes. The default setting is 365 days.
+The :ref:`AggregatePostsAfterDays ` configuration setting defines a cutoff value. All posts preceding this value are reindexed and aggregated into new and bigger indexes. The default setting is 365 days.
Are there any new search features offered with Elasticsearch?
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
diff --git a/source/administration-guide/platform-features/installing-license-key.rst b/source/administration-guide/platform-features/installing-license-key.rst
index ef6833a10ff..b86ee227883 100644
--- a/source/administration-guide/platform-features/installing-license-key.rst
+++ b/source/administration-guide/platform-features/installing-license-key.rst
@@ -1,7 +1,7 @@
Install a license key
=====================
-.. include:: ../../../_static/badges/ent-pro-cloud-selfhosted.rst
+.. include:: ../../_static/badges/ent-pro-cloud-selfhosted.rst
:start-after: :nosearch:
You can use the System Console or the mmctl tools to add or change a Mattermost license key.
@@ -23,7 +23,7 @@ You can use the System Console or the mmctl tools to add or change a Mattermost
.. note::
- - From Mattermost v10.11, the option to add a license is disabled when the license is set using an :ref:`environment variable `.
+ - From Mattermost v10.11, the option to add a license is disabled when the license is set using an :ref:`environment variable `.
- Enterprise customers with the Premier Support add-on can request a staging license for testing.
- Removing a Mattermost Enterprise or Professional license key won't remove the configuration for Enterprise settings; however, these features won't function until an Enterprise or Professional license key is applied.
- When you're using :doc:`High Availability `, it's critical to ensure that all servers in the cluster have same Enterprise license properly installed to prevent multi-node clusters from failing. An Enterprise license is required for High Availability to work.
diff --git a/source/administration-guide/platform-features/optimize-your-workspace.rst b/source/administration-guide/platform-features/optimize-your-workspace.rst
index 0af3420559b..d9519dbfcbc 100644
--- a/source/administration-guide/platform-features/optimize-your-workspace.rst
+++ b/source/administration-guide/platform-features/optimize-your-workspace.rst
@@ -31,29 +31,30 @@ The following optimization areas can alert you to workspace suggestions, warning
| Optimization category | Suggestions, Warnings, or Problems Detected | Additional Information |
+=======================+==========================================================================================================+======================================================================================================================================================================+
| Mattermost release | Are you on the latest Mattermost release? | You're notified when updates are available. |
-| | | See the :doc:`Upgrade Mattermost ` product documentation for details on upgrading your workspace. |
+| | | See the :doc:`Upgrade Mattermost ` product documentation for details on upgrading. |
+-----------------------+----------------------------------------------------------------------------------------------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| Configuration issues | - **SSL**: Should your workspace be more secure with SSL? | See the product documentation to learn more: |
| | | |
-| | - **Session Length**: The default value may not provide an optimal user experience. | - :doc:`Set up SSL ` |
-| | | - :ref:`Configure session length ` |
-| | - **File Storage**: Write access to the configured file storage location is required. | - :ref:`Configure file storage ` |
+| | - **Session Length**: The default value may not provide an optimal user experience. | - :doc:`Set up SSL ` |
+| | | - :ref:`Configure session length ` |
+| | - **File Storage**: Write access to the configured file storage location is required. | - :ref:`Configure file storage ` |
| | | |
| | .. include:: ../../_static/badges/academy-file-storage.rst | |
| | :start-after: :nosearch: | |
+-----------------------+----------------------------------------------------------------------------------------------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| Workspace access | Is the Mattermost workspace accessible to users? | If your web server settings don't pass a live URL test, your workspace may not be accessible to others. |
-| | | See the :ref:`Web server configuration settings ` product documentation to learn more: |
+| | | See the :ref:`Web server configuration settings ` product |
+| | | documentation to learn more: |
+-----------------------+----------------------------------------------------------------------------------------------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------+
-| Search performance | As your user base grows, is search getting slower? | See the :doc:`Enterprise search ` product documentation to learn more. |
+| Search performance | As your user base grows, is search getting slower? | See the :doc:`Enterprise search ` product documentation to learn more. |
+-----------------------+----------------------------------------------------------------------------------------------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| Data privacy | Do you need more control and insights into your data? | See the product documentation to learn more: |
| | | |
-| | | - :doc:`Data Retention ` |
-| | | - :doc:`Compliance Export ` |
+| | | - :doc:`Data Retention ` |
+| | | - :doc:`Compliance Export ` |
+-----------------------+----------------------------------------------------------------------------------------------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| User authentication | - **AD/LDAP**: As your user base grows, would you benefit from easier onboarding, | See the product documentation to learn more: |
| | automated deactivations, and role assignments? | |
-| | | - :ref:`AD/LDAP ` |
-| | - **Guest accounts**: Do you want to control user access to channels and teams with guest accounts? | - :doc:`Guest accounts ` |
+| | | - :ref:`AD/LDAP ` |
+| | - **Guest accounts**: Do you want to control user access to channels and teams with guest accounts? | - :doc:`Guest accounts ` |
+-----------------------+----------------------------------------------------------------------------------------------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------+
diff --git a/source/administration-guide/platform-features/smtp-email.rst b/source/administration-guide/platform-features/smtp-email.rst
index 40fc449fb43..e166ada17cc 100644
--- a/source/administration-guide/platform-features/smtp-email.rst
+++ b/source/administration-guide/platform-features/smtp-email.rst
@@ -30,7 +30,7 @@ Configure SMTP settings
1. In Mattermost go to **System Console > Authentication > Email**, and set **Allow Sign Up With Email** to **true**.
-2. In the System Console, go to **Notifications > Email** and configure Mattermost for your SMTP service. See the :ref:`SMTP configuration ` documentation for details.
+2. In the System Console, go to **Notifications > Email** and configure Mattermost for your SMTP service. See the :ref:`SMTP configuration ` documentation for details.
- Set **Send Email Notifications** to **true**.
- Set the **Notification Display Name** for the account sending notifications.
diff --git a/source/administration-guide/upgrade/important-upgrade-notes.rst b/source/administration-guide/upgrade/important-upgrade-notes.rst
index 65cb9714de6..082db5082f7 100644
--- a/source/administration-guide/upgrade/important-upgrade-notes.rst
+++ b/source/administration-guide/upgrade/important-upgrade-notes.rst
@@ -401,8 +401,8 @@ We recommend reviewing the `additional upgrade notes <#additional-upgrade-notes>
| | |
| | - For AWS customers on OpenSearch, you must modify Mattermost configuration from ``elasticsearch`` to ``opensearch`` and disable compatibility mode. |
| | See the `OpenSearch documentation `_ for details on upgrading. |
-| | - After upgrading the Mattermost server, use :ref:`mmctl ` or edit the config manually, |
-| | then restart the Mattermost server. |
+| | - After upgrading the Mattermost server, use :ref:`mmctl ` or edit the config |
+| | manually, then restart the Mattermost server. |
| | - If you are using OpenSearch, you **must** set the backend to ``opensearch``. Otherwise Mattermost will not work. |
| | |
| | If you are using Elasticsearch v8, be sure to set ``action.destructive_requires_name`` to ``false`` in ``elasticsearch.yml`` to allow for wildcard operations to |
@@ -412,7 +412,7 @@ We recommend reviewing the `additional upgrade notes <#additional-upgrade-notes>
| +------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| | Added safety limit error message in compiled Team Edition and Enterprise Edition deployments when enterprise scale and access control automation features are |
| | unavailable and count of users who are registered and not deactivated exceeds 10,000. |
-| | :doc:`ERROR_SAFETY_LIMITS_EXCEEDED `. |
+| | :doc:`ERROR_SAFETY_LIMITS_EXCEEDED `. |
+----------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| v9.2 | Fixed data retention policies to run jobs when any custom retention policy is enabled even when the global retention policy is set to "keep-forever". Before |
| | this fix, the enabled custom data retention policies wouldn't run as long as the global data retention policy was set to "keep-forever" or was disabled. After |
@@ -486,7 +486,7 @@ We recommend reviewing the `additional upgrade notes <#additional-upgrade-notes>
| | The Channel Export and Apps plugins are now disabled by default. |
| +------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| | Apps Bar is now enabled by default for on-prem servers. ``ExperimentalSettings.EnableAppBar`` was also renamed to ``ExperimentalSettings.DisableAppBar``. |
-| | See the :ref: `configuration settings ` documentation, and |
+| | See the :ref: `configuration settings ` documentation, and |
| | `this forum article `_ for details. |
| +------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| | In the main `server package`, the Go module path has changed from ``github.com/mattermost/mattermost-server/server/v8`` to |
@@ -527,8 +527,8 @@ We recommend reviewing the `additional upgrade notes <#additional-upgrade-notes>
| | Removed deprecated ``model.CommandArgs.Session``. |
| +------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| | For servers wanting to allow websockets to connect from origins other than the origin of the site URL, please set the ``ServiceSettings.AllowCorsFrom`` |
-| | :ref:`configuration setting `. Also ensure that |
-| | the ``siteURL`` is set correctly. |
+| | :ref:`configuration setting `. Also ensure |
+| | that the ``siteURL`` is set correctly. |
| +------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| | In v8.0 release, the following repositories are merged into one: ``mattermost-server``, ``mattermost-webapp`` and ``mmctl``. |
| | Developers should read the updated `Developer Guide `_ for details. |
@@ -556,8 +556,8 @@ We recommend reviewing the `additional upgrade notes <#additional-upgrade-notes>
| +------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| | In v7.10.3, for servers wanting to allow websockets to connect from origins other than the origin of the site URL, please set the |
| | ``ServiceSettings.AllowCorsFrom`` |
-| | :ref:`configuration setting `. Also ensure that |
-| | the ``siteURL`` is set correctly. |
+| | :ref:`configuration setting `. Also ensure |
+| | that the ``siteURL`` is set correctly. |
+----------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| v7.9 | Added a new index on ``Posts(OriginalId)``. For a database with 11.8 million posts, on a machine with a i7-11800H CPU (8 cores, 16 threads), 32GiB of RAM and |
| | SSD, the index creation takes 98.51s on MYSQL and 2.6s on PostgreSQL. |
@@ -623,10 +623,10 @@ We recommend reviewing the `additional upgrade notes <#additional-upgrade-notes>
| +------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| | In v7.9.5, for servers wanting to allow websockets to connect from origins other than the origin of the site URL, please set the |
| | ``ServiceSettings.AllowCorsFrom`` |
