This version of GitHub Enterprise was discontinued on 2023-01-18. No patch releases will be made, even for critical security issues. For better performance, improved security, and new features, upgrade to the latest version of GitHub Enterprise. For help with the upgrade, contact GitHub Enterprise support.
We've recently moved some of the REST API documentation. If you can't find what you're looking for, you might try the Actions REST API page.
LDAP
Use the REST API to update account relationships between a GitHub Enterprise Server user or team and its linked LDAP entry or queue a new synchronization.
About LDAP
You can use these endpoints to update the Distinguished Name (DN) that a user or team maps to. Note that in most cases, you must have LDAP Sync enabled for your GitHub Enterprise Server appliance. The "Update LDAP mapping for a user" endpoint can be used when LDAP is enabled, even if LDAP Sync is disabled.
Update LDAP mapping for a team
Updates the distinguished name (DN) of the LDAP entry to map to a team. LDAP synchronization must be enabled to map LDAP entries to a team. Use the Create a team endpoint to create a team with LDAP mapping.
Parameters
| Headers |
|---|
| Name, Type, Description |
acceptstringSetting to |
| Path parameters |
| Name, Type, Description |
team_idintegerRequiredThe unique identifier of the team. |
| Body parameters |
| Name, Type, Description |
ldap_dnstringRequiredThe distinguished name (DN) of the LDAP entry to map to a team. |
HTTP response status codes
| Status code | Description |
|---|---|
200 | OK |
Code samples
curl \
-X PATCH \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer <YOUR-TOKEN>" \
http(s)://HOSTNAME/api/v3/admin/ldap/teams/TEAM_ID/mapping \
-d '{"ldap_dn":"cn=Enterprise Ops,ou=teams,dc=github,dc=com"}'Response
Status: 200{
"ldap_dn": "cn=Enterprise Ops,ou=teams,dc=github,dc=com",
"id": 1,
"node_id": "MDQ6VGVhbTE=",
"url": "https://api.github.com/teams/1",
"html_url": "https://github.com/orgs/github/teams/justice-league",
"name": "Justice League",
"slug": "justice-league",
"description": "A great team.",
"privacy": "closed",
"permission": "admin",
"members_url": "https://api.github.com/teams/1/members{/member}",
"repositories_url": "https://api.github.com/teams/1/repos",
"parent": null
}Sync LDAP mapping for a team
Note that this API call does not automatically initiate an LDAP sync. Rather, if a 201 is returned, the sync job is queued successfully, and is performed when the instance is ready.
Parameters
| Headers |
|---|
| Name, Type, Description |
acceptstringSetting to |
| Path parameters |
| Name, Type, Description |
team_idintegerRequiredThe unique identifier of the team. |
HTTP response status codes
| Status code | Description |
|---|---|
201 | Created |
Code samples
curl \
-X POST \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer <YOUR-TOKEN>" \
http(s)://HOSTNAME/api/v3/admin/ldap/teams/TEAM_ID/syncResponse
Status: 201{
"status": "queued"
}Update LDAP mapping for a user
Parameters
| Headers |
|---|
| Name, Type, Description |
acceptstringSetting to |
| Path parameters |
| Name, Type, Description |
usernamestringRequiredThe handle for the GitHub user account. |
| Body parameters |
| Name, Type, Description |
ldap_dnstringRequiredThe distinguished name (DN) of the LDAP entry to map to a team. |
HTTP response status codes
| Status code | Description |
|---|---|
200 | OK |
Code samples
curl \
-X PATCH \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer <YOUR-TOKEN>" \
http(s)://HOSTNAME/api/v3/admin/ldap/users/USERNAME/mapping \
-d '{"ldap_dn":"uid=asdf,ou=users,dc=github,dc=com"}'Response
Status: 200{
"ldap_dn": "uid=asdf,ou=users,dc=github,dc=com",
"login": "octocat",
"id": 1,
"node_id": "MDQ6VXNlcjE=",
"avatar_url": "https://github.com/images/error/octocat_happy.gif",
"gravatar_id": "",
"url": "https://api.github.com/users/octocat",
"html_url": "https://github.com/octocat",
"followers_url": "https://api.github.com/users/octocat/followers",
"following_url": "https://api.github.com/users/octocat/following{/other_user}",
"gists_url": "https://api.github.com/users/octocat/gists{/gist_id}",
"starred_url": "https://api.github.com/users/octocat/starred{/owner}{/repo}",
"subscriptions_url": "https://api.github.com/users/octocat/subscriptions",
"organizations_url": "https://api.github.com/users/octocat/orgs",
"repos_url": "https://api.github.com/users/octocat/repos",
"events_url": "https://api.github.com/users/octocat/events{/privacy}",
"received_events_url": "https://api.github.com/users/octocat/received_events",
"type": "User",
"site_admin": false,
"name": "monalisa octocat",
"company": "GitHub",
"blog": "https://github.com/blog",
"location": "San Francisco",
"email": "octocat@github.com",
"hireable": false,
"bio": "There once was...",
"twitter_username": "monatheoctocat",
"public_repos": 2,
"public_gists": 1,
"followers": 20,
"following": 0,
"created_at": "2008-01-14T04:33:35Z",
"updated_at": "2008-01-14T04:33:35Z",
"private_gists": 81,
"total_private_repos": 100,
"owned_private_repos": 100,
"disk_usage": 10000,
"collaborators": 8,
"two_factor_authentication": true,
"plan": {
"name": "Medium",
"space": 400,
"private_repos": 20,
"collaborators": 0
}
}Sync LDAP mapping for a user
Note that this API call does not automatically initiate an LDAP sync. Rather, if a 201 is returned, the sync job is queued successfully, and is performed when the instance is ready.
Parameters
| Headers |
|---|
| Name, Type, Description |
acceptstringSetting to |
| Path parameters |
| Name, Type, Description |
usernamestringRequiredThe handle for the GitHub user account. |
HTTP response status codes
| Status code | Description |
|---|---|
201 | Created |
Code samples
curl \
-X POST \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer <YOUR-TOKEN>" \
http(s)://HOSTNAME/api/v3/admin/ldap/users/USERNAME/syncResponse
Status: 201{
"status": "queued"
}