Skip to main content

Esta versão do GitHub Enterprise Server será descontinuada em 2024-03-07. Nenhum lançamento de patch será feito, mesmo para questões críticas de segurança. Para obter melhor desempenho, segurança aprimorada e novos recursos, atualize para a última versão do GitHub Enterprise Server. Para obter ajuda com a atualização, entre em contato com o suporte do GitHub Enterprise.

Sobre o gerenciamento de identidades e acesso

Os administradores de uma GitHub Enterprise Server instância devem decidir como os usuários acessarão a instância.

About IAM for GitHub Enterprise Server

Administrators who configure a GitHub Enterprise Server instance can use local accounts and built-in authentication on the instance. Alternatively, to centralize identity and access for an enterprise's web applications, administrators can configure an external authentication method. If you use SAML, you can optionally provision user accounts on the instance from your identity provider (IdP) using System for Cross-domain Identity Management (SCIM).

Authentication methods

The following authentication methods are available for GitHub Enterprise Server.

Built-in authentication

When you use built-in authentication for your GitHub Enterprise Server instance, each person creates a personal account from an invitation or by signing up. To access your instance, people authenticate with the credentials for the account. For more information, see "Configuring built-in authentication."

External authentication

If you use an external directory or identity provider (IdP) to centralize access to multiple web applications, you may be able to configure external authentication for your GitHub Enterprise Server instance. For more information, see the following articles.

Note: You can use either SAML or LDAP, but not both.

If you choose to use external authentication, you can also configure fallback authentication for people who don't have an account on your external authentication provider. For example, you may want to grant access to a contractor or machine user. For more information, see "Allowing built-in authentication for users outside your provider."

About provisioning

If you configure built-in authentication, CAS, LDAP, or SAML, GitHub Enterprise Server creates a user account when an authorized person signs into the instance, or "just in time" (JIT). Optionally, if you use SAML, you can provision user accounts from your identity provider (IdP) using SCIM. For more information, see "Configuring user provisioning with SCIM for your enterprise."

Further reading