Note: To use SAML single sign-on, your organization must use GitHub Enterprise Cloud. For more information about how you can try GitHub Enterprise Cloud for free, see "Setting up a trial of GitHub Enterprise Cloud."
Managing SAML single sign-on for your organization
Organization owners can manage organization members' identities and access to the organization with SAML single sign-on (SSO).
About identity and access management with SAML single sign-on
If you centrally manage your users' identities and applications with an identity provider (IdP), you can configure Security Assertion Markup Language (SAML) single sign-on (SSO) to protect your organization's resources on GitHub.
About SCIM for organizations
With System for Cross-domain Identity Management (SCIM), administrators can automate the exchange of user identity information between systems.
Connecting your identity provider to your organization
To use SAML single sign-on and SCIM, you must connect your identity provider (IdP) to your organization on GitHub Enterprise Cloud.
Configuring SAML single sign-on and SCIM using Okta
You can use Security Assertion Markup Language (SAML) single sign-on (SSO) and System for Cross-domain Identity Management (SCIM) with Okta to automatically manage access to your organization on GitHub.
Enabling and testing SAML single sign-on for your organization
Organization owners and admins can enable SAML single sign-on to add an extra layer of security to their organization.
Preparing to enforce SAML single sign-on in your organization
Before you enforce SAML single sign-on in your organization, you should verify your organization's membership and configure the connection settings to your identity provider.
Enforcing SAML single sign-on for your organization
Organization owners and admins can enforce SAML SSO so that all organization members must authenticate via an identity provider (IdP).
Downloading your organization's SAML single sign-on recovery codes
Organization owners should download their organization's SAML single sign-on recovery codes to ensure that they can access GitHub Enterprise Cloud even if the identity provider for the organization is unavailable.
Managing team synchronization for your organization
You can enable and disable team synchronization between your identity provider (IdP) and your organization on GitHub Enterprise Cloud.
Disabling SAML single sign-on for your organization
You can disable SAML single sign-on (SSO) for your organization.
Accessing your organization if your identity provider is unavailable
Organization owners can sign into GitHub Enterprise Cloud even if their identity provider is unavailable by bypassing single sign-on (SSO) and using their recovery codes.
Troubleshooting identity and access management for your organization
Review and resolve common troubleshooting errors for managing your organization's SAML SSO, team synchronization, or identity provider (IdP) connection.