Skip to main content

Enterprise Server 3.15 is currently available as a release candidate.

The REST API is now versioned. For more information, see "About API versioning."

REST API endpoints for LDAP

Use the REST API to update account relationships between a GitHub Enterprise Server user or team and its linked LDAP entry or queue a new synchronization.

About LDAP

You can use these endpoints to update the Distinguished Name (DN) that a user or team maps to. Note that in most cases, you must have LDAP Sync enabled for your GitHub Enterprise Server appliance. The "Update LDAP mapping for a user" endpoint can be used when LDAP is enabled, even if LDAP Sync is disabled.

These endpoints only support authentication using a personal access token (classic). For more information, see "Managing your personal access tokens."

Update LDAP mapping for a team

Updates the distinguished name (DN) of the LDAP entry to map to a team. LDAP synchronization must be enabled to map LDAP entries to a team. Use the Create a team endpoint to create a team with LDAP mapping.

Fine-grained access tokens for "Update LDAP mapping for a team"

This endpoint does not work with GitHub App user access tokens, GitHub App installation access tokens, or fine-grained personal access tokens.

Parameters for "Update LDAP mapping for a team"

Headers
Name, Type, Description
accept string

Setting to application/vnd.github+json is recommended.

Path parameters
Name, Type, Description
team_id integer Required

The unique identifier of the team.

Body parameters
Name, Type, Description
ldap_dn string Required

The distinguished name (DN) of the LDAP entry to map to a team.

HTTP response status codes for "Update LDAP mapping for a team"

Status codeDescription
200

OK

Code samples for "Update LDAP mapping for a team"

Request example

patch/admin/ldap/teams/{team_id}/mapping
curl -L \ -X PATCH \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2022-11-28" \ http(s)://HOSTNAME/api/v3/admin/ldap/teams/TEAM_ID/mapping \ -d '{"ldap_dn":"cn=Enterprise Ops,ou=teams,dc=github,dc=com"}'

Response

Status: 200
{ "ldap_dn": "cn=Enterprise Ops,ou=teams,dc=github,dc=com", "id": 1, "node_id": "MDQ6VGVhbTE=", "url": "https://HOSTNAME/teams/1", "html_url": "https://github.com/orgs/github/teams/justice-league", "name": "Justice League", "slug": "justice-league", "description": "A great team.", "privacy": "closed", "notification_setting": "notifications_enabled", "permission": "admin", "members_url": "https://HOSTNAME/teams/1/members{/member}", "repositories_url": "https://HOSTNAME/teams/1/repos", "parent": null }

Sync LDAP mapping for a team

Note that this API call does not automatically initiate an LDAP sync. Rather, if a 201 is returned, the sync job is queued successfully, and is performed when the instance is ready.

Fine-grained access tokens for "Sync LDAP mapping for a team"

This endpoint does not work with GitHub App user access tokens, GitHub App installation access tokens, or fine-grained personal access tokens.

Parameters for "Sync LDAP mapping for a team"

Headers
Name, Type, Description
accept string

Setting to application/vnd.github+json is recommended.

Path parameters
Name, Type, Description
team_id integer Required

The unique identifier of the team.

HTTP response status codes for "Sync LDAP mapping for a team"

Status codeDescription
201

Created

Code samples for "Sync LDAP mapping for a team"

Request example

post/admin/ldap/teams/{team_id}/sync
curl -L \ -X POST \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2022-11-28" \ http(s)://HOSTNAME/api/v3/admin/ldap/teams/TEAM_ID/sync

Response

Status: 201
{ "status": "queued" }

Update LDAP mapping for a user

Fine-grained access tokens for "Update LDAP mapping for a user"

This endpoint does not work with GitHub App user access tokens, GitHub App installation access tokens, or fine-grained personal access tokens.

Parameters for "Update LDAP mapping for a user"

Headers
Name, Type, Description
accept string

Setting to application/vnd.github+json is recommended.

Path parameters
Name, Type, Description
username string Required

The handle for the GitHub user account.

Body parameters
Name, Type, Description
ldap_dn string Required

The distinguished name (DN) of the LDAP entry to map to a team.

HTTP response status codes for "Update LDAP mapping for a user"

Status codeDescription
200

OK

Code samples for "Update LDAP mapping for a user"

Request example

patch/admin/ldap/users/{username}/mapping
curl -L \ -X PATCH \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2022-11-28" \ http(s)://HOSTNAME/api/v3/admin/ldap/users/USERNAME/mapping \ -d '{"ldap_dn":"uid=asdf,ou=users,dc=github,dc=com"}'

Response

Status: 200
{ "ldap_dn": "uid=asdf,ou=users,dc=github,dc=com", "login": "octocat", "id": 1, "node_id": "MDQ6VXNlcjE=", "avatar_url": "https://github.com/images/error/octocat_happy.gif", "gravatar_id": "", "url": "https://HOSTNAME/users/octocat", "html_url": "https://github.com/octocat", "followers_url": "https://HOSTNAME/users/octocat/followers", "following_url": "https://HOSTNAME/users/octocat/following{/other_user}", "gists_url": "https://HOSTNAME/users/octocat/gists{/gist_id}", "starred_url": "https://HOSTNAME/users/octocat/starred{/owner}{/repo}", "subscriptions_url": "https://HOSTNAME/users/octocat/subscriptions", "organizations_url": "https://HOSTNAME/users/octocat/orgs", "repos_url": "https://HOSTNAME/users/octocat/repos", "events_url": "https://HOSTNAME/users/octocat/events{/privacy}", "received_events_url": "https://HOSTNAME/users/octocat/received_events", "type": "User", "site_admin": false, "name": "monalisa octocat", "company": "GitHub", "blog": "https://github.com/blog", "location": "San Francisco", "email": "octocat@github.com", "hireable": false, "bio": "There once was...", "twitter_username": "monatheoctocat", "public_repos": 2, "public_gists": 1, "followers": 20, "following": 0, "created_at": "2008-01-14T04:33:35Z", "updated_at": "2008-01-14T04:33:35Z", "private_gists": 81, "total_private_repos": 100, "owned_private_repos": 100, "disk_usage": 10000, "collaborators": 8, "two_factor_authentication": true, "plan": { "name": "Medium", "space": 400, "private_repos": 20, "collaborators": 0 } }

Sync LDAP mapping for a user

Note that this API call does not automatically initiate an LDAP sync. Rather, if a 201 is returned, the sync job is queued successfully, and is performed when the instance is ready.

Fine-grained access tokens for "Sync LDAP mapping for a user"

This endpoint does not work with GitHub App user access tokens, GitHub App installation access tokens, or fine-grained personal access tokens.

Parameters for "Sync LDAP mapping for a user"

Headers
Name, Type, Description
accept string

Setting to application/vnd.github+json is recommended.

Path parameters
Name, Type, Description
username string Required

The handle for the GitHub user account.

HTTP response status codes for "Sync LDAP mapping for a user"

Status codeDescription
201

Created

Code samples for "Sync LDAP mapping for a user"

Request example

post/admin/ldap/users/{username}/sync
curl -L \ -X POST \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2022-11-28" \ http(s)://HOSTNAME/api/v3/admin/ldap/users/USERNAME/sync

Response

Status: 201
{ "status": "queued" }