Skip to main content

Sincronizar un equipo con un grupo de proveedor de identidad

Puedes sincronizar un equipo de GitHub Enterprise Server con un grupo de proveedor de identidad (IdP) compatible para agregar y eliminar miembros del grupo automáticamente.

¿Quién puede utilizar esta característica?

Organization owners can synchronize a GitHub team with an IdP group.

About team synchronization

If team sync is enabled for your organization or enterprise account, you can synchronize a GitHub team with an IdP group. When you synchronize a GitHub team with an IdP group, membership changes to the IdP group are reflected on GitHub Enterprise Server automatically, reducing the need for manual updates and custom scripts.

You can assign an IdP group to multiple GitHub Enterprise Server teams.

Once a GitHub team is connected to an IdP group, your IdP administrator must make team membership changes through the identity provider. You cannot manage team membership on GitHub Enterprise Server.

Parent teams cannot synchronize with IdP groups. If the team you want to connect to an IdP group is a parent team, we recommend creating a new team or removing the nested relationships that make your team a parent team. For more information, see "About teams," "Creating a team," and "Moving a team in your organization’s hierarchy."

To manage repository access for any GitHub team, including teams connected to an IdP group, you must make changes with GitHub Enterprise Server. For more information, see "About teams" and "Managing team access to an organization repository."

Prerequisites

To connect a team on GitHub Enterprise Server to an IdP group, the team must already exist in your organization. Even if you have configured SCIM provisioning, creating a group in your IdP does not automatically create a team on GitHub Enterprise Server.

You must configure user provisioning with SCIM for your GitHub Enterprise Server instance. For more information, see "About user provisioning with SCIM on GitHub Enterprise Server."

Note

SCIM for GitHub Enterprise Server is currently in beta and subject to change. GitHub recommends testing with a staging instance first. See "Setting up a staging instance."

Connecting an IdP group to a team

When you connect an IdP group to a GitHub Enterprise Server team, all users in the group are automatically added to the team.

  1. In the upper-right corner of GitHub, select your profile photo, then click Your organizations**.

  2. Click the name of your organization.

  3. Under your organization name, click Teams.

    Screenshot of the horizontal navigation bar for an organization. A tab, labeled with the people icon and "Teams," is outlined in dark orange.

  4. Click the name of the team.

  5. At the top of the team page, click Settings.

    Screenshot of the header of a team's page. A tab, labeled with a gear icon and "Settings", is outlined in dark orange.

  6. Click Save changes.

Disconnecting an IdP group from a team

  1. In the upper-right corner of GitHub, select your profile photo, then click Your organizations**.

  2. Click the name of your organization.

  3. Under your organization name, click Teams.

    Screenshot of the horizontal navigation bar for an organization. A tab, labeled with the people icon and "Teams," is outlined in dark orange.

  4. Click the name of the team.

  5. At the top of the team page, click Settings.

    Screenshot of the header of a team's page. A tab, labeled with a gear icon and "Settings", is outlined in dark orange.

  6. Click Save changes.