-| | :ref:`configuration setting `. Also ensure that |
-| | the ``siteURL`` is set correctly. |
+| | :ref:`configuration setting `. Also ensure |
+| | that the ``siteURL`` is set correctly. |
+----------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------+
-| v7.8 | :ref:`Message Priority & Acknowledgement ` is now enabled by default |
+| v7.8 | :ref:`Message Priority & Acknowledgement ` is now enabled by default |
| | for all instances. You may disable this feature in the System Console by going to **Posts > Message Priority** or via the config ``PostPriority`` setting. |
| +------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| | In v7.8.5, fixed an issue where a user would still see threads in the threads view of channels they have left. Migration execution time in MySQL: Query OK, |
@@ -685,8 +685,8 @@ We recommend reviewing the `additional upgrade notes <#additional-upgrade-notes>
| +------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| | In v7.8.7, for servers wanting to allow websockets to connect from origins other than the origin of the site URL, please set the |
| | ``ServiceSettings.AllowCorsFrom`` |
-| | :ref:`configuration setting `. Also ensure that |
-| | the ``siteURL`` is set correctly. |
+| | :ref:`configuration setting `. Also ensure |
+| | that the ``siteURL`` is set correctly. |
| +------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| | In v7.8.11, improved performance on data retention ``DeleteOrphanedRows`` queries. |
| | |
@@ -846,8 +846,8 @@ We recommend reviewing the `additional upgrade notes <#additional-upgrade-notes>
| | Starting with the Calls version shipping with v7.7, there's now a minimum version requirement when using the external RTCD service. This means that if Calls is |
| | configured to use the external service, customers need to upgrade RTCD first to at least version 0.8.0 or the plugin will fail to start. |
| +------------------------------------------------------------------------------------------------------------------------------------------------------------------+
-| | In v7.7.2, :ref:`Message Priority & Acknowledgement ` is now enabled by |
-| | default for all instances. You may disable this feature in the System Console by going to **Posts > Message Priority** or via the config ``PostPriority`` |
+| | In v7.7.2, :ref:`Message Priority & Acknowledgement ` is now enabled |
+| | by default for all instances. You may disable this feature in the System Console by going to **Posts > Message Priority** or via the config ``PostPriority`` |
| | setting. |
+----------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| v7.5 | Added a new schema migration to ensure ``ParentId`` column is dropped from the ``Posts`` table. Depending on the table size, if the column is not dropped |
@@ -920,7 +920,7 @@ We recommend reviewing the `additional upgrade notes <#additional-upgrade-notes>
| +------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| | The value of ``ServiceSettings.TrustedProxyIPHeader`` defaults to empty from now on. A previous bug prevented this from happening in certain conditions. |
| | Customers are requested to check for these values in their config and set them to nil if necessary. See more details |
-| | :ref:`here `. |
+| | :ref:`here `. |
| +------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| | :doc:`Collapsed Reply Threads ` is now generally available and enabled by default for new |
| | Mattermost servers. For servers upgrading to v7.0 and later, please reference |
@@ -946,7 +946,7 @@ We recommend reviewing the `additional upgrade notes <#additional-upgrade-notes>
| +------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| | In v6.7.1, the value of ``ServiceSettings.TrustedProxyIPHeader`` defaults to empty from now on. A previous bug prevented this from happening in certain |
| | conditions. Customers are requested to check for these values in their config and set them to nil if necessary. See more details |
-| | :ref:`here `. |
+| | :ref:`here `. |
+----------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| v6.6 | The Apps Framework protocol for binding/form submissions has changed, by separating the single `call` into separate `submit`, `form`, `refresh` and `lookup` |
| | calls. If any users have created their own Apps, they have to be updated to the new system. |
@@ -957,16 +957,16 @@ We recommend reviewing the `additional upgrade notes <#additional-upgrade-notes>
| +------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| | In v6.6.2, the value of ``ServiceSettings.TrustedProxyIPHeader`` defaults to empty from now on. A previous bug prevented this from happening in certain |
| | conditions. Customers are requested to check for these values in their config and set them to nil if necessary. See more details |
-| | :ref:`here `. |
+| | :ref:`here `. |
+----------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| v6.5 | The ``mattermost version`` CLI command does not interact with the database anymore. Therefore the database version is not going to be |
| | printed. Also, the database migrations are not going to be applied with the version sub command. |
-| | :ref:`A new db migrate sub command ` is added to enable administrators |
+| | :ref:`A new db migrate sub command ` is added to enable administrators |
| | to trigger migrations. |
| +------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| | In v6.5.2, the value of ``ServiceSettings.TrustedProxyIPHeader`` defaults to empty from now on. A previous bug prevented this from happening in certain |
| | conditions. Customers are requested to check for these values in their config and set them to nil if necessary. See more details |
-| | :ref:`here `. |
+| | :ref:`here `. |
+----------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| v6.4 | A new schema migration system has been introduced, so we strongly recommend backing up the database before updating the server to this version. The new |
| | migration system will run through all existing migrations to record them to a new table. This will only happen for the first run in order to migrate the |
@@ -991,10 +991,11 @@ We recommend reviewing the `additional upgrade notes <#additional-upgrade-notes>
| +------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| | In v6.3.9, the value of ``ServiceSettings.TrustedProxyIPHeader`` defaults to empty from now on. A previous bug prevented this from happening in certain |
| | conditions. Customers are requested to check for these values in their config and set them to nil if necessary. See more details |
-| | :ref:`here `. |
+| | :ref:`here `. |
+----------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------+
-| v6.2 | Channel results in the channel autocomplete will include private channels. Customers using :doc:`Bleve ` or |
-| | :doc:`Elasticsearch ` for autocomplete will have to reindex their data to get the new results. Since this can |
+| v6.2 | Channel results in the channel autocomplete will include private channels. Customers using |
+| | :doc:`Bleve ` or |
+| | :doc:`Elasticsearch ` for autocomplete will have to reindex their data to get the new results. Since this can |
| | take a long time, we suggest disabling autocomplete and running indexing in the background. When this is complete, re-enable autocomplete. |
| | |
| | .. note:: |
@@ -1355,7 +1356,7 @@ We recommend reviewing the `additional upgrade notes <#additional-upgrade-notes>
| +------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| | The public IP of the Mattermost application server is considered a reserved IP for additional security hardening in the context of untrusted external requests |
| | such as Open Graph metadata, webhooks, or slash commands. |
-| | :ref:`See documentation ` for additional information. |
+| | :ref:`See documentation ` for additional information. |
+----------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| v5.8.0 | The local image proxy has been added, and images displayed within the client are now affected by the ``AllowUntrustedInternalConnections`` setting. |
| | :ref:`See documentation ` for more details if you have trouble loading images. |
@@ -1483,13 +1484,13 @@ We recommend reviewing the `additional upgrade notes <#additional-upgrade-notes>
| | editing time in seconds. If post editing is disabled, this setting does not apply. |
| +------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| | If using Let's Encrypt without a proxy server, the server will fail to start with an error message unless the :ref:`Forward80To443 |
-| | ` ``config.json`` setting is set to ``true``. |
+| | ` ``config.json`` setting is set to ``true``. |
| | |
| | If forwarding port 80 to 443, the server will fail to start with an error message unless the :ref:`ListenAddress |
-| | ` ``config.json`` setting is set to listen on port 443. |
+| | ` ``config.json`` setting is set to listen on port 443. |
+----------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| v4.6.2 | If using Let's Encrypt without a proxy server, forward port 80 through a firewall, with the :ref:`Forward80To443 |
-| | ` ``config.json`` setting set to ``true`` to complete the Let's |
+| | ` ``config.json`` setting set to ``true`` to complete the Let's |
| | Encrypt certification. |
+----------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| v4.4.0 | Composite database indexes were added to the ``Posts`` table. This may lead to longer upgrade times for servers with more than one million messages. |
@@ -1505,9 +1506,9 @@ We recommend reviewing the `additional upgrade notes <#additional-upgrade-notes>
| | This change may cause private integrations to break in testing environments, which may point to a URL such as http://127.0.0.1:1021/my-command. |
| | |
| | If you point private integrations to such URLs, you may whitelist such domains, IP addresses, or CIDR notations via the |
-| | :ref:`Allowed Untrusted Internal Connections ` |
+| | :ref:`Allowed Untrusted Internal Connections ` |
| | configuration setting in your local environment. Although not recommended, you may also whitelist the addresses in your production environments. See |
-| | :ref:`documentation to learn more `. |
+| | :ref:`documentation to learn more `. |
| | |
| | Push notification, OAuth 2.0 and WebRTC server URLs are trusted and not affected by this setting. |
| +------------------------------------------------------------------------------------------------------------------------------------------------------------------+
diff --git a/source/administration-guide/upgrade/upgrade-mattermost.rst b/source/administration-guide/upgrade/upgrade-mattermost.rst
index 6be946e5a2e..1d14368dc00 100644
--- a/source/administration-guide/upgrade/upgrade-mattermost.rst
+++ b/source/administration-guide/upgrade/upgrade-mattermost.rst
@@ -6,17 +6,16 @@ Upgrade Mattermost
:hidden:
:titlesonly:
- Important upgrade notes
- Prepare to upgrade Mattermost
- Communicate scheduled maintenance best practices
- Upgrade Mattermost Server
- Upgrade Mattermost in Kubernetes and High Availability environments
- Upgrade Team Edition to Enterprise Edition
+ Important upgrade notes
+ Prepare to upgrade Mattermost
+ Communicate scheduled maintenance best practices
+ Upgrade Mattermost Server
+ Upgrade Mattermost in Kubernetes and High Availability environments
+ Upgrade Team Edition to Enterprise Edition
Administrator onboarding tasks
- Enterprise roll-out-checklist
- Welcome email to end users
- Downgrade Mattermost Server
- Open source components
+ Roll-out checklist
+ Downgrade Mattermost Server
+ Open source components
Stay up to date with the latest features and improvements.
diff --git a/source/administration-guide/user-experience/customize-branding.rst b/source/administration-guide/user-experience/customize-branding.rst
index b70a8b68b22..aad5969f156 100644
--- a/source/administration-guide/user-experience/customize-branding.rst
+++ b/source/administration-guide/user-experience/customize-branding.rst
@@ -8,9 +8,8 @@ Whether you’re customizing the appearance of your workspace, utilizing brandin
:hidden:
:titlesonly:
- Customize Mattermost
- Custom branding tools
- Code signing custom builds
+ Customize Mattermost
+ Custom branding tools
* :doc:`Customize Mattermost ` - Learn how to customize the Mattermost server.
