Allowing built-in authentication for users outside your identity provider

You can configure built-in authentication to authenticate users who don't have access to your identity provider that uses LDAP, SAML, or CAS.

About built-in authentication for users outside your identity provider

You can use built-in authentication for outside users when you are unable to add specific accounts to your identity provider (IdP), such as accounts for contractors or machine users. You can also use built-in authentication to access a fallback account if the identity provider is unavailable.

After built-in authentication is configured and a user successfully authenticates with SAML or CAS, they will no longer have the option to authenticate with a username and password. If a user successfully authenticates with LDAP, the credentials are no longer considered internal.

Built-in authentication for a specific IdP is disabled by default.

Warning: If you disable built-in authentication, you must individually suspend any users that should no longer have access to the instance. For more information, see "Suspending and unsuspending users."

Configuring built-in authentication for users outside your identity provider

  1. 从 GitHub Enterprise Server 上的管理帐户,点击任何页面右上角的 用于访问站点管理员设置的火箭图标
  2. 在左侧边栏中,单击 管理控制台左侧边栏中的 管理控制台 选项卡
  3. 在左侧边栏中,单击 Authentication(身份验证)设置侧边栏中的身份验证选项卡
  4. Select your identity provider. Select identity provider option
  5. Select Allow creation of accounts with built-in authentication. Select built-in authentication option
  6. Read the warning, then click Ok.

双重身份验证

使用 LDAP 或内置身份验证时,支持双重身份验证。 组织管理员可以要求成员启用双重身份验证。

Inviting users outside your identity provider to authenticate to your instance

When a user accepts the invitation, they can use their username and password to sign in rather than signing in through the IdP.

  1. 登录到 http(s)://HOSTNAME/login 上的 your GitHub Enterprise Server instance。
  2. 从 GitHub Enterprise Server 上的管理帐户,点击任何页面右上角的 用于访问站点管理员设置的火箭图标
  3. 在左侧边栏中,单击 Invite user(邀请用户)站点管理控制台中的邀请用户选项卡
  4. 输入您要创建的每个用户帐户的用户名和电子邮件地址,然后单击 Generate a password reset link(生成密码重置链接)生成密码重置链接按钮

Further reading

此文档对您有帮助吗?

隐私政策

帮助我们创建出色的文档!

所有 GitHub 文档都是开源的。看到错误或不清楚的内容了吗?提交拉取请求。

做出贡献

或者, 了解如何参与。