-
Notifications
You must be signed in to change notification settings - Fork 60.4k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
1,410 changed files
with
68,918 additions
and
129,620 deletions.
There are no files selected for viewing
Binary file added
BIN
+41.7 KB
assets/images/enterprise/business-accounts/enable-github-pages-checkbox.png
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added
BIN
+23 KB
assets/images/enterprise/business-accounts/enable-log-forwarding-checkbox.png
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added
BIN
+18.1 KB
assets/images/enterprise/business-accounts/pages-policies-save-button.png
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added
BIN
+4.82 KB
assets/images/enterprise/business-accounts/protocol-drop-down-menu.png
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added
BIN
+10.9 KB
assets/images/enterprise/business-accounts/public-certificate-text-box.png
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added
BIN
+41.2 KB
assets/images/enterprise/business-accounts/public-github-pages-checkbox.png
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added
BIN
+12.3 KB
assets/images/enterprise/business-accounts/save-button-log-forwarding.png
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added
BIN
+20.6 KB
assets/images/enterprise/configuration/ae-enterprise-configuration.png
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added
BIN
+14.4 KB
assets/images/enterprise/configuration/ae-force-pushes-configuration-menu.png
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added
BIN
+15.6 KB
...s/images/enterprise/configuration/ae-organization-creation-permissions-menu.png
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added
BIN
+94.6 KB
assets/images/enterprise/configuration/ae-repository-creation-permissions.png
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added
BIN
+57.3 KB
assets/images/enterprise/configuration/ae-repository-invitations-menu.png
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added
BIN
+77.6 KB
assets/images/enterprise/configuration/ae-repository-permissions-menu.png
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added
BIN
+14.2 KB
assets/images/enterprise/configuration/ae-repository-visibility-menu.png
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Oops, something went wrong.
Oops, something went wrong.
Oops, something went wrong.
Oops, something went wrong.
Binary file added
BIN
+69.4 KB
assets/images/enterprise/configuration/ae-test-saml-configuration.png
Oops, something went wrong.
Binary file modified
BIN
+5.61 KB
(120%)
assets/images/help/business-accounts/enterprise-account-settings-security-tab.png
Oops, something went wrong.
Binary file added
BIN
+60.8 KB
assets/images/help/enterprises/settings-require-scim-user-provisioning.png
Oops, something went wrong.
Oops, something went wrong.
Oops, something went wrong.
Binary file added
BIN
+74.1 KB
...ges/help/saml/ae-edit-idp-details-edit-signature-and-digest-drop-down-menus.png
Oops, something went wrong.
Binary file added
BIN
+66.7 KB
assets/images/help/saml/ae-edit-idp-details-edit-signature-and-digest.png
Oops, something went wrong.
Oops, something went wrong.
Binary file added
BIN
+56.8 KB
assets/images/help/saml/ae-edit-idp-details-test-saml-configuration.png
Oops, something went wrong.
Oops, something went wrong.
Oops, something went wrong.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
27 changes: 27 additions & 0 deletions
27
...dmin/authentication/about-identity-and-access-management-for-your-enterprise.md
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,27 @@ | ||
--- | ||
title: About identity and access management for your enterprise | ||
shortTitle: About identity and access management | ||
intro: 'You can use {% if enterpriseServerVersions contains currentVersion %}{% data variables.product.prodname_ghe_server %}''s built-in authentication, or choose between CAS, LDAP, or SAML{% else %}SAML single sign-on (SSO) and System for Cross-domain Identity Management (SCIM){% endif %} to centrally manage access {% if currentVersion == "free-pro-team@latest" %}to organizations owned by your enterprise on {% data variables.product.prodname_dotcom_the_website %}{% endif %}{% if enterpriseServerVersions contains currentVersion or currentVersion == "github-ae@latest" %}to {% data variables.product.product_location %}{% endif %}.' | ||
product: '{% data reusables.gated-features.saml-sso %}' | ||
versions: | ||
github-ae: '*' | ||
--- | ||
|
||
### About identity and access management for your enterprise | ||
|
||
{% if currentVersion == "github-ae@latest" %} | ||
|
||
{% data reusables.saml.ae-uses-saml-sso %} {% data reusables.saml.ae-enable-saml-sso-during-bootstrapping %} | ||
|
||
After you configure the application for {% data variables.product.product_name %} on your IdP, you can grant access to {% data variables.product.product_location %} by assigning the application to users on your IdP. For more information about SAML SSO for {% data variables.product.product_name %}, see "[Configuring SAML single sign-on for your enterprise](/admin/authentication/configuring-saml-single-sign-on-for-your-enterprise)." | ||
|
||
{% data reusables.scim.after-you-configure-saml %} For more information, see "[Configuring user provisioning for your enterprise](/admin/authentication/configuring-user-provisioning-for-your-enterprise)." | ||
|
||
To learn how to configure both authentication and user provisioning for {% data variables.product.product_location %} with your specific IdP, see "[Configuring authentication and provisioning with your identity provider](/admin/authentication/configuring-authentication-and-provisioning-with-your-identity-provider)." | ||
