Merge branch 'main' into patch-2
This commit is contained in:
Ramya Parimi
@@ -1,8 +1,8 @@
|
||||
---
|
||||
title: Enabling or disabling GitHub Discussions for a repository
|
||||
intro: 'You can use discussions in a repository as a place for your community to have conversations, ask questions, and post answers without scoping work in an issue.'
|
||||
intro: 'You can use {% data variables.product.prodname_discussions %} in a repository as a place for your community to have conversations, ask questions, and post answers without scoping work in an issue.'
|
||||
product: '{% data reusables.gated-features.discussions %}'
|
||||
permissions: People with admin permissions to a repository can enable discussions for the repository.
|
||||
permissions: People with admin permissions to a repository can enable {% data variables.product.prodname_discussions %} for the repository.
|
||||
versions:
|
||||
fpt: '*'
|
||||
topics:
|
||||
@@ -13,7 +13,7 @@ shortTitle: Discussions
|
||||
---
|
||||
{% data reusables.discussions.beta %}
|
||||
|
||||
## Enabling or disabling discussions for your repository
|
||||
## Enabling or disabling {% data variables.product.prodname_discussions %} for your repository
|
||||
|
||||
{% data reusables.discussions.enabling-or-disabling-github-discussions-for-your-repository %}
|
||||
1. To disable discussions, under "Features", unselect **Discussions**.
|
||||
|
||||
@@ -0,0 +1,53 @@
|
||||
---
|
||||
title: Authorizing GitHub Apps
|
||||
intro: 'You can authorize a {% data variables.product.prodname_github_app %} to allow an application to retrieve information about your {% data variables.product.prodname_dotcom %} account and, in some circumstances, to make changes on {% data variables.product.prodname_dotcom %} on your behalf.'
|
||||
versions:
|
||||
fpt: '*'
|
||||
ghes: '*'
|
||||
ghae: '*'
|
||||
topics:
|
||||
- Identity
|
||||
- Access management
|
||||
---
|
||||
|
||||
Third-party applications that need to verify your {% data variables.product.prodname_dotcom %} identity, or interact with the data on {% data variables.product.prodname_dotcom %} on your behalf, can ask you to authorize the {% data variables.product.prodname_github_app %} to do so.
|
||||
|
||||
When authorizing the {% data variables.product.prodname_github_app %}, you should ensure you trust the application, review who it's developed by, and review the kinds of information the application wants to access.
|
||||
|
||||
During authorization, you'll be prompted to grant the {% data variables.product.prodname_github_app %} permission to:
|
||||
* **Verify your {% data variables.product.prodname_dotcom %} identity**<br/>
|
||||
When authorized, the {% data variables.product.prodname_github_app %} will be able to programmatically retrieve your public GitHub profile, as well as some private details (such as your email address), depending on the level of access requested.
|
||||
* **Know which resources you can access**<br/>
|
||||
When authorized, the {% data variables.product.prodname_github_app %} will be able to programmatically read the _private_ {% data variables.product.prodname_dotcom %} resources that you can access (such as private {% data variables.product.prodname_dotcom %} repositories) _where_ an installation of the {% data variables.product.prodname_github_app %} is also present. The application may use this, for example, so that it can show you an appropriate list of repositories.
|
||||
* **Act on your behalf**<br/>
|
||||
The application may need to perform tasks on {% data variables.product.prodname_dotcom %}, as you. This might include creating an issue, or commenting on a pull request. This ability to act on your behalf is limited to the {% data variables.product.prodname_dotcom %} resources where _both_ you and the {% data variables.product.prodname_github_app %} have access. In some cases, however, the application may never make any changes on your behalf.
|
||||
|
||||
## When does a {% data variables.product.prodname_github_app %} act on your behalf?
|
||||
|
||||
The situations in which a {% data variables.product.prodname_github_app %} acts on your behalf vary according to the purpose of the {% data variables.product.prodname_github_app %} and the context in which it is being used.
|
||||
|
||||
For example, an integrated development environment (IDE) may use a {% data variables.product.prodname_github_app %} to interact on your behalf in order to push changes you have authored through the IDE back to repositories on {% data variables.product.prodname_dotcom %}. The {% data variables.product.prodname_github_app %} will achieve this through a [user-to-server request](/get-started/quickstart/github-glossary#user-to-server-request).
|
||||
|
||||
When a {% data variables.product.prodname_github_app %} acts on your behalf in this way, this is identified on GitHub via a special icon that shows a small avatar for the {% data variables.product.prodname_github_app %} overlaid onto your own avatar, similar to the one shown below.
|
||||
|
||||
|
||||
|
||||
## To what extent can a {% data variables.product.prodname_github_app %} know which resources you can access and act on your behalf?
|
||||
|
||||
The extent to which a {% data variables.product.prodname_github_app %} can know which resources you can access and act on your behalf, after you have authorized it, is limited by:
|
||||
|
||||
* The organizations or repositories on which the app is installed
|
||||
* The permissions the app has requested
|
||||
* Your access to {% data variables.product.prodname_dotcom %} resources
|
||||
|
||||
Let's use an example to explain this.