* :doc:`Custom branding tools ` - Learn about custom branding tools for Mattermost.
diff --git a/source/deployment-guide/backup-disaster-recovery.rst b/source/deployment-guide/backup-disaster-recovery.rst
index 4ffca10d957..ee8c5cc353d 100644
--- a/source/deployment-guide/backup-disaster-recovery.rst
+++ b/source/deployment-guide/backup-disaster-recovery.rst
@@ -170,7 +170,7 @@ To recap:
.. warning::
- After creating the master user, IP based access to the OS might not work from Mattermost application nodes. You may need to update the ``ElasticSearchSettings`` section in ``config.json`` to update the server :ref:`username ` and :ref:`password `.
+ After creating the master user, IP based access to the OS might not work from Mattermost application nodes. You may need to update the ``ElasticSearchSettings`` section in ``config.json`` to update the server :ref:`username ` and :ref:`password `.
3. Create a new OS cluster in the secondary region. Follow the same steps again for this cluster.
diff --git a/source/deployment-guide/desktop/desktop-app-managed-resources.rst b/source/deployment-guide/desktop/desktop-app-managed-resources.rst
index e98af8e9604..dbfb9d6157e 100644
--- a/source/deployment-guide/desktop/desktop-app-managed-resources.rst
+++ b/source/deployment-guide/desktop/desktop-app-managed-resources.rst
@@ -11,7 +11,7 @@ The Mattermost desktop app supports managed resources. A managed resource can be
Add the path of a managed resource to your configuration file. When selected, it opens as a pop-up window in the Mattermost desktop app.
-In addition to customizing the Mattermost Desktop App, the :ref:`Managed Resource Paths ` setting on the Mattermost server must be configured.
+In addition to customizing the Mattermost Desktop App, the :ref:`Managed Resource Paths ` setting on the Mattermost server must be configured.
In the below example we add the managed resource ``/video``.
diff --git a/source/deployment-guide/desktop/distribute-a-custom-desktop-app.rst b/source/deployment-guide/desktop/distribute-a-custom-desktop-app.rst
index aefd44f6c84..4766ebaef9f 100644
--- a/source/deployment-guide/desktop/distribute-a-custom-desktop-app.rst
+++ b/source/deployment-guide/desktop/distribute-a-custom-desktop-app.rst
@@ -60,7 +60,7 @@ Managed resources
To configure managed resources, add their path to the ``managedResources`` field in your configuration file. Selecting a managed resource opens it as a pop-up window in the desktop app.
-Additionally, you must configure the :ref:Managed Resource Paths ` server configuration setting. For example, adding the ``/video`` path:
+Additionally, you must configure the :ref:Managed Resource Paths ` server configuration setting. For example, adding the ``/video`` path:
.. code-block:: text
diff --git a/source/deployment-guide/encryption-options.rst b/source/deployment-guide/encryption-options.rst
index 99411831e7d..069f519761f 100644
--- a/source/deployment-guide/encryption-options.rst
+++ b/source/deployment-guide/encryption-options.rst
@@ -26,7 +26,7 @@ Gossip encryption
In a High Availability mode, Mattermost supports encryption of cluster data in-transit when using the gossip protocol, which is based on principles outlined in the `SWIM protocol developed by researchers at Cornell University `_. The gossip protocol is a communication mechanism in distributed systems where nodes randomly exchange information to ensure data consistency across the network. It is decentralized, scalable, and fault-tolerant, making it ideal for systems with numerous nodes. Information is spread in a manner similar to social gossip, with nodes periodically "gossiping" updates to random peers until the network converges to a consistent state. Widely used in distributed databases, blockchain networks, and peer-to-peer systems, the protocol is simple to implement and resilient to node failures. However, it can suffer from redundancy and propagation delays in large networks.
-From Mattermost v10.11, :ref:`gossip encryption ` is enabled by default for new deployments while existing deployments maintain their current configuration.
+From Mattermost v10.11, :ref:`gossip encryption ` is enabled by default for new deployments while existing deployments maintain their current configuration.
The encryption uses AES-256 by default, and it is not configurable. However, it is possible to manually set the value in the ``Systems`` table for the ``ClusterEncryptionKey`` row. A key is a byte array converted to base64. It can be set to a length of 16, 24, or 32 bytes to select AES-128, AES-192, or AES-256 respectively.
@@ -49,7 +49,7 @@ File storage
For local storage or storage via Minio, encryption-at-rest is available for files stored via hardware and software disk encryption solutions applied to the server.
-For Amazon’s proprietary S3 system, encryption-at-rest is available via :ref:`server-side encryption with Amazon S3-managed keys ` in Mattermost enterprise-badge.
+For Amazon’s proprietary S3 system, encryption-at-rest is available via :ref:`server-side encryption with Amazon S3-managed keys ` in Mattermost enterprise-badge.
SAML encryption support
-----------------------
diff --git a/source/deployment-guide/mobile/mobile-faq.rst b/source/deployment-guide/mobile/mobile-faq.rst
index 0582ff0922f..b6cb6aec5f6 100644
--- a/source/deployment-guide/mobile/mobile-faq.rst
+++ b/source/deployment-guide/mobile/mobile-faq.rst
@@ -179,7 +179,7 @@ The following options are available for securing your push notification service:
4. Securing apps installed through the Apple App Store and Google Play:
- - When using Mattermost mobile apps from the App Store and Google Play, purchase an annual subscription to Mattermost Enterprise or Professional to use Mattermost's :ref:`Hosted Push Notification Service (HPNS) `.
+ - When using Mattermost mobile apps from the App Store and Google Play, purchase an annual subscription to Mattermost Enterprise or Professional to use Mattermost's :ref:`Hosted Push Notification Service (HPNS) `.
.. note::
@@ -209,7 +209,7 @@ Mattermost enables customers with high privacy and custom security requirements
How do I host the Mattermost push notification service?
-------------------------------------------------------
-First, you can use the :ref:`Mattermost Hosted Push Notification Service (HPNS) `. Organizations can also :doc:`host their own push proxy server ` instead. This is applicable when you want to:
+First, you can use the :ref:`Mattermost Hosted Push Notification Service (HPNS) `. Organizations can also :doc:`host their own push proxy server ` instead. This is applicable when you want to:
1. Customize the Mattermost mobile apps;
2. Deploy your own push notification service, or
@@ -353,7 +353,7 @@ You will need to `whitelist one subdomain and one port from Apple `__ or `Google Play Store `__ and connect with the :ref:`Mattermost Hosted Push Notification Service (HPNS) ` through your corporate proxy.
+You can use the mobile applications hosted by Mattermost in the `Apple App Store `__ or `Google Play Store `__ and connect with the :ref:`Mattermost Hosted Push Notification Service (HPNS) ` through your corporate proxy.
.. note::
@@ -388,7 +388,7 @@ Since the ``deviceId`` relates to the application, connections through the web b
Where can I find mobile message notification logs?
-------------------------------------------------------------
Notification messages are logged to the ``notifications.log`` file.
-System admins must enable notification logs in the ``config.json`` file by setting ``EnableFile`` to ``true``, and specifying an optional file location via ``FileLocation``. When no location is configured, the ``notifications.log`` file is stored in the default Mattermost directory. See the :ref:`logging configuration settings ` documentation for details.
+System admins must enable notification logs in the ``config.json`` file by setting ``EnableFile`` to ``true``, and specifying an optional file location via ``FileLocation``. When no location is configured, the ``notifications.log`` file is stored in the default Mattermost directory. See the :ref:`logging configuration settings ` documentation for details.
The team members / users can access their notification logs based on their device platform.
Android users can view the logs using ``logcat``.
diff --git a/source/deployment-guide/mobile/mobile-security-features.rst b/source/deployment-guide/mobile/mobile-security-features.rst
index ee44a105f7d..fa0dde76e0a 100644
--- a/source/deployment-guide/mobile/mobile-security-features.rst
+++ b/source/deployment-guide/mobile/mobile-security-features.rst
@@ -14,7 +14,7 @@ Mattermost leverages built-in checks from the Expo framework to identify jailbro
- On **Android**, the app looks for the presence of known jailbreak/root binaries, such as the ``su`` binary in ``/system/xbin/su``, which is a common indicator that the device has been rooted to allow unauthorized elevated access.
- On **iOS**, the detection process involves checking for unusual apps (e.g., Cydia), modified system paths, and testing whether the app can alter protected system files—all signs that the device may be jailbroken.
-See the :ref:`jailbreak/root protection configuration setting ` documentation for details on enabling this feature.
+See the :ref:`jailbreak/root protection configuration setting ` documentation for details on enabling this feature.
.. note::
@@ -25,7 +25,7 @@ Biometric authentication
Mattermost integrates with iOS Face ID/Touch ID and Android’s Biometric API. When enabled by the server administrator, biometric checks are required before accessing specific servers, and the Mattermost mobile app mandates that a device PIN or biometric lock is active.
-See the :ref:`biometric authentication configuration setting ` documentation for details on enabling this feature and the user workflows in which users must authenticate.
+See the :ref:`biometric authentication configuration setting ` documentation for details on enabling this feature and the user workflows in which users must authenticate.
.. note::
@@ -40,7 +40,7 @@ Preventing screenshots and screen recordings protects sensitive information from
- On **Android**, the app utilizes the FLAG_SECURE flag to block screen captures and recordings.
-See the :ref:`prevent screen capture configuration setting ` documentation for details on enabling this feature.
+See the :ref:`prevent screen capture configuration setting ` documentation for details on enabling this feature.
.. note::
diff --git a/source/deployment-guide/mobile/mobile-troubleshooting.rst b/source/deployment-guide/mobile/mobile-troubleshooting.rst
index 21e4584be17..d2220872624 100644
--- a/source/deployment-guide/mobile/mobile-troubleshooting.rst
+++ b/source/deployment-guide/mobile/mobile-troubleshooting.rst
@@ -75,7 +75,7 @@ For example:
[...]
}
-See our :ref:`Configuration Settings ` documentation for details on configuring the connection string to the master database.
+See our :ref:`Configuration Settings ` documentation for details on configuring the connection string to the master database.
Testing mobile push notifications
----------------------------------
diff --git a/source/deployment-guide/postgres-migration-assist-tool.rst b/source/deployment-guide/postgres-migration-assist-tool.rst
index e6181984172..506e01087c3 100644
--- a/source/deployment-guide/postgres-migration-assist-tool.rst
+++ b/source/deployment-guide/postgres-migration-assist-tool.rst
@@ -158,7 +158,7 @@ In your ``config.json`` or via environment variables, update:
"DataSource": "postgres://mmuser:pass@db:5432/mattermost?sslmode=disable"
}
-If your config was stored in the database, update ``MM_CONFIG`` accordingly. See the :ref:`environment configuration settings ` documentation for details.
