About roles in an enterprise
All users that are part of your enterprise have one of the following roles.
- Enterprise owner: Can manage all enterprise settings, members, and policies
- Enterprise member: Is a member or owner of any organization in the enterprise
People with collaborator access to repositories are listed in your enterprise's "People" tab, but are not enterprise members and do not have access to the enterprise. See Roles in an organization.
How do I assign roles?
When a user has joined your GitHub Enterprise Server instance, you can:
- Add the user to an organization. See Adding people to your organization.
- Invite the user to become an enterprise owner. See Inviting people to manage your enterprise.
If you provision users with SCIM, you assign each user's enterprise role on your identity provider (IdP). The role cannot be changed on GitHub.
Enterprise owners
Enterprise owners have complete control over the enterprise and can take every action, including:
- Managing administrators
- Managing organizations
- Managing enterprise settings
- Enforcing policy across organizations
For security, we recommend making only a few people enterprise owners.
Enterprise owners do not have access to organization settings or content by default, but they can gain access by joining any organization. See Managing your role in an organization owned by your enterprise.
Enterprise members
Members of organizations owned by your enterprise are automatically members of the enterprise.
Enterprise members:
- Cannot access or configure enterprise settings.
- Can access all repositories with "internal" visibility across any organization in the enterprise. See About repositories.
- May have different levels of access to various organizations and repositories. To view the resources someone has access to, see Viewing people in your enterprise.