Hideez Identity Cloud
  • Getting Started Guide
    • Key features of Hideez Identity Cloud
    • Quick Start Guide
      • The Hideez Desktop Client
      • Hideez Authenticator App
    • Tennant manegement
      • User Management
        • Passkey
        • Hideez Authenticator App
        • FIDO Security Key
        • Platform Authentication via Windows Hello
        • Password+OTP
      • Workstation management
  • PC Authorization
    • Passwordless Authorization
      • Active Directory
        • Setting Up the Active Directory Certification Authority
        • Setting Up Workstation Passwordless Logon Settings on Hideez Identity Cloud
      • Microsoft Entra ID
    • Password-based Authorization
  • INTEGRATIONS
    • SAML 2.0
      • GitHub Enterprise
      • Google Workspace
      • Okta
    • OIDC (OpenID Connect)
      • Services that support OIDC and their configuration as Client
    • WS-Federation
      • Login to Exchange Outlook Web Application and Exchange Admin Center via Hideez Identity Cloud
    • Active Directory On-Premises
      • Connect Active Directory to Hideez Identity Cloud
      • ADFS integration
        • Login to Microsoft Exchange OWA Using AD FS and Hideez Identity Cloud as a Third-Party IdP
    • Microsoft Entra ID
      • Synchronization and import employees from Microsoft Entra ID to Hideez Identity Cloud
      • Configuration of Hideez Cloud as an External Authentication Method for Microsoft Entra ID via OIDC
    • Chrome OS
  • USE CASES
    • Passkey Login
    • Hideez Authenticator App login
    • FIDO Security Key login
    • Platform login via Windows Hello
    • Password+TOTP login
  • SUPPORT
    • Get Support
    • FAQ
      • What to do if a user loses their key/device and cannot access the site?
      • Can a custom domain name be created for the tenant instead of the default one?
      • Why am I already logged in Hideez, and no authorization occurs when I access my web application?
      • How long does an open authorization session last?
      • How to log out of the web application?
      • Can I administer multiple tenants simultaneously?
      • Can there be multiple administrators for the Hideez Identity Cloud?
    • Glossary
  • Hideez Documentation Portal
Powered by GitBook
On this page
  • How to Configure SAML 2.0 for GitHub Enterprise
  • Step 0: Add users to the Hideez Identity Cloud
  • Step 1: Enable SAML Single Sign-On in GitHub Enterprise
  • Step 2: Configure the SAML Settings in Hideez Identity Cloud
  • Step 3: Complete SAML Setup in GitHub Enterprise
  • Step 4: Test the SAML Configuration
  • Step 5: Save SAML for the GitHub Enterprises
  1. INTEGRATIONS
  2. SAML 2.0

GitHub Enterprise

Hideez Identity Cloud - Configuration SAML 2.0 for GitHub Enterprise

Last updated 2 months ago

How to Configure SAML 2.0 for GitHub Enterprise

SAML single sign-on (SSO) gives organization owners and enterprise owners using GitHub Enterprise Cloud a way to control and secure access to organization resources like repositories, issues, and pull requests. Organization owners can invite your personal account on GitHub to join their organization that uses SAML SSO, which allows you to contribute to the organization and retain your existing identity and contributions on GitHub. If you're a member of an enterprise with managed users, you will instead use a new account that is provisioned for you and controlled by your enterprise.

Prerequisites

  • Access to the GitHub Enterprise admin account.

  • Administrative access to Hideez Identity Cloud to configure the IdP.

  • A configured Hideez Identity Cloud instance with user identities set up.

  • The users exist in Hideez Identity Cloud.

  • The user is added to the GitHub organization.

Step 0: Add users to the Hideez Identity Cloud

You have to add the users that belong to GitHub Enterprise to the tenant on Hideez Identity Cloud.

Please follow this guide to add the user:

Step 1: Enable SAML Single Sign-On in GitHub Enterprise

  1. Log in to your GitHub Enterprise account as an admin.

  2. Navigate to the organization or enterprise settings:

    • For organizations: Go to Settings → Security.

    • For enterprise accounts: Go to Enterprise settings → Authentication.

  3. In the "SAML single sign-on" section, click Enable SAML authentication.

Step 2: Configure the SAML Settings in Hideez Identity Cloud

General Application Setup

  1. Log in to your Hideez Identity Cloud admin portal.

  2. Go to Integrations→SAML and create a new SAML application for GitHub Enterprise.

  3. Provide the following details during the setup:

    • Name: Familiar name (e.g. SAML single sign-on for GitHub).

    • Issuer / SP Entity ID: https://github.com/enterprises/<organization-name>/ (replace <organization-name> with your organization's name). In our case: https://github.com/enterprises/hideez.

    • ACS URL (Assertion Consumer Service URL): https://github.com/orgs/<organization-name>/saml/consume. In our case: https://github.com/enterprises/hideez/saml/consume.

You can find the assertion consumer service URL directly on your GitHub Enterprise account:

  1. Click Create.

  1. Go to the Parameters tab and keep it open. We will use it later on.

  2. Download the Hideez Identity Cloud signing certificate (in X.509 format).

Step 3: Complete SAML Setup in GitHub Enterprise

  1. Return to the GitHub Enterprise SAML settings page.

  2. Provide the following details:

    • Sign on URL: The SSO URL from Hideez Identity Cloud.

    • Issuer: The Entity ID or Issuer from Hideez Identity Cloud.

    • Public Certificate: Paste the X.509 certificate downloaded from Hideez Identity Cloud.

You can open the Public Certificate downloaded from Hideez Identity Cloud on your computer, copy it, and paste it to GitHub.

Step 4: Test the SAML Configuration

  1. On the GitHub Enterprise SAML settings page, click Test SAML login.

  2. Verify that you are redirected to Hideez Identity Cloud for authentication.

  3. Complete the login process and confirm access to GitHub Enterprise.

  4. Click Test SAML configuration before saving settings and test SAML login to your GitHub Enterprise account using Hideez Identity Cloud.

Step 5: Save SAML for the GitHub Enterprises

  1. After testing is successful, return to the SAML settings page.

  2. Click Enforce SAML single sign-on.

  3. Confirm the enforcement to require SAML authentication for all members.

For further assistance, refer to and Hideez Identity Cloud support resources.

If you need assistance with server setup or configuring SAML/OIDC, our support team is also available to help. We’ll be happy to assist you!

Adding users to the tenant and configuring authentication methods.
GitHub Enterprise documentation
[email protected]