+If your config was stored in the database, update ``MM_CONFIG`` accordingly. See the :ref:`environment configuration settings ` documentation for details.
.. note::
If your Mattermost deployment was initially configured with MySQL, there's a good chance your systemd service file has a ``BindsTo=mysql.service`` directive in it. This will cause the Mattermost server to be shut down if you deactivate your MySQL service. To fix this, update all references to ``mysql.service`` in your service file to use ``postgresql.service`` instead. This is only an issue if your Database and Mattermost are running on the same system.
diff --git a/source/deployment-guide/server/air-gapped-deployment.rst b/source/deployment-guide/server/air-gapped-deployment.rst
index 6da19e83556..2e7b6b0fb8d 100644
--- a/source/deployment-guide/server/air-gapped-deployment.rst
+++ b/source/deployment-guide/server/air-gapped-deployment.rst
@@ -377,7 +377,7 @@ When deploying Mattermost in an air-gapped environment, there are configuration
Mobile push notifications
~~~~~~~~~~~~~~~~~~~~~~~~~~
-Mattermost can use mobile push notifications to notify users of new messages and activity. These notifications require a server component to be deployed to send the notifications to the mobile devices. By default, Mattermost will use the public push notification service which is not available in an air-gapped environment. We recommend :ref:`disabling push notifications ` in **System Console > Environment > Push Notification Server**.
+Mattermost can use mobile push notifications to notify users of new messages and activity. These notifications require a server component to be deployed to send the notifications to the mobile devices. By default, Mattermost will use the public push notification service which is not available in an air-gapped environment. We recommend :ref:`disabling push notifications ` in **System Console > Environment > Push Notification Server**.
Website link previews
~~~~~~~~~~~~~~~~~~~~~~~
diff --git a/source/deployment-guide/server/image-proxy.rst b/source/deployment-guide/server/image-proxy.rst
index a91c4055e54..23ec0cd1b17 100644
--- a/source/deployment-guide/server/image-proxy.rst
+++ b/source/deployment-guide/server/image-proxy.rst
@@ -17,7 +17,7 @@ The local image proxy is available as part of the Mattermost server deployment.
.. note::
- With the local image proxy enabled, requests for images hosted on the local network are now affected by the ``AllowUntrustedInternalConnections`` setting. See :ref:`documentation ` for more information or if you are seeing unintentionally blocked images.
+ With the local image proxy enabled, requests for images hosted on the local network are now affected by the ``AllowUntrustedInternalConnections`` setting. See :ref:`documentation ` for more information or if you are seeing unintentionally blocked images.
.. _atmos-camo:
diff --git a/source/deployment-guide/server/server-architecture.rst b/source/deployment-guide/server/server-architecture.rst
index a2a597c45d4..ed5ad48cfef 100644
--- a/source/deployment-guide/server/server-architecture.rst
+++ b/source/deployment-guide/server/server-architecture.rst
@@ -19,7 +19,7 @@ Mattermost is designed to be able to handle a large number of concurrent users,
- Each generalized diagram represents a full High Availability deployment across all critical components. The proxy, database, file storage, and Elasticsearch layers can be replaced by cloud services.
- Each AWS diagram represents a full High Availability deployment on Amazon Web Services making full use of the available services.
- Each Azure diagram represents a full High Availability deployment on Microsoft Azure making full use of the available services.
-- Push proxy can be replaced by the Mattermost :ref:`hosted push notification service `.
+- Push proxy can be replaced by the Mattermost :ref:`hosted push notification service `.
.. tab:: AWS
diff --git a/source/deployment-guide/server/setup-nginx-proxy.rst b/source/deployment-guide/server/setup-nginx-proxy.rst
index 864d2ef1b44..dd60428ea71 100644
--- a/source/deployment-guide/server/setup-nginx-proxy.rst
+++ b/source/deployment-guide/server/setup-nginx-proxy.rst
@@ -225,7 +225,7 @@ You can use any certificate that you want, but these instructions show you how t
.. note::
- If Let’s Encrypt is enabled, forward port 80 through a firewall, with :ref:`Forward80To443 ` ``config.json`` setting set to ``true`` to complete the Let’s Encrypt certification. See the `Let's Encrypt/Certbot documentation `_ for additional assistance.
+ If Let’s Encrypt is enabled, forward port 80 through a firewall, with :ref:`Forward80To443 ` ``config.json`` setting set to ``true`` to complete the Let’s Encrypt certification. See the `Let's Encrypt/Certbot documentation `_ for additional assistance.
1. Log in to the server that hosts NGINX and open a terminal window.
diff --git a/source/deployment-guide/server/setup-tls.rst b/source/deployment-guide/server/setup-tls.rst
index 85c83333bfe..25ae8157817 100644
--- a/source/deployment-guide/server/setup-tls.rst
+++ b/source/deployment-guide/server/setup-tls.rst
@@ -38,7 +38,7 @@ The certificate is retrieved the first time that a client tries to connect to th
.. note::
- - If Let's Encrypt is enabled, forward port 80 through a firewall, with :ref:`Forward80To443 ` ``config.json`` setting set to ``true`` to complete the Let's Encrypt certification.
+ - If Let's Encrypt is enabled, forward port 80 through a firewall, with :ref:`Forward80To443 ` ``config.json`` setting set to ``true`` to complete the Let's Encrypt certification.
- Your Mattermost server must be accessible from the Let's Encrypt CA in order to verify your domain name and issue the certificate. Be sure to open your firewall and configure any reverse proxies to forward traffic to ports 80 and 443. More information can be found `at Let's Encrypt `_.
Use your own certificate
diff --git a/source/deployment-guide/server/trouble_mysql.rst b/source/deployment-guide/server/trouble_mysql.rst
index fd87cf73ff6..161e8ddb575 100644
--- a/source/deployment-guide/server/trouble_mysql.rst
+++ b/source/deployment-guide/server/trouble_mysql.rst
@@ -6,7 +6,7 @@ Before you can run the Mattermost server, you must first install and configure a
.. note::
- Additional database tuning guidance is available for specific Mattermost releases. See the :doc:`important upgrade notes ` documentation for more details.
- - See the :ref:`database configuration settings ` documentation for details on configuration options specific to MySQL databases.
+ - See the :ref:`database configuration settings ` documentation for details on configuration options specific to MySQL databases.
How you install MySQL varies depending upon which Linux distribution you use. However, once MySQL is installed, the configuration instructions are the
same. For all distributions you must create a ``mattermost`` database and a ``mattermost`` database user. Failure to create these database
diff --git a/source/deployment-guide/server/troubleshooting.rst b/source/deployment-guide/server/troubleshooting.rst
index d6f73251066..a0c74cd3128 100644
--- a/source/deployment-guide/server/troubleshooting.rst
+++ b/source/deployment-guide/server/troubleshooting.rst
@@ -45,7 +45,7 @@ The resulting server log file is called ``mattermost.log`` and can be opened wit
If filesystem access is not possible, navigate to **System Console > Reporting > Server Logs** to locate the current system logs which can be copied to a file.
-You can find more on logging settings :ref:`here `.
+You can find more on logging settings :ref:`here `.
Mattermost Desktop App logs
~~~~~~~~~~~~~~~~~~~~~~~~~~~~
diff --git a/source/deployment-guide/software-hardware-requirements.rst b/source/deployment-guide/software-hardware-requirements.rst
index fac67c63e34..b67f4d98d9b 100644
--- a/source/deployment-guide/software-hardware-requirements.rst
+++ b/source/deployment-guide/software-hardware-requirements.rst
@@ -188,7 +188,7 @@ Hardware requirements
Usage of CPU, RAM, and storage space can vary significantly based on user behavior. These hardware recommendations are based on traditional deployments and may grow or shrink depending on how active your users are.
-Moreover, memory requirements can be driven by peak file sharing activity. Recommendation is based on default 50 MB maximum file size, which can be :ref:`adjusted from the System Console `. Changing this number may change memory requirements.
+Moreover, memory requirements can be driven by peak file sharing activity. Recommendation is based on default 50 MB maximum file size, which can be :ref:`adjusted from the System Console `. Changing this number may change memory requirements.
For deployments larger than 2,000 users, it is recommended to use the Mattermost open source load testing framework to simulate usage of your system at full scale: `https://github.com/mattermost/mattermost-load-test-ng `__.
@@ -224,4 +224,4 @@ For Enterprise Edition deployments with a multi-server setup, we highly recommen
- Prometheus to track system health of your Mattermost deployment, through :doc:`performance monitoring feature ` available in Mattermost Enterprise.
- Grafana to visualize the system health metrics collected by Prometheus with the :doc:`performance monitoring feature `. Grafana 5.0.0 and later is recommended.
- Elasticsearch to support highly efficient database searches in a cluster environment. Elasticsearch v7.17+ is supported, and Elasticsearch v8.x or AWS OpenSearch is recommended from Mattermost v9.11. :doc:`Learn more `.
-- MinIO or AWS S3. Mattermost is compatible with object storage systems which implement the S3 API. Other S3-compatible systems may work, but are not officially supported. Learn more about file storage configuration options :ref:`in our documentation `.
+- MinIO or AWS S3. Mattermost is compatible with object storage systems which implement the S3 API. Other S3-compatible systems may work, but are not officially supported. Learn more about file storage configuration options :ref:`in our documentation `.
diff --git a/source/end-user-guide/collaborate/invite-people.rst b/source/end-user-guide/collaborate/invite-people.rst
index 05dd4fff0d3..ab2d548bc17 100644
--- a/source/end-user-guide/collaborate/invite-people.rst
+++ b/source/end-user-guide/collaborate/invite-people.rst
@@ -51,6 +51,6 @@ Anyone can invite people to Mattermost teams and channels, unless your system ad
- Can't share invitation links? Contact your Mattermost system admin for assistance. An :doc:`SSL certificate (or a self-signed certificate) ` may be required for link-based invitations to work.
- An invite link can be used by anyone and doesn’t change unless it’s re-generated by a system admin or team admin via **Team Settings > Access > Invite Code**.
- - Your system admin must :ref:`enable email invitations ` and configure :ref:`email ` for Mattermost to send email-based invitations.
+ - Your system admin must :ref:`enable email invitations ` and configure :ref:`email ` for Mattermost to send email-based invitations.
- Invitation links sent by email expire after 48 hours and can only be used once.
- Your system admin can :ref:`cancel all email invitations ` that haven't yet been accepted within the System Console.