|
||||
|
||||
{% data variables.product.prodname_dotcom %} user Alice logs into a third-party web application, ExampleApp, using their {% data variables.product.prodname_dotcom %} identity. During this process, Alice authorizes ExampleApp to perform actions on their behalf.
|
||||
|
||||
However, the activity ExampleApp is able to perform on Alice's behalf in {% data variables.product.prodname_dotcom %} is constrained by: the repositories on which ExampleApp is installed, the permissions ExampleApp has requested, and Alice's access to {% data variables.product.prodname_dotcom %} resources.
|
||||
|
||||
This means that, in order for ExampleApp to create an issue on Alice's behalf, in a repository called Repo A, all of the following must be true:
|
||||
|
||||
* ExampleApp's {% data variables.product.prodname_github_app %} requests write access to issues.
|
||||
* A user having admin access for Repo A must have installed ExampleApp's {% data variables.product.prodname_github_app %} on Repo A.
|
||||
* Alice must have read permission for Repo A. For information about which permissions are required to perform various activities, see "[Repository permission levels for an organization](/organizations/managing-access-to-your-organizations-repositories/repository-permission-levels-for-an-organization#repository-access-for-each-permission-level)."
|
||||
@@ -26,7 +26,7 @@ When an {% data variables.product.prodname_oauth_app %} wants to identify you by
|
||||
|
||||
## {% data variables.product.prodname_oauth_app %} access
|
||||
|
||||
{% data variables.product.prodname_oauth_app %}s can have *read* or *write* access to your {% data variables.product.product_name %} data.
|
||||
{% data variables.product.prodname_oauth_apps %} can have *read* or *write* access to your {% data variables.product.product_name %} data.
|
||||
|
||||
- **Read access** only allows an app to *look at* your data.
|
||||
- **Write access** allows an app to *change* your data.
|
||||
@@ -41,7 +41,7 @@ When an {% data variables.product.prodname_oauth_app %} wants to identify you by
|
||||
|
||||
*Scopes* are named groups of permissions that an {% data variables.product.prodname_oauth_app %} can request to access both public and non-public data.
|
||||
|
||||
When you want to use an {% data variables.product.prodname_oauth_app %} that integrates with {% data variables.product.product_name %}, that app lets you know what type of access to your data will be required. If you grant access to the app, then the app will be able to perform actions on your behalf, such as reading or modifying data. For example, if you want to use an app that requests `user:email` scope, the app will have read-only access to your private email addresses. For more information, see "[About scopes for {% data variables.product.prodname_oauth_app %}s](/apps/building-integrations/setting-up-and-registering-oauth-apps/about-scopes-for-oauth-apps)."
|
||||
When you want to use an {% data variables.product.prodname_oauth_app %} that integrates with {% data variables.product.product_name %}, that app lets you know what type of access to your data will be required. If you grant access to the app, then the app will be able to perform actions on your behalf, such as reading or modifying data. For example, if you want to use an app that requests `user:email` scope, the app will have read-only access to your private email addresses. For more information, see "[About scopes for {% data variables.product.prodname_oauth_apps %}](/apps/building-integrations/setting-up-and-registering-oauth-apps/about-scopes-for-oauth-apps)."
|
||||
|
||||
{% tip %}
|
||||
|
||||
@@ -53,7 +53,7 @@ When you want to use an {% data variables.product.prodname_oauth_app %} that int
|
||||
|
||||
### Types of requested data
|
||||
|
||||
{% data variables.product.prodname_oauth_app %}s can request several types of data.
|
||||
{% data variables.product.prodname_oauth_apps %} can request several types of data.
|
||||
|
||||
| Type of data | Description |
|
||||
| --- | --- |
|
||||
@@ -69,23 +69,24 @@ When you want to use an {% data variables.product.prodname_oauth_app %} that int
|
||||
|
||||
## Requesting updated permissions
|
||||
|
||||
When {% data variables.product.prodname_oauth_app %}s request new access permissions, they will notify you of the differences between their current permissions and the new permissions.
|
||||
When {% data variables.product.prodname_oauth_apps %} request new access permissions, they will notify you of the differences between their current permissions and the new permissions.
|
||||
|
||||
{% ifversion fpt %}
|
||||
|
||||
## {% data variables.product.prodname_oauth_app %}s and organizations
|
||||
## {% data variables.product.prodname_oauth_apps %} and organizations
|
||||
|
||||
When you authorize an {% data variables.product.prodname_oauth_app %} for your personal user account, you'll also see how the authorization will affect each organization you're a member of.
|
||||
|
||||
- **For organizations *with* {% data variables.product.prodname_oauth_app %} access restrictions, you can request that organization admins approve the application for use in that organization.** If the organization does not approve the application, then the application will only be able to access the organization's public resources. If you're an organization admin, you can [approve the application](/articles/approving-oauth-apps-for-your-organization) yourself.
