Configuring provisioning for GitHub Enterprise
Use this task to provision users from IBM Security® Verify to a GitHub Enterprise application.
Before you begin
- Organization name
- Host name
- App ID
- Private key
- Personal access token
About this task
Only one application can be assigned for each GitHub Enterprise Server organization. GitHub Enterprise Server supports authentication that is based on GitHub App Token and Personal Access Token specifications.
Provisioning provides the following features.
- Create new users
- Users who are entitled to the GitHub Enterprise application through IBM Security Verify are also created in the GitHub Enterprise application if the user account does not exist.
- Delete users
- Deactivating the user or disabling the user's access to the application through IBM Security Verify deletes the user in the GitHub Enterprise Server application.
- Modify user profile
- Updates made to the user's profile through IBM Security Verify are pushed to the GitHub Enterprise application.
- Users suspend and restore
- Suspending a user through IBM Security Verify deactivates the user, and restoring the user through Verify activates the user in the GitHub Enterprise application.
- User account synchronization and remediation
- The GitHub Enterprise application supports user synchronization, remediation, and group synchronization features. Account synchronization fetches all the target application users in IBM Security Verify and matches the fetched users with users in IBM Security Verify. The adoption policy that is defined on the application specifies the matching attributes for adoption of the reconciled users. Remediation policy can be configured to remediate user accounts with attribute values that differ between IBM Security Verify and the target application. IBM Security Verify supports the following three remediation policies.
- Do not remediate non-compliant accounts automatically.
- Update the IBM Security Verify account attribute values with the target application values.
- Update the target application account attribute values with IBM Security Verify values.
- Fine grained entitlement
- Fine grained entitlement is supported for the GitHub Enterprise application. Synchronized fetches all the GitHub Enterprise applications and application groups. Users can be added to or removed from the groups.