\ No newline at end of file
diff --git a/source/end-user-guide/collaborate/search-for-messages.rst b/source/end-user-guide/collaborate/search-for-messages.rst
index b2c6130e772..692d02584e3 100644
--- a/source/end-user-guide/collaborate/search-for-messages.rst
+++ b/source/end-user-guide/collaborate/search-for-messages.rst
@@ -92,8 +92,8 @@ File contents that match on file name, or contain matching text content within s
System admins can extend file content search support for self-hosted deployments to include:
- :ref:`files shared before upgrading to Mattermost Server v5.35 `.
- - :ref:`DOC and RTF file formats `.
- - :ref:`documents within ZIP files `.
+ - :ref:`DOC and RTF file formats `.
+ - :ref:`documents within ZIP files `.
Filter results by file type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~
diff --git a/source/end-user-guide/collaborate/share-files-in-messages.rst b/source/end-user-guide/collaborate/share-files-in-messages.rst
index 4b46b3d48bb..7aad971f0e1 100644
--- a/source/end-user-guide/collaborate/share-files-in-messages.rst
+++ b/source/end-user-guide/collaborate/share-files-in-messages.rst
@@ -79,7 +79,7 @@ With file attachments, you can share additional information that helps your team
Attachment limits and sizes
---------------------------
-Up to 10 files can be attached per post. The default maximum file size is 100 MB, but this can be changed by the system admin. See our :ref:`Configuration Settings ` product documentation for details.
+Up to 10 files can be attached per post. The default maximum file size is 100 MB, but this can be changed by the system admin. See our :ref:`Configuration Settings ` product documentation for details.
Image files can be a maximum size of 7680 pixels x 4320 pixels, with a maximum image resolution of 33 MP (mega pixels) or 8K resolution, and a maximum raw image file size of approximately 253 MB. System admins can customize the maximum image resolution size within the ``config.json`` file. See our :ref:`Configuration Settings ` product documentation for details.
diff --git a/source/end-user-guide/preferences/manage-advanced-options.rst b/source/end-user-guide/preferences/manage-advanced-options.rst
index 3175db6c7de..b3096f725f9 100644
--- a/source/end-user-guide/preferences/manage-advanced-options.rst
+++ b/source/end-user-guide/preferences/manage-advanced-options.rst
@@ -94,7 +94,7 @@ From Mattermost v10.11, you can permanently delete your account if you access Ma
Performance debugging
---------------------
-You can disable key Mattermost features temporarily to help isolate issues while debugging Mattermost, if your system admin :ref:`enables your ability to do so `. We don't recommend leaving these settings enabled for an extended period of time as they can negatively impact your user experience.
+You can disable key Mattermost features temporarily to help isolate issues while debugging Mattermost, if your system admin :ref:`enables your ability to do so `. We don't recommend leaving these settings enabled for an extended period of time as they can negatively impact your user experience.
.. tab:: Web/Desktop
diff --git a/source/end-user-guide/preferences/troubleshoot-notifications.rst b/source/end-user-guide/preferences/troubleshoot-notifications.rst
index b14ab51f40a..3bb02434c8d 100644
--- a/source/end-user-guide/preferences/troubleshoot-notifications.rst
+++ b/source/end-user-guide/preferences/troubleshoot-notifications.rst
@@ -207,6 +207,6 @@ TPNS, hosted at `https://push-test.mattermost.com `_, which enables you to use a production-level Hosted Push Notification Service (HPNS) at ``https://push.mattermost.com``.
-Learn more about :ref:`our push notification service `.
+Learn more about :ref:`our push notification service `.
`Book a live demo `_ or `talk to a Mattermost expert `_ to explore tailored solutions for your organization's secure collaboration needs. Or try Mattermost yourself with a `1-hour preview `_ for instant access to a live sandbox environment.
\ No newline at end of file
diff --git a/source/integrations-guide/jira.rst b/source/integrations-guide/jira.rst
index 317207d8223..f3469726af2 100644
--- a/source/integrations-guide/jira.rst
+++ b/source/integrations-guide/jira.rst
@@ -225,7 +225,7 @@ Why isn't the Jira integration posting messages to Mattermost?
Try the following troubleshooting steps:
-1. Confirm that your :ref:`Mattermost Site URL ` is configured, and that the webhook created in Jira is pointing to this URL. To ensure the URL is correct, run the ``/jira webhook`` slash command, then copy the output and paste it into Jira's webhook setup page.
+1. Confirm that your :ref:`Mattermost Site URL ` is configured, and that the webhook created in Jira is pointing to this URL. To ensure the URL is correct, run the ``/jira webhook`` slash command, then copy the output and paste it into Jira's webhook setup page.
2. If you specified a JQL query in your Jira webhook setup, paste the JQL to Jira issue search and make sure it returns results. If it doesn't, the query may be incorrect. Refer to the `Atlassian documentation `__ for help. A JQL query isn't required when setting up the webhook.
diff --git a/source/integrations-guide/popular-integrations.rst b/source/integrations-guide/popular-integrations.rst
index 4e910f77bc1..18c96d8c977 100644
--- a/source/integrations-guide/popular-integrations.rst
+++ b/source/integrations-guide/popular-integrations.rst
@@ -12,8 +12,8 @@ Popular Pre-Built Integrations
ServiceNow
Zoom
Mattermost Channel Export
- Mattermost Metrics
- Mattermost User Survey
+ Mattermost Metrics
+ Mattermost User Survey
Mattermost Embedded for M365, Teams, and Outlook
Microsoft Calendar
Microsoft Teams Sync
@@ -27,25 +27,25 @@ Mattermost Integrations
Designed for teams that need reliability, auditability, and ownership of their collaboration stack, the following Mattermost collaboration integrations keep your data all inside your secure Mattermost ecosystem. Reduce tool sprawl, strengthen security, improve compliance posture, all with a seamless user experience.
-+------------------------------------------------------------------------------------------------+-------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------+
-| **Mattermost Integration** | **How to Get It** | **What It Does** |
-+================================================================================================+===================================================================+============================================================================================================+
-| :doc:`Mattermost Agents ` | **System Console > Plugins > Plugin Management** | Runs small automated tasks inside Mattermost, like summarizing converations, or answering questions. |
-+------------------------------------------------------------------------------------------------+-------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------+
-| :doc:`Mattermost Boards ` | `Mattermost Marketplace `_ | Helps teams plan and track project tasks with cards and boards. |
-+------------------------------------------------------------------------------------------------+-------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------+
-| :doc:`Mattermost Calls ` | **System Console > Plugins > Plugin Management** | Lets people collaborate by voice or video inside Mattermost. |
-+------------------------------------------------------------------------------------------------+-------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------+
++----------------------------------------------------------------------------------------------------------------------+-------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------+
+| **Mattermost Integration** | **How to Get It** | **What It Does** |
++======================================================================================================================+===================================================================+============================================================================================================+
+| :doc:`Mattermost Agents ` | **System Console > Plugins > Plugin Management** | Runs small automated tasks inside Mattermost, like summarizing converations, or answering questions. |
++----------------------------------------------------------------------------------------------------------------------+-------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------+
+| :doc:`Mattermost Boards ` | `Mattermost Marketplace `_ | Helps teams plan and track project tasks with cards and boards. |
++----------------------------------------------------------------------------------------------------------------------+-------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------+
+| :doc:`Mattermost Calls ` | **System Console > Plugins > Plugin Management** | Lets people collaborate by voice or video inside Mattermost. |
++----------------------------------------------------------------------------------------------------------------------+-------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------+
| :doc:`Mattermost Channel Export ` | |product-list| > **App Marketplace** | Exports channel history and data for compliance purposes. |
-+------------------------------------------------------------------------------------------------+-------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------+
++----------------------------------------------------------------------------------------------------------------------+-------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------+
| :doc:`Mattermost Legal Hold ` | `Mattermost Marketplace `_ | Keeps a copy of messages and files so they cannot be deleted for legal or compliance needs. |
-+------------------------------------------------------------------------------------------------+-------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------+
-| :doc:`Mattermost Metrics ` | |product-list| > **App Marketplace** | Shows numbers about system performance when people use Mattermost. |
-+------------------------------------------------------------------------------------------------+-------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------+
-| :doc:`Mattermost Playbooks ` | **System Console > Plugins > Plugin Management** | Guides teams through repeatable steps for important work, like incident response. |
-+------------------------------------------------------------------------------------------------+-------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------+
-| :doc:`Mattermost User Survey ` | |product-list| > **App Marketplace** | Collects feedback by asking questions directly in Mattermost channels. |
-+------------------------------------------------------------------------------------------------+-------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------+
++----------------------------------------------------------------------------------------------------------------------+-------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------+
+| :doc:`Mattermost Metrics ` | |product-list| > **App Marketplace** | Shows numbers about system performance when people use Mattermost. |
++----------------------------------------------------------------------------------------------------------------------+-------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------+
+| :doc:`Mattermost Playbooks ` | **System Console > Plugins > Plugin Management** | Guides teams through repeatable steps for important work, like incident response. |
++----------------------------------------------------------------------------------------------------------------------+-------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------+
+| :doc:`Mattermost User Survey ` | |product-list| > **App Marketplace** | Collects feedback by asking questions directly in Mattermost channels. |
++----------------------------------------------------------------------------------------------------------------------+-------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------+
Microsoft Integrations
diff --git a/source/product-overview/certifications-and-compliance.rst b/source/product-overview/certifications-and-compliance.rst
index afe1721615a..745c243d429 100644
--- a/source/product-overview/certifications-and-compliance.rst
+++ b/source/product-overview/certifications-and-compliance.rst
@@ -190,7 +190,7 @@ To be compliant with GDPR, do I need to remove message contents of email notific
Based on our interpretation of GDPR, it is not required to hide message contents in email notifications to remain compliant for the following reasons:
1. Every user has the ability to disable email notifications in **Settings**. Therefore, every user has the ultimate control over whether or not they want information sent via email. This option aligns with most other products, but we will follow updates on interpretations of GDPR closely to see if we need to make changes in this area.
-2. Mattermost offers :ref:`TLS encryption ` to protect communication between the Mattermost server and the SMTP email server.
+2. Mattermost offers :ref:`TLS encryption ` to protect communication between the Mattermost server and the SMTP email server.
3. If you're uncertain whether the first two points cover GDPR compliance, you can :ref:`disable notifications completely ` on your Mattermost server. To use Mattermost in production with no email notifications, you also need to :ref:`disable a "preview mode" notice banner `.
