REST API endpoints for LDAP
Use the REST API to update account relationships between a GitHub Enterprise Server user or team and its linked LDAP entry or queue a new synchronization.
About LDAP
You can use these endpoints to update the Distinguished Name (DN) that a user or team maps to. Note that in most cases, you must have LDAP Sync enabled for your GitHub Enterprise Server appliance. The "Update LDAP mapping for a user" endpoint can be used when LDAP is enabled, even if LDAP Sync is disabled.
These endpoints only support authentication using a personal access token (classic). For more information, see "Managing your personal access tokens."
Update LDAP mapping for a team
Updates the distinguished name (DN) of the LDAP entry to map to a team. LDAP synchronization must be enabled to map LDAP entries to a team. Use the Create a team endpoint to create a team with LDAP mapping.
Fine-grained access tokens for "Update LDAP mapping for a team"
This endpoint does not work with GitHub App user access tokens, GitHub App installation access tokens, or fine-grained personal access tokens.
Parameters for "Update LDAP mapping for a team"
Name, Type, Description |
---|
accept string Setting to |
Name, Type, Description |
---|
team_id integer RequiredThe unique identifier of the team. |
Name, Type, Description |
---|
ldap_dn string RequiredThe distinguished name (DN) of the LDAP entry to map to a team. |
HTTP response status codes for "Update LDAP mapping for a team"
Status code | Description |
---|---|
200 | OK |
Code samples for "Update LDAP mapping for a team"
Request example
curl -L \
-X PATCH \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer <YOUR-TOKEN>" \
-H "X-GitHub-Api-Version: 2022-11-28" \
http(s)://HOSTNAME/api/v3/admin/ldap/teams/TEAM_ID/mapping \
-d '{"ldap_dn":"cn=Enterprise Ops,ou=teams,dc=github,dc=com"}'
Response
Status: 200
{
"ldap_dn": "cn=Enterprise Ops,ou=teams,dc=github,dc=com",
"id": 1,
"node_id": "MDQ6VGVhbTE=",
"url": "https://HOSTNAME/teams/1",
"html_url": "https://github.com/orgs/github/teams/justice-league",
"name": "Justice League",
"slug": "justice-league",
"description": "A great team.",
"privacy": "closed",
"notification_setting": "notifications_enabled",
"permission": "admin",
"members_url": "https://HOSTNAME/teams/1/members{/member}",
"repositories_url": "https://HOSTNAME/teams/1/repos",
"parent": null
}
Sync LDAP mapping for a team
Note that this API call does not automatically initiate an LDAP sync. Rather, if a 201
is returned, the sync job is queued successfully, and is performed when the instance is ready.
Fine-grained access tokens for "Sync LDAP mapping for a team"
This endpoint does not work with GitHub App user access tokens, GitHub App installation access tokens, or fine-grained personal access tokens.
Parameters for "Sync LDAP mapping for a team"
Name, Type, Description |
---|
accept string Setting to |
Name, Type, Description |
---|
team_id integer RequiredThe unique identifier of the team. |
HTTP response status codes for "Sync LDAP mapping for a team"
Status code | Description |
---|---|
201 | Created |
Code samples for "Sync LDAP mapping for a team"
Request example
curl -L \
-X POST \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer <YOUR-TOKEN>" \
-H "X-GitHub-Api-Version: 2022-11-28" \
http(s)://HOSTNAME/api/v3/admin/ldap/teams/TEAM_ID/sync
Response
Status: 201
{
"status": "queued"
}
Update LDAP mapping for a user
Fine-grained access tokens for "Update LDAP mapping for a user"
This endpoint does not work with GitHub App user access tokens, GitHub App installation access tokens, or fine-grained personal access tokens.
Parameters for "Update LDAP mapping for a user"
Name, Type, Description |
---|
accept string Setting to |
Name, Type, Description |
---|
username string RequiredThe handle for the GitHub user account. |
Name, Type, Description |
---|
ldap_dn string RequiredThe distinguished name (DN) of the LDAP entry to map to a team. |
HTTP response status codes for "Update LDAP mapping for a user"
Status code | Description |
---|---|
200 | OK |
Code samples for "Update LDAP mapping for a user"
Request example
curl -L \
-X PATCH \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer <YOUR-TOKEN>" \
-H "X-GitHub-Api-Version: 2022-11-28" \
http(s)://HOSTNAME/api/v3/admin/ldap/users/USERNAME/mapping \
-d '{"ldap_dn":"uid=asdf,ou=users,dc=github,dc=com"}'
Response
Status: 200
{
"ldap_dn": "uid=asdf,ou=users,dc=github,dc=com",
"login": "octocat",
"id": 1,
"node_id": "MDQ6VXNlcjE=",
"avatar_url": "https://github.com/images/error/octocat_happy.gif",
"gravatar_id": "",
"url": "https://HOSTNAME/users/octocat",
"html_url": "https://github.com/octocat",
"followers_url": "https://HOSTNAME/users/octocat/followers",
"following_url": "https://HOSTNAME/users/octocat/following{/other_user}",
"gists_url": "https://HOSTNAME/users/octocat/gists{/gist_id}",
"starred_url": "https://HOSTNAME/users/octocat/starred{/owner}{/repo}",
"subscriptions_url": "https://HOSTNAME/users/octocat/subscriptions",
"organizations_url": "https://HOSTNAME/users/octocat/orgs",
"repos_url": "https://HOSTNAME/users/octocat/repos",
"events_url": "https://HOSTNAME/users/octocat/events{/privacy}",
"received_events_url": "https://HOSTNAME/users/octocat/received_events",
"type": "User",
"site_admin": false,
"name": "monalisa octocat",
"company": "GitHub",
"blog": "https://github.com/blog",
"location": "San Francisco",
"email": "octocat@github.com",
"hireable": false,
"bio": "There once was...",
"twitter_username": "monatheoctocat",
"public_repos": 2,
"public_gists": 1,
"followers": 20,
"following": 0,
"created_at": "2008-01-14T04:33:35Z",
"updated_at": "2008-01-14T04:33:35Z",
"private_gists": 81,
"total_private_repos": 100,
"owned_private_repos": 100,
"disk_usage": 10000,
"collaborators": 8,
"two_factor_authentication": true,
"plan": {
"name": "Medium",
"space": 400,
"private_repos": 20,
"collaborators": 0
}
}
Sync LDAP mapping for a user
Note that this API call does not automatically initiate an LDAP sync. Rather, if a 201
is returned, the sync job is queued successfully, and is performed when the instance is ready.
Fine-grained access tokens for "Sync LDAP mapping for a user"
This endpoint does not work with GitHub App user access tokens, GitHub App installation access tokens, or fine-grained personal access tokens.
Parameters for "Sync LDAP mapping for a user"
Name, Type, Description |
---|
accept string Setting to |
Name, Type, Description |
---|
username string RequiredThe handle for the GitHub user account. |
HTTP response status codes for "Sync LDAP mapping for a user"
Status code | Description |
---|---|
201 | Created |
Code samples for "Sync LDAP mapping for a user"
Request example
curl -L \
-X POST \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer <YOUR-TOKEN>" \
-H "X-GitHub-Api-Version: 2022-11-28" \
http(s)://HOSTNAME/api/v3/admin/ldap/users/USERNAME/sync
Response
Status: 201
{
"status": "queued"
}