this was awful; redirect nightmare

akristen · akristen · commit aceebb0d0842 · 2026-04-01T10:59:37.000-05:00
diff --git a/content/guides/admin-user-management/onboard.md b/content/guides/admin-user-management/onboard.md
@@ -67,4 +67,4 @@ It also:
 - Ensures consistent access control policies.
 - Help you scale permissions as teams grow or change.
 
-For more information on how it works, see [Group mapping](/provisioning/scim/group-mapping).
+For more information on how it works, see [Group mapping](/enterprise/security/provisioning/scim/group-mapping).
diff --git a/content/manuals/enterprise/security/provisioning/_index.md b/content/manuals/enterprise/security/provisioning/_index.md
@@ -18,7 +18,7 @@ grid:
   - title: "Group mapping"
     description: "Configure role-based access control using IdP groups. Perfect for strict access control requirements."
     icon: "group"
-    link: "group-mapping/"
+    link: "scim/group-mapping/"
 ---
 
 {{< summary-bar feature_name="SSO" >}}
diff --git a/content/manuals/enterprise/security/provisioning/just-in-time.md b/content/manuals/enterprise/security/provisioning/just-in-time.md
@@ -84,6 +84,6 @@ Users are provisioned with JIT by default. If you enable SCIM, you can disable J
 
 ## Next steps
 
-- Configure [SCIM provisioning](/manuals/enterprise/security/provisioning/scim.md) for advanced user management.
-- Set up [group mapping](/manuals/enterprise/security/provisioning/scim/group-mapping.md) to automatically assign users to teams.
+- Configure [SCIM provisioning](/enterprise/security/provisioning/scim/) for advanced user management.
+- Set up [group mapping](/enterprise/security/provisioning/scim/group-mapping) to automatically assign users to teams.
 - Review [Troubleshoot provisioning](/manuals/enterprise/troubleshoot/troubleshoot-provisioning.md).
diff --git a/content/manuals/enterprise/security/provisioning/scim/group-mapping.md b/content/manuals/enterprise/security/provisioning/scim/group-mapping.md
@@ -19,7 +19,7 @@ This page explains how group mapping works, and how to set up group mapping.
 
 > [!TIP]
 >
-> Group mapping is ideal for adding users to multiple organizations or multiple teams within one organization. If you don't need to set up multi-organization or multi-team assignment, SCIM [user-level attributes](scim.md#set-up-role-mapping) may be a better fit for your needs.
+> Group mapping is ideal for adding users to multiple organizations or multiple teams within one organization. If you don't need to set up multi-organization or multi-team assignment, SCIM [user-level attributes](provision-scim.md#set-up-role-mapping) may be a better fit for your needs.
 
 ## Prerequisites
 
@@ -125,7 +125,7 @@ The next time you sync your groups with Docker, your users will map to the Docke
 
 ## Configure group mapping with SCIM
 
-Use group mapping with SCIM for more advanced user lifecycle management. Before you begin, make sure you [set up SCIM](./scim.md#enable-scim) first.
+Use group mapping with SCIM for more advanced user lifecycle management. Before you begin, make sure you [set up SCIM](./provision-scim.md#enable-scim) first.
 
 {{< tabs >}}
 {{< tab name="Okta" >}}
@@ -190,4 +190,4 @@ Once complete, a user who signs in to Docker through SSO is automatically added
 
 > [!TIP]
 >
-> [Enable SCIM](scim.md) to take advantage of automatic user provisioning and de-provisioning. If you don't enable SCIM users are only automatically provisioned. You have to de-provision them manually.
+> [Enable SCIM](provision-scim.md) to take advantage of automatic user provisioning and de-provisioning. If you don't enable SCIM users are only automatically provisioned. You have to de-provision them manually.
diff --git a/content/manuals/enterprise/security/provisioning/scim/provision-scim.md b/content/manuals/enterprise/security/provisioning/scim/provision-scim.md
@@ -150,7 +150,7 @@ Next, [set up role mapping](#set-up-role-mapping).
 
 ## Set up role mapping
 
-You can assign [Docker roles](../roles-and-permissions.md) to
+You can assign [Docker roles](/enterprise/security/roles-and-permissions/) to
 users by adding optional SCIM attributes in your IdP. These attributes override
 default role and team values set in your SSO configuration.
 
@@ -164,7 +164,7 @@ The following table lists the supported optional user-level attributes:
 
 | Attribute    | Possible values                          | Notes                                                                                                                                                                                                                                                            |
 | ------------ | ---------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
-| `dockerRole` | `member`, `editor`, or `owner`           | If not set, the user defaults to the `member` role. Setting this attribute overrides the default.<br><br>For role definitions, see [Roles and permissions](../roles-and-permissions.md).                                                                         |
+| `dockerRole` | `member`, `editor`, or `owner`           | If not set, the user defaults to the `member` role. Setting this attribute overrides the default.<br><br>For role definitions, see [Roles and permissions](/enterprise/security/roles-and-permissions/).                                                                         |
 | `dockerOrg`  | Docker `organizationName` (e.g., `moby`) | Overrides the default organization configured in your SSO connection.<br><br>If unset, the user is provisioned to the default organization. If `dockerOrg` and `dockerTeam` are both set, the user is provisioned to the team within the specified organization. |
 | `dockerTeam` | Docker `teamName` (e.g., `developers`)   | Provisions the user to the specified team in the default or specified organization. If the team doesn't exist, it is automatically created.<br><br>You can still use [group mapping](group-mapping.md) to assign users to multiple teams across organizations.   |
 
@@ -176,7 +176,7 @@ This value is required in your identity provider when creating custom SCIM attri
 
 ### Step one: Set up role mapping in Okta
 
-1. Setup [SSO](../single-sign-on/connect.md) and SCIM first.
+1. Setup [SSO](/enterprise/security/single-sign-on/connect) and SCIM first.
 1. In the Okta admin portal, go to **Directory**, select **Profile Editor**,
    and then **User (Default)**.
 1. Select **Add Attribute** and configure the values for the role, organization,
@@ -368,5 +368,5 @@ To disable SCIM:
 
 ## Next steps
 
-- Set up [Group mapping](/manuals/enterprise/security/provisioning/scim/group-mapping.md).
-- [Troubleshoot provisioning](/manuals/enterprise/troubleshoot/troubleshoot-provisioning.md).
+- Set up [Group mapping](/enterprise/security/provisioning/scim/group-mapping/).
+- [Troubleshoot provisioning](/enterprise/troubleshoot/troubleshoot-provisioning/).
