You can control access to your enterprise account in GitHub Enterprise Cloud and other web applications from one central interface by configuring the enterprise account to use SAML SSO with Okta, an Identity Provider (IdP).
SAML SSO controls and secures access to enterprise account resources like organizations, repositories, issues, and pull requests. For more information, see "
Configuring SAML single sign-on for your enterprise
."
There are special considerations when enabling SAML SSO for your enterprise account if any of the organizations owned by the enterprise account are already configured to use SAML SSO. For more information, see "
Switching your SAML configuration from an organization to an enterprise account
."
Alternatively, you can also configure SAML SSO using Okta for an organization that uses GitHub Enterprise Cloud. For more information, see "
Configuring SAML single sign-on and SCIM using Okta
."
- Sign into your
Okta account
.
- Navigate to the
GitHub Enterprise Cloud - Enterprise Accounts
application in the Okta Integration Network and click
Add Integration
.
- In the left sidebar, use the
Applications
dropdown and click
Applications
.
- Optionally, to the right of "Application label", type a descriptive name for the application.
- To the right of "GitHub Enterprises", type the name of your enterprise account. For example, if your enterprise account's URL is
https://github.com/enterprises/octo-corp
, type
octo-corp
.
- Click
Done
.
- Sign into your
Okta account
.
- In the left sidebar, use the
Applications
dropdown and click
Applications
.
- Click the label for the application you created for your enterprise account.
- Assign the application to your user in Okta. For more information, see
Assign applications to users
in the Okta documentation.
- Under the name of the application, click
Sign on
.
- To the right of Settings, click
Edit
.
- Under "Configured SAML Attributes", to the right of "groups", use the drop-down menu and select
Matches regex
.
- To the right of the drop-down menu, type
.*.*
.
- Click
Save
.
- Under "SIGN ON METHODS", click
View Setup Instructions
.
- Enable SAML for your enterprise account using the information in the setup instructions. For more information, see "
Configuring SAML single sign-on for your enterprise
."