From 508683f08cbdc82ff25d6252f390be9c26eabcef Mon Sep 17 00:00:00 2001
From: Paolo Matarazzo <74918781+paolomatarazzo@users.noreply.github.com>
Date: Fri, 16 Sep 2022 17:24:01 -0400
Subject: [PATCH] updates

---
 education/windows/federated-sign-in.md | 20 ++++++++++++++------
 1 file changed, 14 insertions(+), 6 deletions(-)

diff --git a/education/windows/federated-sign-in.md b/education/windows/federated-sign-in.md
index 2a0b87280d..3cc2845c35 100644
--- a/education/windows/federated-sign-in.md
+++ b/education/windows/federated-sign-in.md
@@ -54,14 +54,10 @@ To configure federated sign-in using Microsoft Intune, [create a custom profile]
 | <li> OMA-URI: **`./Vendor/MSFT/Policy/Config/Authentication/ConfigureWebCamAccessDomainNames`** </li><li>Data type: **String** </li><li>Value: This setting is optional, and it should be configured if you need to use the webcam during the sign-in process. Specify the list of domains that re llowed to use the webcam during the sign-in process, separated by a semicolon. For example: **`clever.com`**</li>|
 | <li> OMA-URI: **`./Vendor/MSFT/SharedPC/EnableSharedPCMode`** </li><li>Data type: **Boolean** </li><li>Value: **False**</li>|
 
-:::image type="content" source="images/federated-authentication-settings-intune.png" alt-text="Custom policy showing the settings to be configured to enable federated sign-in" lightbox="images/edu-federated-authentication-settings.png" border="true":::
+:::image type="content" source="images/federated-authentication-settings-intune.png" alt-text="Custom policy showing the settings to be configured to enable federated sign-in" lightbox="images/federated-authentication-settings-intune.png" border="true":::
 
 Assign the policy to a security group that contains as members the devices that require federated sign-in.
 
-```OMA-URI
-    ./Vendor/MSFT/Policy/Config/FederatedAuthentication/EnableWebSignInForPrimaryUser
-```
-
 #### [:::image type="icon" source="images/icons/provisioning-package.svg"::: **PPKG**](#tab/ppkg)
 
 To configure federated sign-in using a provisioning package, use the following settings:
@@ -80,12 +76,24 @@ Apply the provisioning package to the devices that require federated sign-in.
 
 #### [:::image type="icon" source="images/icons/group-policy.svg"::: **GPO**](#tab/gpo)
 
-This setting is not available in Group Policy.
+This setting cannot be configured via Group Policy.
 
 #### [:::image type="icon" source="images/icons/registry.svg"::: **Registry**](#tab/reg)
 
 This setting cannot be configured via registry.
 
+#### [:::image type="icon" source="images/icons/windows-os.svg"::: **CSP**](#tab/csp)
+
+To configure federated sign-in using Configuration Service Providers, use the following settings:
+
+| Setting |
+|--------|
+| <li> OMA-URI: **`./Vendor/MSFT/Policy/Config/FederatedAuthentication/EnableWebSignInForPrimaryUser`** </li><li>Data type: **Integer** </li><li>Value: **1**</li>|
+| <li> OMA-URI: **`./Vendor/MSFT/Policy/Config/Authentication/ConfigureWebSignInAllowedUrls`** </li><li>Data type: **String** </li><li>Value: Semicolon separated list of domains, for example: **`samlidp.clever.com;clever.com;mobile-redirector.clever.com`**</li>|
+| <li> OMA-URI: **`./Vendor/MSFT/Policy/Config/Education/IsEducationEnvironment`** </li><li>Data type: **Integer** </li><li>Value: **1**</li>|
+| <li> OMA-URI: **`./Vendor/MSFT/Policy/Config/Authentication/ConfigureWebCamAccessDomainNames`** </li><li>Data type: **String** </li><li>Value: This setting is optional, and it should be configured if you need to use the webcam during the sign-in process. Specify the list of domains that re llowed to use the webcam during the sign-in process, separated by a semicolon. For example: **`clever.com`**</li>|
+| <li> OMA-URI: **`./Vendor/MSFT/SharedPC/EnableSharedPCMode`** </li><li>Data type: **Boolean** </li><li>Value: **False**</li>|
+
 ---
 
 ## How to use federated sign-in