This version of GitHub Enterprise Server was discontinued on 2024-09-25. No patch releases will be made, even for critical security issues. For better performance, improved security, and new features, upgrade to the latest version of GitHub Enterprise Server. For help with the upgrade, contact GitHub Enterprise support.
REST API endpoints for LDAP
Use the REST API to update account relationships between a GitHub Enterprise Server user or team and its linked LDAP entry or queue a new synchronization.
About LDAP
You can use these endpoints to update the Distinguished Name (DN) that a user or team maps to. Note that in most cases, you must have LDAP Sync enabled for your GitHub Enterprise Server appliance. The Update LDAP mapping for a user endpoint can be used when LDAP is enabled, even if LDAP Sync is disabled.
Note
These endpoints only support authentication using a personal access token (classic). For more information, see "Managing your personal access tokens."
Update LDAP mapping for a team
Updates the distinguished name (DN) of the LDAP entry to map to a team. LDAP synchronization must be enabled to map LDAP entries to a team. Use the Create a team endpoint to create a team with LDAP mapping.
Fine-grained access tokens for "Update LDAP mapping for a team"
This endpoint does not work with GitHub App user access tokens, GitHub App installation access tokens, or fine-grained personal access tokens.
Parameters for "Update LDAP mapping for a team"
Name, Type, Description |
---|
accept string Setting to |
Name, Type, Description |
---|
team_id integer RequiredThe unique identifier of the team. |
Name, Type, Description |
---|
ldap_dn string RequiredThe distinguished name (DN) of the LDAP entry to map to a team. |
HTTP response status codes for "Update LDAP mapping for a team"
Status code | Description |
---|---|
200 | OK |
Code samples for "Update LDAP mapping for a team"
Request example
curl -L \
-X PATCH \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer <YOUR-TOKEN>" \
-H "X-GitHub-Api-Version: 2022-11-28" \
http(s)://HOSTNAME/api/v3/admin/ldap/teams/TEAM_ID/mapping \
-d '{"ldap_dn":"cn=Enterprise Ops,ou=teams,dc=github,dc=com"}'
Response
Status: 200
{
"ldap_dn": "cn=Enterprise Ops,ou=teams,dc=github,dc=com",
"id": 1,
"node_id": "MDQ6VGVhbTE=",
"url": "https://HOSTNAME/teams/1",
"html_url": "https://github.com/orgs/github/teams/justice-league",
"name": "Justice League",
"slug": "justice-league",
"description": "A great team.",
"privacy": "closed",
"notification_setting": "notifications_enabled",
"permission": "admin",
"members_url": "https://HOSTNAME/teams/1/members{/member}",
"repositories_url": "https://HOSTNAME/teams/1/repos",
"parent": null
}
Sync LDAP mapping for a team
Note that this API call does not automatically initiate an LDAP sync. Rather, if a 201
is returned, the sync job is queued successfully, and is performed when the instance is ready.
Fine-grained access tokens for "Sync LDAP mapping for a team"
This endpoint does not work with GitHub App user access tokens, GitHub App installation access tokens, or fine-grained personal access tokens.
Parameters for "Sync LDAP mapping for a team"
Name, Type, Description |
---|
accept string Setting to |
Name, Type, Description |
---|
team_id integer RequiredThe unique identifier of the team. |
HTTP response status codes for "Sync LDAP mapping for a team"
Status code | Description |
---|---|
201 | Created |
Code samples for "Sync LDAP mapping for a team"
Request example
curl -L \
-X POST \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer <YOUR-TOKEN>" \
-H "X-GitHub-Api-Version: 2022-11-28" \
http(s)://HOSTNAME/api/v3/admin/ldap/teams/TEAM_ID/sync
Response
Status: 201
{
"status": "queued"
}
Update LDAP mapping for a user
Fine-grained access tokens for "Update LDAP mapping for a user"
This endpoint does not work with GitHub App user access tokens, GitHub App installation access tokens, or fine-grained personal access tokens.
Parameters for "Update LDAP mapping for a user"
Name, Type, Description |
---|
accept string Setting to |
Name, Type, Description |
---|
username string RequiredThe handle for the GitHub user account. |
Name, Type, Description |
---|
ldap_dn string RequiredThe distinguished name (DN) of the LDAP entry to map to a team. |
HTTP response status codes for "Update LDAP mapping for a user"
Status code | Description |
---|---|
200 | OK |
Code samples for "Update LDAP mapping for a user"
Request example
curl -L \
-X PATCH \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer <YOUR-TOKEN>" \
-H "X-GitHub-Api-Version: 2022-11-28" \
http(s)://HOSTNAME/api/v3/admin/ldap/users/USERNAME/mapping \
-d '{"ldap_dn":"uid=asdf,ou=users,dc=github,dc=com"}'
Response
Status: 200
{
"ldap_dn": "uid=asdf,ou=users,dc=github,dc=com",
"login": "octocat",
"id": 1,
"node_id": "MDQ6VXNlcjE=",
"avatar_url": "https://github.com/images/error/octocat_happy.gif",
"gravatar_id": "",
"url": "https://HOSTNAME/users/octocat",
"html_url": "https://github.com/octocat",
"followers_url": "https://HOSTNAME/users/octocat/followers",
"following_url": "https://HOSTNAME/users/octocat/following{/other_user}",
"gists_url": "https://HOSTNAME/users/octocat/gists{/gist_id}",
"starred_url": "https://HOSTNAME/users/octocat/starred{/owner}{/repo}",
"subscriptions_url": "https://HOSTNAME/users/octocat/subscriptions",
"organizations_url": "https://HOSTNAME/users/octocat/orgs",
"repos_url": "https://HOSTNAME/users/octocat/repos",
"events_url": "https://HOSTNAME/users/octocat/events{/privacy}",
"received_events_url": "https://HOSTNAME/users/octocat/received_events",
"type": "User",
"site_admin": false,
"name": "monalisa octocat",
"company": "GitHub",
"blog": "https://github.com/blog",
"location": "San Francisco",
"email": "octocat@github.com",
"hireable": false,
"bio": "There once was...",
"twitter_username": "monatheoctocat",
"public_repos": 2,
"public_gists": 1,
"followers": 20,
"following": 0,
"created_at": "2008-01-14T04:33:35Z",
"updated_at": "2008-01-14T04:33:35Z",
"private_gists": 81,
"total_private_repos": 100,
"owned_private_repos": 100,
"disk_usage": 10000,
"collaborators": 8,
"two_factor_authentication": true,
"plan": {
"name": "Medium",
"space": 400,
"private_repos": 20,
"collaborators": 0
}
}
Sync LDAP mapping for a user
Note that this API call does not automatically initiate an LDAP sync. Rather, if a 201
is returned, the sync job is queued successfully, and is performed when the instance is ready.
Fine-grained access tokens for "Sync LDAP mapping for a user"
This endpoint does not work with GitHub App user access tokens, GitHub App installation access tokens, or fine-grained personal access tokens.
Parameters for "Sync LDAP mapping for a user"
Name, Type, Description |
---|
accept string Setting to |
Name, Type, Description |
---|
username string RequiredThe handle for the GitHub user account. |
HTTP response status codes for "Sync LDAP mapping for a user"
Status code | Description |
---|---|
201 | Created |
Code samples for "Sync LDAP mapping for a user"
Request example
curl -L \
-X POST \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer <YOUR-TOKEN>" \
-H "X-GitHub-Api-Version: 2022-11-28" \
http(s)://HOSTNAME/api/v3/admin/ldap/users/USERNAME/sync
Response
Status: 201
{
"status": "queued"
}