|
||
{% endif %} | ||
|
||
### Further reading | ||
|
||
- [SAML Wiki](https://wiki.oasis-open.org/security) on the OASIS website | ||
- [System for Cross-domain Identity Management: Protocol (RFC 7644)](https://tools.ietf.org/html/rfc7644) on the IETF website |
2 changes: 1 addition & 1 deletion
2
...thentication/authenticating-users-for-your-github-enterprise-server-instance.md
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
47 changes: 47 additions & 0 deletions
47
...nfiguring-authentication-and-provisioning-for-your-enterprise-using-azure-ad.md
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,47 @@ | ||
--- | ||
title: Configuring authentication and provisioning for your enterprise using Azure AD | ||
shortTitle: Configuring with Azure AD | ||
intro: You can use a tenant in Azure Active Directory (Azure AD) as an identity provider (IdP) to centrally manage authentication and user provisioning for {% data variables.product.product_location %}. | ||
permissions: Enterprise owners can configure authentication and provisioning for an enterprise on {% data variables.product.product_name %}. | ||
product: '{% data reusables.gated-features.saml-sso %}' | ||
versions: | ||
github-ae: '*' | ||
--- | ||
|
||
### About authentication and user provisioning with Azure AD | ||
|
||
Azure Active Directory (Azure AD) is a service from Microsoft that allows you to centrally manage user accounts and access to web applications. For more information, see [What is Azure Active Directory?](https://docs.microsoft.com/en-us/azure/active-directory/fundamentals/active-directory-whatis) in the Microsoft Docs. | ||
|
||
To manage identity and access for {% data variables.product.product_name %}, you can use an Azure AD tenant as a SAML IdP for authentication. You can also configure Azure AD to automatically provision accounts and access with SCIM. This configuration allows you to assign or unassign the {% data variables.product.prodname_ghe_managed %} application for a user account in your Azure AD tenant to automatically create, grant access to, or deactivate a corresponding user account on {% data variables.product.product_name %}. | ||
|
||
For more information about managing identity and access for your enterprise on {% data variables.product.product_location %}, see "[Managing identity and access for your enterprise](/admin/authentication/managing-identity-and-access-for-your-enterprise)." | ||
|
||
### Prerequisites | ||
|
||
To configure authentication and user provisioning for {% data variables.product.product_name %} using Azure AD, you must have an Azure AD account and tenant. For more information, see the [Azure AD website](https://azure.microsoft.com/en-us/free/active-directory) and [Quickstart: Create an Azure Active Directory tenant](https://docs.microsoft.com/en-us/azure/active-directory/develop/quickstart-create-new-tenant) in the Microsoft Docs. | ||
|
||
{% data reusables.saml.assert-the-administrator-attribute %} For more information about including the `administrator` attribute in the SAML claim from Azure AD, see [How to: customize claims issued in the SAML token for enterprise applications](https://docs.microsoft.com/en-us/azure/active-directory/develop/active-directory-saml-claims-customization) in the Microsoft Docs. | ||
|
||
{% data reusables.saml.create-a-machine-user %} | ||
|
||
### Configuring authentication and user provisioning with Azure AD | ||
|
||
{% if currentVersion == "github-ae@latest" %} | ||
|
||
1. In Azure AD, add {% data variables.product.ae_azure_ad_app_link %} to your tenant and configure single sign-on. | ||
|
||
| Value in Azure AD | Value from {% data variables.product.prodname_ghe_managed %} | | ||
| :- | :- | | ||
| Identifier (Entity ID) | <code>https://<em>YOUR-GITHUB-AE-HOSTNAME</em><code> | | ||
| Reply URL | <code>https://<em>YOUR-GITHUB-AE-HOSTNAME</em>/saml/consume</code> | | ||
| Sign on URL | <code>https://<em>YOUR-GITHUB-AE-HOSTNAME</em>/sso</code> | | ||
|
||
1. In {% data variables.product.prodname_ghe_managed %}, enter the details for your Azure AD tenant. | ||
|
||
- {% data reusables.saml.ae-enable-saml-sso-during-bootstrapping %} | ||
|
||
- If you've already configured SAML SSO for {% data variables.product.product_location %} using another IdP and you want to use Azure AD instead, you can edit your configuration. For more information, see "[Configuring SAML single sign-on for your enterprise](/admin/authentication/configuring-saml-single-sign-on-for-your-enterprise#editing-the-saml-sso-configuration)." | ||
|
||
1. Enable user provisioning in {% data variables.product.product_name %} and configure user provisioning in Azure AD. For more information, see "[Configuring user provisioning for your enterprise](/admin/authentication/configuring-user-provisioning-for-your-enterprise#enabling-user-provisioning-for-your-enterprise)." | ||
|
||
{% endif %} |
8 changes: 8 additions & 0 deletions
8
...tion/configuring-authentication-and-provisioning-with-your-identity-provider.md
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,8 @@ | ||
--- | ||
title: Configuring authentication and provisioning with your identity provider | ||
intro: You can use an identity provider (IdP) that supports both SAML single sign-on (SSO) and System for Cross-domain Identity Management (SCIM) to configure authentication and user provisioning for {% data variables.product.product_location %}. | ||
mapTopic: true | ||
versions: | ||
github-ae: '*' | ||
--- | ||
|
Oops, something went wrong.