Okta

How to Configure SAML 2.0 for GitHub Enterprise Managed User


Read this before you enable SAML

Enabling SAML will affect all users who use this application, which means that users will not be able to sign in through their regular sign-in page. They will be able to access the app through the Okta service.

Backup URL

GitHub doesn't provide a backup sign-in URL where users can sign in using their regular username and password. You can contact GitHub Support to turn off SAML, if necessary.

Contents

Supported Features

The Okta/GitHub Enterprise Managed User SAML integration currently supports the following features:

For more information on the listed features, visit the Okta Glossary.


Configuration Steps

  1. In Okta, select the Sign On tab for the GitHub Enterprise Managed User SAML app, then click Edit.

    • Enter your Enterprise Name.

      For example, if you sign in to https://github.com/enterprises/acme, your Enterprise Name value is acme.

  2. Sign in to your GitHub Enterprise instance as owner.

  3. Go to your organization Settings > Security.

  4. In the SAML single sign-on section, check Enable SAML authentication.

  5. Enter the following information:

    • Sign on URL: Copy and paste the following:

      Sign into the Okta Admin Dashboard to generate this variable.

    • Issuer: Copy and paste the following:

      Sign into the Okta Admin Dashboard to generate this variable.

    • Public certificate: Download and save, then attach the following:

      Sign into the Okta Admin Dashboard to generate this variable.
    • Click Test SAML configuration.

    • After successful sign-in, you'll see the following message: Passed: Successfully authenticated your SAML SSO identity.

    • Click Save.

    enter SAML config values

  6. Done!


Notes

The following SAML attributes are supported:


SP-initiated SSO

  1. Go to: https://github.com/enterprises/[yourEnterpriseName]/

  2. Click Continue.