Organization administrators can manage organization members' identities and access to the organization with SAML single sign-on.
Note: This feature is only available with GitHub Enterprise Cloud. For more information, see "GitHub's products."
Using Security Assertion Markup Language (SAML) web browser single sign-on (SSO), administrators can use an identity provider to manage the identities of their users and the applications they use. Organization members can authenticate with an identity provider that grants access to your GitHub organization.
With System for Cross-domain Identity Management (SCIM), administrators can automate the exchange of user identity information between systems.
To use SAML single sign-on and SCIM, you must connect your identity provider to your GitHub organization.
Organization owners and admins can enable SAML single sign-on to add an extra layer of security to their organization.
Before you enforce SAML single sign-on in your organization, you should verify your organization's membership and configure the connection settings to your identity provider.
Organization owners and admins can enforce SAML SSO so that all organization members must authenticate via an identity provider.
Organization administrators should download their organization's SAML single sign-on recovery codes to ensure that they can access GitHub even if the identity provider for the organization is unavailable.
Organization administrators can sign into GitHub even if their identity provider is unavailable by bypassing single sign-on and using their recovery codes.