What information is shared when I select **Contact us** on a Mattermost Admin Advisor notification?
diff --git a/source/product-overview/cloud-dedicated.rst b/source/product-overview/cloud-dedicated.rst
index 6830ae7ce7d..cc0ed700ab8 100644
--- a/source/product-overview/cloud-dedicated.rst
+++ b/source/product-overview/cloud-dedicated.rst
@@ -70,7 +70,7 @@ Connections to calls are secured with a combination of:
Cloud native exports
~~~~~~~~~~~~~~~~~~~~
-Mattermost supports optional :ref:`filestore configuration settings ` to direct compliance and bulk export data to a separate S3 bucket from standard files. This separate bucket can be configured to allow for secure access by Mattermost Cloud teams as well as admins who manage a given Mattermost deployment. The exports can also be accessed by generating unique download links as needed.
+Mattermost supports optional :ref:`filestore configuration settings ` to direct compliance and bulk export data to a separate S3 bucket from standard files. This separate bucket can be configured to allow for secure access by Mattermost Cloud teams as well as admins who manage a given Mattermost deployment. The exports can also be accessed by generating unique download links as needed.
The following diagram provides a high-level view of how this functionality works:
diff --git a/source/product-overview/cloud-shared.rst b/source/product-overview/cloud-shared.rst
index db8e4bee9c4..9f524f5b35c 100644
--- a/source/product-overview/cloud-shared.rst
+++ b/source/product-overview/cloud-shared.rst
@@ -70,7 +70,7 @@ Connections to calls are secured with a combination of:
Cloud native exports
~~~~~~~~~~~~~~~~~~~~
-Mattermost supports optional :ref:`filestore configuration settings ` to direct compliance and bulk export data to a separate S3 bucket from standard files. This separate bucket can be configured to allow for secure access by Mattermost Cloud teams as well as deployment admins who manage a given installation. The exports can also be accessed by generating unique download links as needed.
+Mattermost supports optional :ref:`filestore configuration settings ` to direct compliance and bulk export data to a separate S3 bucket from standard files. This separate bucket can be configured to allow for secure access by Mattermost Cloud teams as well as deployment admins who manage a given installation. The exports can also be accessed by generating unique download links as needed.
The following diagram provides a high-level view of how this functionality works:
diff --git a/source/product-overview/corporate-directory-integration.rst b/source/product-overview/corporate-directory-integration.rst
index aee078d285e..a5ed7718f90 100644
--- a/source/product-overview/corporate-directory-integration.rst
+++ b/source/product-overview/corporate-directory-integration.rst
@@ -18,7 +18,7 @@ Security features for authentication
A core set of features is available with all authentication options to help increase security:
-- Ability to :ref:`set session length ` to define how long a user can use Mattermost before needing to re-enter credentials.
+- Ability to :ref:`set session length ` to define how long a user can use Mattermost before needing to re-enter credentials.
- Ability for users to remotely sign out of devices.
- Ability for IT admin to force sign out of a user from devices.
- Ability to set rate limits on authentication API calls to deter password-guessing attacks.
diff --git a/source/product-overview/unsupported-legacy-releases.md b/source/product-overview/unsupported-legacy-releases.md
index 4a4db02178a..ebb7db596d2 100644
--- a/source/product-overview/unsupported-legacy-releases.md
+++ b/source/product-overview/unsupported-legacy-releases.md
@@ -14233,7 +14233,7 @@ Release date: 2016-04-16
#### TPNS and EAS options
-- [Enterprise App Store](https://docs.mattermost.com/administration-guide/configuration-reference/environment-configuration-settings.html#push-notification-server-location) (EAS) and [Test Push Notification Service](https://docs.mattermost.com/administration-guide/configuration-reference/environment-configuration-settings.html#test-push-notifications-service-tpns) (TPNS) option are now included in **System Console** > **Email Settings** > **Push Notification Settings** as built-in options.
+- [Enterprise App Store](https://docs.mattermost.com/administration-guide/getting-started/environment-configuration-settings.html#push-notification-server-location) (EAS) and [Test Push Notification Service](https://docs.mattermost.com/administration-guide/getting-started/environment-configuration-settings.html#test-push-notifications-service-tpns) (TPNS) option are now included in **System Console** > **Email Settings** > **Push Notification Settings** as built-in options.
### Languages
diff --git a/source/redirects.py b/source/redirects.py
index 59a54b5fbaf..1541c178f60 100644
--- a/source/redirects.py
+++ b/source/redirects.py
@@ -402,7 +402,7 @@
"administration-guide/scale/redis.html":
"https://docs.mattermost.com/administration-guide/operations-scaling/redis.html",
"administration-guide/scale/elasticsearch-setup.html":
- "https://docs.mattermost.com/administration-guide/operations-scaling/elasticsearch-setup.html",
+ "https://docs.mattermost.com/administration-guide/platform-features/elasticsearch-setup.html",
"administration-guide/scale/opensearch-setup.html":
"https://docs.mattermost.com/administration-guide/operations-scaling/opensearch-setup.html",
"administration-guide/scale/ensuring-releases-perform-at-scale.html":
diff --git a/source/security-guide/cmmc-compliance.rst b/source/security-guide/cmmc-compliance.rst
index ec98a69f664..641ca25dc22 100644
--- a/source/security-guide/cmmc-compliance.rst
+++ b/source/security-guide/cmmc-compliance.rst
@@ -19,7 +19,7 @@ Mattermost supports robust identity and access management to ensure that only au
:doc:`Group-Based Access Management `: Mattermost :doc:`AD/LDAP Group Sync ` automates user provisioning and de-provisioning. Users can be added or removed from Mattermost teams/channels based on their directory group membership. This ensures timely removal of access when personnel change roles or leave (addressing account management aspects of AC 3.1.1) and helps enforce separation of duties (AC 3.1.4) by aligning channel access with organizational roles.
-:ref:`Session Management and Timeout `: Mattermost administrators can define session security settings, including session idle timeouts and session lifetime. Sessions can be automatically invalidated after a period of inactivity or on demand. By limiting session duration and requiring re-authentication, Mattermost reduces the risk of unauthorized access via unattended sessions (helps address AC 3.1.6 for session lock and IA 3.5.2 for session control). Failed login attempt thresholds can also be set (e.g. lock out after X failed attempts) to mitigate brute-force attacks, aligning with AC 3.1.8.
+:ref:`Session Management and Timeout `: Mattermost administrators can define session security settings, including session idle timeouts and session lifetime. Sessions can be automatically invalidated after a period of inactivity or on demand. By limiting session duration and requiring re-authentication, Mattermost reduces the risk of unauthorized access via unattended sessions (helps address AC 3.1.6 for session lock and IA 3.5.2 for session control). Failed login attempt thresholds can also be set (e.g. lock out after X failed attempts) to mitigate brute-force attacks, aligning with AC 3.1.8.
**User Agreement and Access Approval**: Mattermost Enterprise supports a :doc:`Custom Terms of Service ` banner that users must accept upon first login. This can be used to remind users of acceptable use policies or consent to monitoring, indirectly supporting training/awareness requirements and ensuring users acknowledge security terms before accessing CUI.
@@ -75,7 +75,7 @@ CMMC Level 2 includes controls to safeguard information during storage and trans
:doc:`Encryption in Transit `: All Mattermost client-server communication can be :doc:`encrypted ` using TLS (Transport Layer Security). When configured with HTTPS, Mattermost encrypts data in transit between the server and clients (web, desktop, mobile), preventing eavesdropping on CUI being discussed or transferred. This meets the requirement to protect CUI on networks by encrypting it during transmission (SC 3.13.8). Mattermost supports modern TLS protocols and ciphers; administrators should configure TLS per DoD guidelines (e.g. FIPS 140-2 validated cryptographic modules where applicable) to fully satisfy this control.
-:ref:`Encryption at Rest `: Mattermost supports encryption of data at rest through enterprise database and storage configurations. The application can be deployed on encrypted file systems or use encrypted storage backends. For instance, if using Amazon S3 for file storage, Mattermost Enterprise can enable :ref:`server-side encryption with S3-managed keys `. If using a self-hosted database, administrators can enable disk encryption or TDE on the database server. By encrypting the Mattermost database and storage drives, organizations add a layer of protection for CUI stored in chat messages and files, helping to meet SC 3.13.16 (protect confidentiality of CUI at rest) and MP 3.8.3 (media sanitization if disks are disposed). Mattermost documentation encourages regular key rotation and secure key management for encryption at rest.
+:ref:`Encryption at Rest `: Mattermost supports encryption of data at rest through enterprise database and storage configurations. The application can be deployed on encrypted file systems or use encrypted storage backends. For instance, if using Amazon S3 for file storage, Mattermost Enterprise can enable :ref:`server-side encryption with S3-managed keys `. If using a self-hosted database, administrators can enable disk encryption or TDE on the database server. By encrypting the Mattermost database and storage drives, organizations add a layer of protection for CUI stored in chat messages and files, helping to meet SC 3.13.16 (protect confidentiality of CUI at rest) and MP 3.8.3 (media sanitization if disks are disposed). Mattermost documentation encourages regular key rotation and secure key management for encryption at rest.
**Network Access Control and Segmentation**: Mattermost can be deployed in a manner that controls network access to the system. In self-hosted deployments, organizations often place Mattermost servers in a secure enclave or DMZ with firewalls controlling ingress/egress. For cloud deployments, Mattermost Cloud offers :doc:`IP allowlisting ` (Enterprise plan) to restrict access to known IP ranges. These configurations address SC 3.13.1 and SC 3.13.2 by allowing Mattermost to reside within a protected network segment and ensuring only trusted networks or VPN users can reach it. Additionally, within Mattermost, data is segmented by :doc:`Teams ` and :doc:`Channels ` – you can create separate teams for different projects or clearance levels, and mark channels as private to restrict membership. This “micro-segmentation” of conversations ensures that sensitive discussions (e.g. about a specific CUI program) are isolated to authorized individuals, reducing inadvertent information exposure.
diff --git a/source/security-guide/mobile-security.rst b/source/security-guide/mobile-security.rst
index 3413b66607f..ad5945d3a8e 100644
--- a/source/security-guide/mobile-security.rst
+++ b/source/security-guide/mobile-security.rst
@@ -37,7 +37,7 @@ Biometric authentication
Native biometric authentication ensures only the authorized device owner can access the Mattermost application. By utilizing hardware-level security, biometrics significantly enhance data protection, especially in cases of lost or stolen devices. This advanced security measure is far more robust and user-friendly compared to traditional passwords, adding a resilient layer of protection against unauthorized access.
