Authorizing a personal access token for use with SAML single sign-on

You must authorize your personal access token (classic) after creation before the token can access an organization that uses SAML single sign-on (SSO). For more information about creating a new personal access token (classic), see "Creating a personal access token." Fine-grained personal access tokens are authorized during token creation, before access to the organization is granted.

Before you can authorize a personal access token or SSH key, you must have a linked SAML identity. If you're a member of an organization where SAML SSO is enabled, you can create a linked identity by authenticating to your organization with your IdP at least once. For more information, see "About authentication with SAML single sign-on."

After you authorize a personal access token or SSH key, the token or key will stay authorized until revoked in one of the following ways.

• An organization or enterprise owner revokes the authorization.
• You are removed from the organization.
• The scopes in a personal access token are edited, or the token is regenerated.
• The personal access token expired as defined during creation.

1. 任意のページで、右上隅にあるプロファイルの画像をクリックし、次に[設定]をクリックします。

   

2. In the left sidebar, click Developer settings.

3. In the left sidebar, click Personal access tokens.

4. Next to the token you'd like to authorize, click Configure SSO. If you don't see Configure SSO, ensure that you have authenticated at least once through your SAML IdP to access resources on GitHub.com. For more information, see "About authentication with SAML single sign-on."

   

5. To the right of the organization you'd like to authorize the token for, click Authorize.

Further reading

• "Creating a personal access token"
• "About authentication with SAML single sign-on"