我们经常发布文档更新,此页面的翻译可能仍在进行中。有关最新信息,请访问英文文档。如果此页面上的翻译有问题,请告诉我们

关于使用 SAML 单点登录进行身份验证

您可以通过身份提供程序 (IdP) 验证来访问使用 SAML 单点登录 (SSO) 的组织。 To authenticate with the API or Git on the command line when an organization enforces SAML SSO, you must authorize your personal access token or SSH key.

SAML 单点登录可用于 GitHub Enterprise Cloud。 更多信息请参阅“GitHub's products”。

SAML SSO gives organization owners and enterprise owners on GitHub a way to control and secure access to organization resources like repositories, issues, and pull requests. Organization owners can invite your user account on GitHub to join their organization that uses SAML SSO, which allows you to contribute to the organization and retain your existing identity and contributions on GitHub.

When you access resources within an organization that uses SAML SSO, GitHub will redirect you to the organization's SAML IdP to authenticate. After you successfully authenticate with your account on the IdP, the IdP redirects you back to GitHub, where you can access the organization's resources.

Note: Outside collaborators aren't required to authenticate with an IdP to access the resources in an organization with SAML SSO. 有关外部协作者的更多信息,请参阅“组织的权限级别”。

If you have recently authenticated with your organization's SAML IdP in your browser, you are automatically authorized when you access a GitHub organization that uses SAML SSO. If you haven't recently authenticated with your organization's SAML IdP in your browser, you must authenticate at the SAML IdP before you can access the organization.

You must periodically authenticate with your SAML IdP to authenticate and gain access to the organization's resources on GitHub. 此登录期的持续时间由 IdP 指定,一般为 24 小时。 此定期登录要求会限制访问的时长,您必须重新验证身份后才可继续访问。 您可以在安全设置中查看和管理活动的 SAML 会话。 更多信息请参阅“查看和管理活动的 SAML 会话”。

要在命令行上使用 API 或 Git 访问使用 SAML SSO 的组织中受保护的内容,需要使用授权的 HTTPS 个人访问令牌或授权的 SSH 密钥。 默认授权 OAuth 应用程序 访问令牌。

如果没有个人访问令牌或 SSH 密钥,可以创建用于命令行的个人访问令牌或生成新的 SSH 密钥。 For more information, see "Creating a personal access token for the command line" or "Generating a new SSH key and adding it to the ssh-agent."

要对实施 SAML SSO 的组织使用新的或现有的个人访问令牌或 SSH 密钥,需要授权该令牌或授权 SSH 密钥用于 SAML SSO 组织。 For more information, see "Authorizing a personal access token for use with SAML single sign-on" or "Authorizing an SSH key for use with SAML single sign-on."

You must have an active SAML session each time you authorize an OAuth 应用程序.

延伸阅读

问问别人

找不到要找的内容?

联系我们