About identity and access management with SAML single sign-on→
If you centrally manage your users' identities and applications with an identity provider (IdP), you can configure Security Assertion Markup Language (SAML) single sign-on (SSO) to protect your organization's resources on GitHub.
About SCIM→
With System for Cross-domain Identity Management (SCIM), administrators can automate the exchange of user identity information between systems.
Connecting your identity provider to your organization→
To use SAML single sign-on and SCIM, you must connect your identity provider to your GitHub organization.
Configuring SAML single sign-on and SCIM using Okta→
You can use Security Assertion Markup Language (SAML) single sign-on (SSO) and System for Cross-domain Identity Management (SCIM) with Okta to automatically manage access to your organization on GitHub.
Enabling and testing SAML single sign-on for your organization→
Organization owners and admins can enable SAML single sign-on to add an extra layer of security to their organization.
Preparing to enforce SAML single sign-on in your organization→
Before you enforce SAML single sign-on in your organization, you should verify your organization's membership and configure the connection settings to your identity provider.
Enforcing SAML single sign-on for your organization→
Organization owners and admins can enforce SAML SSO so that all organization members must authenticate via an identity provider.
Downloading your organization's SAML single sign-on recovery codes→
Organization administrators should download their organization's SAML single sign-on recovery codes to ensure that they can access GitHub even if the identity provider for the organization is unavailable.
Managing team synchronization for your organization→
You can enable and disable team synchronization between your identity provider (IdP) and your organization on GitHub.
Accessing your organization if your identity provider is unavailable→
Organization administrators can sign into GitHub even if their identity provider is unavailable by bypassing single sign-on and using their recovery codes.