Using Enterprise Managed Users for IAM
To manage users in your enterprise with your identity provider, your enterprise must be enabled for Enterprise Managed Users, which are available with GitHub Enterprise Cloud. For more information, see "About Enterprise Managed Users."
About Enterprise Managed Users
You can centrally manage identity and access for your enterprise members on GitHub from your identity provider.
Configuring SAML single sign-on for Enterprise Managed Users
You can automatically manage access to your enterprise account on GitHub by configuring Security Assertion Markup Language (SAML) single sign-on (SSO).
Configuring OIDC for Enterprise Managed Users
You can automatically manage access to your enterprise account on GitHub by configuring OpenID Connect (OIDC) single sign-on (SSO) and enable support for your IdP's Conditional Access Policy (CAP).
Configuring SCIM provisioning for Enterprise Managed Users
You can configure your identity provider to provision new users and manage their membership in your enterprise and teams.
Configuring SCIM provisioning for Enterprise Managed Users with Okta
You can provision new users and manage their membership of your enterprise and teams using Okta as your identity provider.
Managing team memberships with identity provider groups
You can manage team membership on GitHub Enterprise Cloud through your identity provider (IdP) by connecting IdP groups with your managed usersを持つEnterprise.
About support for your IdP's Conditional Access Policy
When your enterprise uses OIDC SSO, GitHub will validate access to your enterprise and its resources using your IdP's Conditional Access Policy (CAP).
Migrating from SAML to OIDC
If you're using SAML to authenticate members in your managed usersを持つEnterprise, you can migrate to OpenID Connect (OIDC) and benefit from support for your IdP's Conditional Access Policy.