GitHub Enterprise

Hideez Enterprise Server - Configuration SAML 2.0 for GitHub Enterprise

How to Configure SAML 2.0 for GitHub Enterprise

SAML single sign-on (SSO) gives organization owners and enterprise owners using GitHub Enterprise Cloud a way to control and secure access to organization resources like repositories, issues, and pull requests. Organization owners can invite your personal account on GitHub to join their organization that uses SAML SSO, which allows you to contribute to the organization and retain your existing identity and contributions on GitHub. If you're a member of an enterprise with managed users, you will instead use a new account that is provisioned for you and controlled by your enterprise.

Prerequisites

  1. Access to the GitHub Enterprise admin account.

  2. Administrative access to Hideez Enterprise Server to configure the IdP.

  3. A configured Hideez Enterprise Server instance with user identities set up.

  4. The users exist in Hideez Enterprise Server.

  5. The user is added to the GitHub organization.

Step 0: Add users to the Hideez Enterprise Server

You have to add the users that belong to GitHub Enterprise to the tenant on Hideez Enterprise Server.

Instructions:

Step 1: Enable SAML Single Sign-On in GitHub Enterprise

  1. Log in to your GitHub Enterprise account as an admin.

  2. Navigate to the organization or enterprise settings:

    • For organizations: Go to Settings → Security.

    • For enterprise accounts: Go to Enterprise settings → Authentication.

  3. In the "SAML single sign-on" section, click Enable SAML authentication.

Step 2: Configure the SAML Settings in Hideez Enterprise Server

General Application Setup

  1. Log in to your Hideez Enterprise Server as administrator.

  2. Go to Settings→ Parameters→ SAML→Add service provider and create a new SAML application for GitHub Enterprise.

  1. Provide the following details during the setup:

  • Name: Familiar name (e.g., SAML single sign-on for GitHub).

  • Issuer / SP Entity ID: https://github.com/enterprises/<organization-name>/ (replace <organization-name> with your organization's name). Example: https://github.com/enterprises/hideez.

  • ACS URL (Assertion Consumer Service URL): https://github.com/orgs/<organization-name>/saml/consume. Example: https://github.com/enterprises/hideez/saml/consume.

Locate the assertion consumer service URL directly on your GitHub Enterprise account.

  1. Click Add.

  1. Go to the section Identity Provider configuration and download the Hideez Enterprise Server signing certificate (in X.509 format).

  1. Keep this section open for later use.

Step 3: Complete SAML Setup in GitHub Enterprise

  1. Return to the GitHub Enterprise SAML settings page.

  2. Provide the following details:

    • Sign on URL: The SSO URL from Hideez Enterprise Server.

    • Issuer: The Entity ID or Issuer from Hideez Enterprise Server.

    • Public Certificate: Paste the X.509 certificate downloaded from Hideez Enterprise Server.

  3. Open the Public Certificate downloaded from Hideez Enterprise Server on your computer, copy it, and paste it into GitHub.

Step 4: Test the SAML Configuration

  1. On the GitHub Enterprise SAML settings page, click Test SAML login.

  2. Verify that you are redirected to Hideez Enterprise Server for authentication.

  3. Complete the login process and confirm access to GitHub Enterprise.

  4. Click Test SAML configuration before saving settings.

  5. Test SAML login to your GitHub Enterprise account using Hideez Enterprise Server.

Step 5: Save SAML for the GitHub Enterprises

  1. After testing is successful, return to the SAML settings page.

  2. Click Save SAML settings.

  1. Save recovery codes for emergencies.

For further assistance, refer to GitHub Enterprise documentation and Hideez Identity Cloud support resources.

PreviousADFS InstallationNextOpen ID Connect integration

Last updated