Before your developers can use GitHub Enterprise Cloud with Enterprise Managed Users, you must follow a series of configuration steps.
Create a new enterprise account
To use Enterprise Managed Users, you need a separate type of enterprise account with Enterprise Managed Users enabled.
To request a new enterprise account, contact GitHub's Sales team. You'll discuss options for trialing Enterprise Managed Users or migrating from an existing enterprise.
When you're ready, your contact on the GitHub Sales team will create your new Unternehmen mit verwalteten Benutzer*innen. You'll be asked to provide the following information:
- The email address for the user who will set up your enterprise.
- A short code that will be used as the suffix for your enterprise members' usernames. Der kurze Code muss für Ihr Unternehmen eindeutig sein. Es muss sich um eine alphanumerische Zeichenfolge mit drei bis acht Zeichen handeln, die keine Sonderzeichen enthält.
Create the setup user
After we create your enterprise, you will receive an email inviting you to choose a password for the setup user, which is used to configure authentication and provisioning. The username is your enterprise's shortcode suffixed with _admin, for example fabrikam_admin.
Using an incognito or private browsing window:
- Set the user's password.
- Save the user's recovery codes.
- Enable two-factor authentication. See "Zwei-Faktor-Authentifizierung konfigurieren."
Wenn du das Kennwort für deinen Setupbenutzer zurücksetzen musst, wende dich über das GitHub-Supportportal an den GitHub-Support.
Configure authentication
Next, configure how your members will authenticate.
If you're using Entra ID as your IdP, you can choose between OpenID Connect (OIDC) and Security Assertion Markup Language (SAML).
- We recommend OIDC, which includes support for Conditional Access Policies (CAP).
- If you require multiple enterprises provisioned from one tenant, you must use SAML for each enterprise after the first.
If you're using another IdP, like Okta or PingFederate, you must use SAML to authenticate your members.
To get started, read the guide for your chosen authentication method.
- "Configuring OIDC for Enterprise Managed Users"
- "Configuring SAML single sign-on for Enterprise Managed Users"
Configure provisioning
After you configure authentication, you can configure SCIM provisioning, which is how your IdP will create verwaltete Benutzerkonten on GitHub. See "Configuring SCIM provisioning for Enterprise Managed Users."
Manage organization membership
After authentication and provisioning are configured, you can start managing organization membership for your verwaltete Benutzerkonten by synchronizing IdP groups with teams. See "Managing team memberships with identity provider groups."
Support developers with multiple user accounts
Developers may need to maintain separate, personal accounts for their work outside of your Unternehmen mit verwalteten Benutzer*innen. You can help them manage multiple accounts by providing the following resources:
- On the command line, developers can configure Git to simplify the process of using multiple accounts. See "Verwalten mehrerer Konten."
- In the web interface, developers can switch between accounts without always needing to re-authenticate. See "Wechseln zwischen Konten."