Skip to main content
설명서에 자주 업데이트를 게시하며 이 페이지의 번역이 계속 진행 중일 수 있습니다. 최신 정보는 영어 설명서를 참조하세요.
GitHub AE는 현재 제한된 릴리스에 있습니다.

엔터프라이즈 IAM에 대한 SAML 정보

SAML SSO(Single Sign-On) 와 SCIM(System for Cross-domain Identity Management) 을 사용하여 조직 소유의 액세스 에서 엔터프라이즈로 엔터프라이즈에 의해 전송됩니다.

About SAML SSO for your enterprise on GitHub AE

GitHub AE uses SAML SSO for user authentication. You can centrally manage access to GitHub AE from an IdP that supports the SAML 2.0 standard. You'll configure identity and access management for GitHub AE by entering the details for your SAML IdP during initialization. For more information, see "Initializing GitHub AE."

After you configure the application for GitHub AE on your identity provider (IdP), you can provision access to your enterprise by assigning users and groups to the application on your IdP. For more information about SAML SSO for GitHub AE, see "Configuring SAML single sign-on for your enterprise."

For more information about the configuration of SAML SSO on GitHub AE, see "Configuring SAML single sign-on for your enterprise." To learn how to configure both authentication and user provisioning for your enterprise with your specific IdP, see the articles for individual IdPs in "Using SAML for enterprise IAM."

About creation of user accounts

By default, your IdP does not communicate with GitHub AE automatically when you assign or unassign the application. GitHub AE creates a user account using SAML Just-in-Time (JIT) provisioning the first time someone navigates to GitHub AE and signs in by authenticating through your IdP. You may need to manually notify users when you grant access to GitHub AE, and you must manually deactivate the user account on GitHub AE during offboarding.

Alternatively, instead of SAML JIT provisioning, you can use SCIM to create or suspend user accounts and grant or deny access to your enterprise automatically after you assign or unassign the application on your IdP. For more information, see "Configuring user provisioning with SCIM for your enterprise."

Supported IdPs

The following IdPs are officially supported for integration with GitHub AE.

Note: GitHub AE single sign-on (SSO) support for Okta is currently in beta.

IdPSAMLUser provisioningTeam mapping
Azure Active Directory (Azure AD)
Okta Beta Beta Beta

Mapping GitHub AE teams to Okta groups

If you use Okta as your IdP, you can map your Okta groups to teams on GitHub AE. For more information, see "Mapping Okta groups to teams."

Further reading