-Administrators can mandate biometric authentication each time users attempt to open the Mattermost application, further safeguarding customer data and mitigating risks. Learn more about Mattermost :ref:`mobile biometric authentication `, and the :ref:`user workflows in which users must authenticate `, when biometric authentication is enabled.
+Administrators can mandate biometric authentication each time users attempt to open the Mattermost application, further safeguarding customer data and mitigating risks. Learn more about Mattermost :ref:`mobile biometric authentication `, and the :ref:`user workflows in which users must authenticate `, when biometric authentication is enabled.
Screenshot and screen recording prevention
-------------------------------------------
@@ -54,7 +54,7 @@ Learn more about how Mattermost leverages robust sandboxing mechanisms on both i
Push notification message visibility
------------------------------------
-Push notifications are a convenient way to stay updated, but they can also pose security risks if sensitive information is displayed. Mattermost provides options to :ref:`control the visibility of message content in push notifications `, ensuring that sensitive information is not inadvertently exposed through locked mobile screens and via relay servers from Apple and Google when sending notifications to iOS or Android mobile apps.
+Push notifications are a convenient way to stay updated, but they can also pose security risks if sensitive information is displayed. Mattermost provides options to :ref:`control the visibility of message content in push notifications `, ensuring that sensitive information is not inadvertently exposed through locked mobile screens and via relay servers from Apple and Google when sending notifications to iOS or Android mobile apps.
Disable downloads
-----------------
diff --git a/source/security-guide/secure-mattermost.rst b/source/security-guide/secure-mattermost.rst
index 17fd232eb4b..089421a3867 100644
--- a/source/security-guide/secure-mattermost.rst
+++ b/source/security-guide/secure-mattermost.rst
@@ -11,9 +11,9 @@ Mattermost ships with several security features that can help organizations safe
Encryption options
Transport encryption
Multi-factor authentication
- Delegated granular administration
+ Delegated granular administration
Custom terms of service
- User and group provisioning via AD/LDAP
+ User and group provisioning via AD/LDAP
SAML-based SSO
SAML SSO techical documentation
Certificate-based authentication
@@ -21,12 +21,12 @@ Mattermost ships with several security features that can help organizations safe
* :doc:`Encryption options ` - Setup encryption for data in transit and at rest.
* :doc:`Transport encryption ` - Secure data in transit between Mattermost and other services.
* :doc:`Multi-factor authentication ` - Require users to provide a secure one-time code in addition to their username and password to log in to Mattermost.
-* :ref:`ID-only push notifications ` - Enable fully private mobile notifications to protect against iOS and Android notification infrastructure breaches.
+* :ref:`ID-only push notifications ` - Enable fully private mobile notifications to protect against iOS and Android notification infrastructure breaches.
* :doc:`Enterprise mobility management ` - Secure mobile endpoints with management application configuration.
-* :doc:`Delegated granular administration ` - Grant user access to specific areas of the Mattermost System Console.
+* :doc:`Delegated granular administration ` - Grant user access to specific areas of the Mattermost System Console.
* :doc:`Custom terms of service ` - Increase clarity on legal Mattermost expectations for internal employees and guests.
-* :ref:`Manage session length ` - Control how long user sessions remain active.
-* :doc:`User and group provisioning via AD/LDAP ` - Provision and synchronize users and groups to pre-defined roles.
+* :ref:`Manage session length ` - Control how long user sessions remain active.
+* :doc:`User and group provisioning via AD/LDAP ` - Provision and synchronize users and groups to pre-defined roles.
* :doc:`SAML-based single sign-on (SSO) ` - Enable login using a single user ID and password managed through a SAML 2.0 Service Provider.
* :doc:`SAML SSO technical documentation ` - Technical details on SAML SSO.
* :doc:`Certificate-based authentication ` - Identify a user or a device before granting access to Mattermost.
diff --git a/source/security-guide/security-guide-index.rst b/source/security-guide/security-guide-index.rst
index e7b00af602b..c62cc7923d1 100644
--- a/source/security-guide/security-guide-index.rst
+++ b/source/security-guide/security-guide-index.rst
@@ -27,7 +27,7 @@ Data-at-Rest Encryption
Encryption-at-rest ensures that messages, files, and other data stored in the Mattermost database and file storage are protected from unauthorized access by safeguarding data on physical storage media (e.g., disks) by encrypting it, making it inaccessible without the appropriate encryption keys. Learn more about Mattermost :ref:`data-at-rest encryption `.
-Encryption-at-rest also available for files stored in Amazon's proprietary S3 system using server-side encryption with :ref:`Amazon S3-managed keys ` (Mattermost Enterprise) when users choose not to use open source options.
+Encryption-at-rest also available for files stored in Amazon's proprietary S3 system using server-side encryption with :ref:`Amazon S3-managed keys ` (Mattermost Enterprise) when users choose not to use open source options.
We strongly recommend regularly rotating and securely storing encryption keys using tools, enabling logging and monitoring for access to encrypted data, and ensuring that backup data is encrypted.
@@ -57,12 +57,12 @@ System administrators can configure user password settings to help safeguard the
Session Management
~~~~~~~~~~~~~~~~~~
-System administrators can configure session management settings, including session length, session cache, and idle timeout to ensure user sessions are managed effectively and securely. Session fixation attacks are mitigated as Mattermost sets a new session cookie with each login. Learn more about :ref:`session management configuration settings `.
+System administrators can configure session management settings, including session length, session cache, and idle timeout to ensure user sessions are managed effectively and securely. Session fixation attacks are mitigated as Mattermost sets a new session cookie with each login. Learn more about :ref:`session management configuration settings `.
Protection Against Brute Force Attacks
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-System administrators can :doc:`rate limit Mattermost APIs ` based on query frequency, memory store size, remote address, and headers.
+System administrators can :doc:`rate limit Mattermost APIs ` based on query frequency, memory store size, remote address, and headers.
Remote Session Revocation & Password Reset
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
@@ -70,7 +70,7 @@ Remote Session Revocation & Password Reset
System administrators can remotely :doc:`revoke user sessions ` across web, mobile devices, and desktop apps.
User passwords can be remotely :ref:`reset ` to enhance security.
-Admins can also enforce re-login after a specified period of time by defining :ref:`session lengths ` and by :ref:`revoking user sessions ` to force users to log back into the system immediately.
+Admins can also enforce re-login after a specified period of time by defining :ref:`session lengths ` and by :ref:`revoking user sessions ` to force users to log back into the system immediately.
Role-Based Access Control (ABAC)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
@@ -205,7 +205,7 @@ When using username-password authentication, especially with AD/LDAP, there's th
We believe this design increases productivity, speeds up user adoption, and reduces help desk tickets and support costs - and that these benefits outweigh the trade-offs.
-The trade-off with this design is that if physical security is not in effect, network security is not in effect (i.e., no VPN or a malicious user within the private network), and username-password authentication is used, an attacker may be able to enumerate email addresses or usernames by sending HTTP requests to the system, up to the maximum number of requests per second defined in Mattermost's :doc:`API rate limiting settings `.
+The trade-off with this design is that if physical security is not in effect, network security is not in effect (i.e., no VPN or a malicious user within the private network), and username-password authentication is used, an attacker may be able to enumerate email addresses or usernames by sending HTTP requests to the system, up to the maximum number of requests per second defined in Mattermost's :doc:`API rate limiting settings `.
For organizations who choose to deploy in such a configuration, please consider the following mitigations:
diff --git a/source/security-guide/zero-trust.rst b/source/security-guide/zero-trust.rst
index 579319b7c11..c4364962cd4 100644
--- a/source/security-guide/zero-trust.rst
+++ b/source/security-guide/zero-trust.rst
@@ -19,7 +19,7 @@ By using one of the secure identity mechanisms listed below and enforcing least-
- `SAML `_: Enables seamless Single Sign-On, ensuring centralized authentication to continuously enforce user verification.
- `LDAP `_: Facilitates integration with enterprise directories to tightly control user access, adhering to granular identity verification.
- `OpenID Connect `_: Provides secure, standards-based user authentication to verify identities and enforce secure access.
-- `Session Management `_: Strengthens continuous authentication by controlling session lengths and automatically revoking sessions based on inactivity or policy violations, ensuring constant identity verification. By limiting session lifetimes and enforcing strict session policies, Mattermost mitigates the risk of stolen session tokens or extended unauthorized access.
+- `Session Management `_: Strengthens continuous authentication by controlling session lengths and automatically revoking sessions based on inactivity or policy violations, ensuring constant identity verification. By limiting session lifetimes and enforcing strict session policies, Mattermost mitigates the risk of stolen session tokens or extended unauthorized access.
Authorized users can seamlessly be added and removed from channels utilizing the native AD/LDAP integration based on group memberships:
diff --git a/source/use-case-guide/maximize-microsoft-investments.rst b/source/use-case-guide/maximize-microsoft-investments.rst
index 15f4bd8a0f5..12bdebff887 100644
--- a/source/use-case-guide/maximize-microsoft-investments.rst
+++ b/source/use-case-guide/maximize-microsoft-investments.rst
@@ -46,7 +46,7 @@ During high-stakes incidents, Microsoft 365 tools can be limited or unavailable,
- **Maintain operational continuity during M365 outages** with a dedicated, out-of-band Mattermost instance for secure incident response, communication, and collaboration. See :doc:`Mattermost Mission Collaboration for Microsoft `
- **Accelerate responses** with :doc:`AI-powered workflows `, enabling structured playbooks for triage, escalation, and resolution even when primary systems are compromised.
- **Integrate with Microsoft Security Suite** and :doc:`Entra ID ` to preserve centralized identity management while keeping sensitive data in a secure secondary system. :doc:`Learn more ` about Mattermost's integration capabilities.
-- **Protect breach-sensitive notifications** using :ref:`ID-only push alerts ` and enhanced mobile security, enabling secure communication without cloud exposure.
+- **Protect breach-sensitive notifications** using :ref:`ID-only push alerts ` and enhanced mobile security, enabling secure communication without cloud exposure.
Enterprise to Tactical Edge
----------------------------
@@ -60,7 +60,7 @@ Operational teams need to extend Microsoft capabilities to mission environments
- **Enable mission-critical coordination at the edge** by :ref:`deploying Mattermost in secure, on-prem or air-gapped environments ` :doc:`integrated with Microsoft Teams and Outlook `.
- **Fuse data and decision-making across platforms** with support for :doc:`toolchain integration `, :doc:`audio/screen share `, and :doc:`workflow automation ` embedded into a dedicated Mission Operations Platform.
-- **Maintain coalition and partner alignment** through :doc:`interoperable Connected Workspaces ` supporting collaboration across mission partner networks.
