Note: GitHub AE single sign-on (SSO) support for Okta is currently in beta.
About team mapping
If you use Okta as your IdP, you can map your Okta group to a team in GitHub AE. Members of the Okta group will automatically become members of the mapped GitHub AE team. To configure this mapping, you can configure the Okta "GitHub AE" app to push the group and its members to GitHub AE. You can then choose which team in GitHub AE will be mapped to the Okta group.
必要な環境
You or your Okta administrator must be a Global administrator or a Privileged Role administrator in Okta.
You must enable SAML single sign-on with Okta. 詳しい情報については、「Enterprise 向けのSAML シングルサインオンを設定する」を参照してください。
You must authenticate to your enterprise account using SAML SSO and Okta. 詳しい情報については「SAMLシングルサインオンで認証する」を参照してください。
Assigning your Okta group to the "GitHub AE" app
-
In the Okta Dashboard, open your group's settings.
-
Click Manage Apps.
-
To the right of "GitHub AE", click Assign.
-
[Done] をクリックします。
Pushing the Okta group to GitHub AE
When you push an Okta group and map the group to a team, all of the group's members will be able to sign in to GitHub AE.
-
In the Okta Dashboard, expand the Applications menu, then click Applications.
-
Click on the GitHub AE app.
-
Click Push Groups.
-
Select the Push Groups drop-down menu and click Find groups by name.
-
Type the name of the group to push to GitHub AE, then click Save.
Mapping a team to the Okta group
You can map a team in your enterprise to an Okta group you previously pushed to GitHub AE. Members of the Okta group will then automatically becomes members of the GitHub AE team. Any subsequent changes to the Okta group's membership are automatically synchronized with the GitHub AE team.
- In the top right corner of GitHub AE, click your profile photo, then click Your organizations.
- Click the name of your organization.
- Organization 名の下で、クリックします
Teams.
- Teamsタブで、Teamの名前をクリックしてください。
- Team ページの上部で、 Settings(設定)をクリックしてください。
- Under "Identity Provider Group", select the drop-down menu and click an identity provider group.
- [Save changes] をクリックします。
Checking the status of your mapped teams
Enterprise owners can use the site admin dashboard to check how Okta groups are mapped to teams on GitHub AE.
-
ダッシュボードへアクセスするには、ページ右上の隅にある をクリックしてください。
-
In the left pane, click External groups.
-
To view more details about a group, in the list of external groups, click on a group.
-
The group's details includes the name of the Okta group, a list of the Okta users that are members of the group, and the corresponding mapped team on GitHub AE.
Viewing audit log events for mapped groups
To monitor SSO activity for mapped groups, you can review the following events in the GitHub AE audit log.
アクション | 説明 |
---|---|
external_group.delete | Triggered when your Okta group is deleted. For more information, see "Mapping Okta groups to teams." |
external_group.link | Triggered when your Okta group is mapped to your GitHub AE team. For more information, see "Mapping Okta groups to teams." |
external_group.provision | Triggered when an Okta group is mapped to your team on GitHub AE. For more information, see "Mapping Okta groups to teams." |
external_group.unlink | Triggered when your Okta group is unmapped from your GitHub AE team. For more information, see "Mapping Okta groups to teams." |
external_group.update | Triggered when your Okta group's settings are updated. For more information, see "Mapping Okta groups to teams." |
アクション | 説明 |
---|---|
external_identity.deprovision | Triggered when a user is removed from your Okta group and is subsequently deprovisioned from GitHub AE. For more information, see "Mapping Okta groups to teams." |
external_identity.provision | Triggered when an Okta user is added to your Okta group and is subsequently provisioned to the mapped team on GitHub AE. For more information, see "Mapping Okta groups to teams." |
external_identity.update | Triggered when an Okta user's settings are updated. For more information, see "Mapping Okta groups to teams." |
For more information, see "Reviewing the audit log for your organization."