Skip to main content
GitHub Docs
Version:
Enterprise Server 3.14
Search GitHub Docs
Search
Select language: current language is English
Open Search Bar
Close Search Bar
Open Menu
Open Sidebar
Enterprise administrators
/
Identity and access management
Home
Enterprise administrators
Overview
About GitHub for enterprises
Enterprise Cloud trial
About GitHub Enterprise Server
Enterprise Server trial
About upgrades
System overview
GitHub Enterprise API
Best practices
Manage enterprise account
About enterprise accounts
Create a README
Installation
Set up an instance
Install on AWS
Install on Azure
Install on GCP
Install on Hyper-V
Install on OpenStack
Install on VMware
Set up a staging instance
Configuration
Configure user applications
Configuring applications
Configure email notifications
Configure GitHub Pages
Configuring rate limits
Configure web commit signing
Configure interactive maps
Manage GitHub Mobile
Verify or approve a domain
Harden security
Configuring TLS
Troubleshoot TLS errors
Enabling private mode
Enable subdomain isolation
Configure host keys
Configure SSH connections
Configure referrer policy
Configure network settings
Set the IP using the console
Configure DNS servers
Configure hostname
Change hostname
Validate domain settings
Configure an outbound proxy
Configure firewall rules
Network ports
Use a load balancer
Configure time settings
GitHub Connect
About GitHub Connect
Enable for GitHub.com
Enable for GHE.com
Automatic user license sync
Dependabot
Server Statistics
Unified search
Unified contributions
Disable GitHub Connect
Administer your instance
Web UI
About the Management Console
Manage Management Console access
Access Management Console
Troubleshoot Management Console
Manage search indices
Command line
Access the admin shell (SSH)
Using the GitHub CLI
Command-line utilities
Maintenance mode
Configure maintenance mode
Identity and access management
Understand enterprise IAM
About IAM
About SAML for IAM
Change authentication methods
Fallback authentication
Troubleshoot IAM
IAM configuration reference
SAML reference
Username considerations
Built-in authentication
Configure built-in authentication
Invite people
Block unauthenticated sign-up
Disable passkeys
CAS for enterprise IAM
Using CAS
LDAP for enterprise IAM
Using LDAP
SAML for enterprise IAM
Configure SAML SSO
Enable encrypted assertions
Update SAML NameID
Troubleshoot SAML SSO
Provision accounts with SCIM
About SCIM provisioning
Configure SCIM provisioning
Set up Entra ID
Set up PingFederate
Set up Okta
SCIM using REST API
Manage teams with your IdP
Troubleshoot team membership with IdP
Manage accounts and repositories
Communicate info to users
Customizing user messages
Configure custom footers
Manage users
Roles in an enterprise
User security best practices
Invite people to manage
Reserved usernames
Manage administrators
View people in your enterprise
View & manage SAML access
Audit users
Impersonate a user
Managing dormant users
Manage user suspension
Delete a user
Place a legal hold
Auditing SSH keys
Rebuild contributions
Manage organizations
Best practices
Set membership visibility
Prevent organization creation
Require 2FA
Manage your organization roles
Restore organization
Project management with Jira
Manage repositories
Configure Git LFS
Disable SSH for Git
Lock a repository
Restore a deleted repository
Troubleshoot service hooks
Upgrade your instance
Prepare to upgrade
Upgrading overview
Upgrade requirements
Enable automatic update checks
Take a snapshot
Perform an upgrade
Upgrade with a hotpatch
Upgrade with an upgrade package
Migrate from 11.10.x to 2.1.23
Elasticsearch upgrade in 3.13
Troubleshoot an upgrade
Restore from a failed upgrade
Known issues with upgrades
Back up and restore
Configuring backups
Policies
Enforce policies
About enterprise policies
Repository management policies
Projects policies
Restrict email notifications
Policies for security settings
GitHub Actions policies
Code security & analysis
Personal access token policies
Policy with pre-receive hooks
About pre-receive hooks
Pre-receive hook environments
Pre-receive hook scripts
Manage pre-receive hooks
Monitor user activity
Review audit logs
About audit logs
Access audit logs
Configure audit logs
Search audit logs
Identify events by token
Stream audit logs
Audit log API
Audit log events
Explore user activity
Activity dashboard
Access reports
Viewing push logs
Log forwarding
Manage global webhooks
Server Statistics
About Server Statistics
Export Server Statistics
Server Statistics and REST API
Monitor and manage your instance
Monitor your instance
About the monitor dashboard
Recommended alert thresholds
Set up external monitoring
Configure collectd
collectd metrics
Monitoring using SNMP
About system logs
Troubleshooting resource allocation problems
Generating a Health Check for your enterprise
Update VM & resources
Increase storage capacity
Increase CPU or memory
Generation 2 virtual machines
Configuring clustering
About clustering
Choosing cluster or HA
About cluster nodes
Configure a cluster network
Initializing the cluster
Deferring database seeding
Upgrading a cluster
Monitor cluster health
Node Eligibility Service
Rebalance workloads
Replacing a cluster node
Configure HA replication
Initiate a failover to replica
Configure high availability
About HA configuration
Create HA replica
Monitor HA configuration
Initiate failover to appliance
Recover a HA configuration
Remove a HA replica
About geo-replication
Caching repositories
About repository caching
Configuring a repository cache
GitHub Actions
Get started
About GitHub Actions
Introduce Actions
Migrate to Actions
Get started
Self-hosted runners
Enable GitHub Actions
Azure Blob storage
Amazon S3 storage
Google Cloud Storage
MinIO storage
Dependabot updates
Manage access to actions
About actions in your enterprise
Use GitHub Connect for actions
Manually sync actions
Use the latest bundled actions
Tool cache for offline runners
HA & troubleshooting
HA for GitHub Actions
Backing up and restoring
Use staging environment
Troubleshoot GitHub Actions
Packages
Getting started with GitHub Packages
Enable Packages with AWS
Enable Packages with Azure
Enable Packages with MinIO
Quickstart for MinIO
Configure package ecosystems
Migrate to Container registry
Code security
GitHub Advanced Security
Enabling GitHub Advanced Security
Manage GitHub Advanced Security
Configuring code scanning
Configuring dependency review
Configuring secret scanning
Supply chain security
About supply chain security
Enable dependency graph
View vulnerability data
Limited internet access
Guides
Release notes
Releases
Enterprise administrators
/
Identity and access management
Identity and access management
You can configure how people access your GitHub Enterprise Server instance.
Understanding IAM for enterprises
About identity and access management
About SAML for enterprise IAM
Changing authentication methods
Allowing built-in authentication for users outside your provider
Troubleshooting identity and access management for your enterprise
IAM configuration reference
SAML configuration reference
Username considerations for external authentication
Using built-in authentication
Configuring built-in authentication
Inviting people to use your instance
Disabling unauthenticated sign-ups
Disabling passkeys for your instance
Using CAS for enterprise IAM
Using CAS
Using LDAP for enterprise IAM
Using LDAP
Using SAML for enterprise IAM
Configuring SAML single sign-on for your enterprise
Enabling encrypted assertions
Updating a user's SAML NameID
Troubleshooting SAML authentication
Provisioning accounts with SCIM
About user provisioning with SCIM on GitHub Enterprise Server
Configuring SCIM provisioning to manage users
Configuring authentication and provisioning with Entra ID
Configuring authentication and provisioning with PingFederate
Configuring authentication and provisioning with Okta
Provisioning users and groups with SCIM using the REST API
Managing team memberships with identity provider groups
Troubleshooting team membership with identity provider groups