+- **Maintain coalition and partner alignment** through :doc:`interoperable Connected Workspaces ` supporting collaboration across mission partner networks.
- **Accelerate action with mission-tuned AI** using secure Azure AI and :doc:`Mattermost Copilot ` to summarize context, guide decisions, and automate operational tasks.
- **Secure every communication path** with built-in :doc:`Zero Trust controls ` and deploy on Azure or sovereign environments for maximum flexibility and compliance.
@@ -75,7 +75,7 @@ Managing external collaboration within Microsoft Teams can be complex, often req
**Benefits**
- **Integrate Mattermost with Microsoft Teams and Outlook** to enable secure external collaboration with encryption, audit trails, and role-based permissions—without compromising compliance. (See :doc:`Mattermost for M365, Teams, and Outlook `).
-- **Eliminate shadow IT** by providing :doc:`Connected Workspaces ` for sanctioned, policy-enforced engagement with external partners—reducing reliance on consumer-grade tools.
+- **Eliminate shadow IT** by providing :doc:`Connected Workspaces ` for sanctioned, policy-enforced engagement with external partners—reducing reliance on consumer-grade tools.
- **Apply granular policy enforcement for external users**, including :ref:`granular user permissions `, :doc:`legal hold `, :doc:`retention policies `, and :doc:`custom Terms of Service `.
- **Synchronize user identity** using :doc:`Entra ID ` to maintain scalable, centralized access control across both internal and external collaborators.
@@ -87,7 +87,7 @@ Multi-agency, multi-tenant Microsoft 365 environments often hinder seamless coll
**Benefits**
- **Centralize communication across M365 instances** using Mattermost as a neutral, embedded hub for messaging, file sharing, and playbook coordination (See :doc:`Mattermost for M365, Teams, and Outlook `).
-- **Bridge segmented Teams deployments** with :doc:`Connected Workspaces ` and Microsoft presence integration to ensure continuity without duplicative configuration.
+- **Bridge segmented Teams deployments** with :doc:`Connected Workspaces ` and Microsoft presence integration to ensure continuity without duplicative configuration.
- **Deploy flexibly across hybrid, private, or air-gapped environments** such as :doc:`Mattermost for M365, Teams, and Outlook ` to ensure operational consistency no matter the deployment complexity.
- **Secure external communications and maintain control** with segmentation, data governance, and compliance automation across Teams ecosystems.
diff --git a/source/use-case-guide/mission-ready-mobile.rst b/source/use-case-guide/mission-ready-mobile.rst
index fef11fe3ecb..e5ce1237bd2 100644
--- a/source/use-case-guide/mission-ready-mobile.rst
+++ b/source/use-case-guide/mission-ready-mobile.rst
@@ -20,7 +20,7 @@ Mission teams require trusted mobile access to secure collaboration, ensuring op
**Benefits**
- **Deploy securely with enterprise mobility management (EMM)** using :ref:`AppConfig integrations ` to manage application policies, access controls, and encrypted communication channels.
-- **Maintain control over mission-critical data**: Enable safe delivery of notifications via :ref:`ID-only push notifications ` that prevent exposure of sensitive content to third-party systems like Apple or Google.
+- **Maintain control over mission-critical data**: Enable safe delivery of notifications via :ref:`ID-only push notifications ` that prevent exposure of sensitive content to third-party systems like Apple or Google.
- **Mitigate data compromise risk in personnel transitions**: Protect data with :doc:`remote wipe and deactivation ` capabilities in the event of device loss, theft, or personnel separation.
- **Enforce strong identity assurance** through :ref:`native biometric authentication ` and :doc:`multi-factor authentication (MFA) ` tied to :doc:`SSO ` or :doc:`AD/LDAP ` provisioning .
- **Comply with classified mobility mandates** by using :ref:`secure data storage `, :ref:`sandboxing `, and FIPS 140-3-validated TLS in transit* to meet defense-grade standards.
@@ -35,8 +35,8 @@ When personal devices are the only available channel—whether in partner nation
- **Enable trusted communications on BYOD** using lightweight AppConfig policies with :doc:`EMM optionality ` that avoids intrusive control while ensuring essential security baselines.
- **Prevent unauthorized data sharing**: Mitigate leakage with :ref:`screenshot and screen recording prevention ` and :ref:`jailbreak/root detection ` that block high-risk mobile behaviors.
- **Secure access without cloud dependency** via :ref:`self-hosted deployments ` or :doc:`air-gapped infrastructures ` that prevent sensitive data from touching public networks.
-- **Deliver rapid alerts with low bandwidth impact** using :ref:`ID-only push notifications `, ideal for DDIL (disconnected, intermittent, low-bandwidth) conditions.
-- **Support interagency or coalition workflows** in mission-partner environments through :doc:`Connected Workspaces ` with :doc:`role-based ` and :doc:`attribute-based access controls (ABAC) `.
+- **Deliver rapid alerts with low bandwidth impact** using :ref:`ID-only push notifications `, ideal for DDIL (disconnected, intermittent, low-bandwidth) conditions.
+- **Support interagency or coalition workflows** in mission-partner environments through :doc:`Connected Workspaces ` with :doc:`role-based ` and :doc:`attribute-based access controls (ABAC) `.
Built for Field-Forward Security
---------------------------------
diff --git a/source/use-case-guide/purpose-built-collaboration.rst b/source/use-case-guide/purpose-built-collaboration.rst
index c0b6b608c71..549d68b99b8 100644
--- a/source/use-case-guide/purpose-built-collaboration.rst
+++ b/source/use-case-guide/purpose-built-collaboration.rst
@@ -32,7 +32,7 @@ Mattermost enables secure collaboration across OT environments and field operati
**Benefits**
- **Enable compliant, real-time OT communications** across operational zones and facilities using :ref:`secure, on-prem collaboration ` that keeps data within your control perimeter.
-- **Support field teams with hardened mobile access** using :doc:`EMM-based app provisioning `, :ref:`biometric authentication `, :ref:`jailbreak detection `, and :ref:`ID-only push notifications `—ensuring that only authorized, uncompromised devices can access operational data.
+- **Support field teams with hardened mobile access** using :doc:`EMM-based app provisioning `, :ref:`biometric authentication `, :ref:`jailbreak detection `, and :ref:`ID-only push notifications `—ensuring that only authorized, uncompromised devices can access operational data.
- **Integrate with industrial monitoring systems** like SCADA, PI historians, and plant analytics using :doc:`alert-driven webhook and plugin integrations ` that push system events to relevant mobile or desktop channels.
- **Ensure system and network isolation** with :doc:`air-gapped deployment support ` that allows full collaboration within OT enclaves and disconnected environments.
- **Prevent mobile data leakage** via :ref:`remote wipe capabilities ` and :ref:`screenshot/screen recording prevention ` for mobile devices used in the field.
diff --git a/source/use-case-guide/secure-command-and-control.rst b/source/use-case-guide/secure-command-and-control.rst
index 2009e527a11..4730429e0e4 100644
--- a/source/use-case-guide/secure-command-and-control.rst
+++ b/source/use-case-guide/secure-command-and-control.rst
@@ -34,11 +34,11 @@ Disconnected environments demand resilient tools that work without cloud access,
**Benefits**
- **Operate in air-gapped and disconnected networks** using :doc:`self-hosted Kubernetes deployments ` and STIG-hardened container images for secure offline operations.
-- **Ensure secure mobile access on managed or BYOD devices** with :doc:`mobile security features `, Zero Trust enforcement, and :ref:`ID-only push notifications ` for sensitive alerts.
+- **Ensure secure mobile access on managed or BYOD devices** with :doc:`mobile security features `, Zero Trust enforcement, and :ref:`ID-only push notifications ` for sensitive alerts.
- **Integrate with legacy and mission-specific systems** to maintain decision advantage in disconnected environments through :doc:`custom-built, self-hosted integrations ` tailored to your operational infrastructure.
- **Maintain command resilience** using :doc:`high availability cluster-based deployment ` and :doc:`horizontal scalability ` to support operational continuity at scale.
- **Automate field workflows** with :doc:`Collaborative Playbooks ` that track tasks, manage field updates, and orchestrate responses under DDIL constraints.
-- **Enable secure real-time collaboration with headquarters** using :doc:`Connected Workspaces ` to synchronize discussions, files, and reactions if connectivity is restored.
+- **Enable secure real-time collaboration with headquarters** using :doc:`Connected Workspaces ` to synchronize discussions, files, and reactions if connectivity is restored.
Bring Your Own Device (BYOD) with Sensitive Information Protections
--------------------------------------------------------------------
@@ -51,7 +51,7 @@ Mattermost provides enterprise-grade mobile protections to enable secure BYOD ac
- **Mitigate unauthorized access** with :ref:`biometric authentication ` and :ref:`jailbreak/root detection `, ensuring only secure and uncompromised devices can access mission data.
- **Control information sharing** with :ref:`screenshot and screen recording prevention `, blocking unauthorized capture of sensitive content during classified or time-sensitive discussions.
-- **Protect data at rest and in motion** using encrypted mobile storage, :ref:`secure sandboxing `, and :ref:`ID-only push notifications ` that never expose message content to third-party cloud services.
+- **Protect data at rest and in motion** using encrypted mobile storage, :ref:`secure sandboxing `, and :ref:`ID-only push notifications ` that never expose message content to third-party cloud services.
- **Segment mission access by role or project** with :ref:`attribute-based access controls (ABAC) ` and scoped channel access, ensuring users only see data aligned with their permissions and operational role.
- **Ensure continuous mobile compliance** with secure SDLC practices and proactive vulnerability management baked into the Mattermost mobile application lifecycle.
@@ -66,7 +66,7 @@ Coordinating across departments, agencies, and external stakeholders—especiall
- **Unify mission stakeholders on a common-use platform** that supports :ref:`hybrid deployments ` across private cloud, edge environments, and :doc:`air-gapped infrastructure `.
- **Maintain data sovereignty and mission alignment** with deployments that avoid consumer infrastructure and retain control over all communications and file transfers—even in classified operations.
- **Apply role-based separation of access** through :doc:`advanced permissions ` and :ref:`channel-level controls ` to protect mission integrity across organizational boundaries.
-- **Enable secure real-time collaboration across entities** using :doc:`Connected Workspaces ` to synchronize discussions, files, and reactions between teams without compromising internal governance.
+- **Enable secure real-time collaboration across entities** using :doc:`Connected Workspaces ` to synchronize discussions, files, and reactions between teams without compromising internal governance.
- **Reduce personal device risk** by offering secure enterprise communication options that eliminate the need for unauthorized messaging apps.
Get Started