|
||||
|
||||
- **For organizations *without* {% data variables.product.prodname_oauth_app %} access restrictions, the application will automatically be authorized for access to that organization's resources.** For this reason, you should be careful about which {% data variables.product.prodname_oauth_app %}s you approve for access to your personal account resources as well as any organization resources.
|
||||
- **For organizations *without* {% data variables.product.prodname_oauth_app %} access restrictions, the application will automatically be authorized for access to that organization's resources.** For this reason, you should be careful about which {% data variables.product.prodname_oauth_apps %} you approve for access to your personal account resources as well as any organization resources.
|
||||
|
||||
If you belong to any organizations that enforce SAML single sign-on, you must have an active SAML session for each organization each time you authorize an {% data variables.product.prodname_oauth_app %}.
|
||||
|
||||
## Further reading
|
||||
|
||||
- "[About {% data variables.product.prodname_oauth_app %} access restrictions](/articles/about-oauth-app-access-restrictions)"
|
||||
- "[Authorizing GitHub Apps](/github/authenticating-to-github/keeping-your-account-and-data-secure/authorizing-github-apps)"
|
||||
- "[{% data variables.product.prodname_marketplace %} support](/articles/github-marketplace-support)"
|
||||
|
||||
{% endif %}
|
||||
|
||||
@@ -36,7 +36,7 @@ Applications can have *read* or *write* access to your {% data variables.product
|
||||
|
||||
*Scopes* are named groups of permissions that an application can request to access both public and non-public data.
|
||||
|
||||
When you want to use a third-party application that integrates with {% data variables.product.product_name %}, that application lets you know what type of access to your data will be required. If you grant access to the application, then the application will be able to perform actions on your behalf, such as reading or modifying data. For example, if you want to use an app that requests `user:email` scope, the app will have read-only access to your private email addresses. For more information, see "[About scopes for {% data variables.product.prodname_oauth_app %}s](/apps/building-integrations/setting-up-and-registering-oauth-apps/about-scopes-for-oauth-apps)."
|
||||
When you want to use a third-party application that integrates with {% data variables.product.product_name %}, that application lets you know what type of access to your data will be required. If you grant access to the application, then the application will be able to perform actions on your behalf, such as reading or modifying data. For example, if you want to use an app that requests `user:email` scope, the app will have read-only access to your private email addresses. For more information, see "[About scopes for {% data variables.product.prodname_oauth_apps %}](/apps/building-integrations/setting-up-and-registering-oauth-apps/about-scopes-for-oauth-apps)."
|
||||
|
||||
{% tip %}
|
||||
|
||||
|
||||
@@ -18,6 +18,7 @@ children:
|
||||
- /reviewing-your-ssh-keys
|
||||
- /reviewing-your-deploy-keys
|
||||
- /authorizing-oauth-apps
|
||||
- /authorizing-github-apps
|
||||
- /reviewing-your-authorized-integrations
|
||||
- /connecting-with-third-party-applications
|
||||
- /reviewing-your-authorized-applications-oauth
|
||||
|
||||
@@ -13,20 +13,20 @@ topics:
|
||||
- Access management
|
||||
shortTitle: Authorized integrations
|
||||
---
|
||||
## Reviewing your authorized {% data variables.product.prodname_oauth_app %}s
|
||||
## Reviewing your authorized {% data variables.product.prodname_oauth_apps %}
|
||||
|
||||
{% data reusables.user_settings.access_settings %}
|
||||
{% data reusables.user_settings.access_applications %}
|
||||
{% data reusables.user_settings.access_authorized_oauth_apps %}
|
||||
{% data reusables.user_settings.review-oauth-apps %}
|
||||
|
||||
## Reviewing your authorized {% data variables.product.prodname_github_app %}s
|
||||
## Reviewing your authorized {% data variables.product.prodname_github_apps %}
|
||||
|
||||
{% data reusables.user_settings.access_settings %}
|
||||
{% data reusables.user_settings.access_applications %}
|
||||
3. Click the **Authorized {% data variables.product.prodname_github_app %}s** tab.
|
||||
|
||||
3. Review the {% data variables.product.prodname_github_app %}s that have access to your account. For those that you don't recognize or that are out of date, click **Revoke**. To revoke all {% data variables.product.prodname_github_app %}s, click **Revoke all**.
|
||||
3. Click the **Authorized {% data variables.product.prodname_github_apps %}** tab.
|
||||
|
||||
3. Review the {% data variables.product.prodname_github_apps %} that have access to your account. For those that you don't recognize or that are out of date, click **Revoke**. To revoke all {% data variables.product.prodname_github_apps %}, click **Revoke all**.
|
||||
|
||||
|
||||
## Further reading
|
||||
|
||||
@@ -49,7 +49,7 @@ The events listed in your security log are triggered by your actions. Actions ar
|
||||
| [`codespaces`](#codespaces-category-actions) | Contains all activities related to {% data variables.product.prodname_codespaces %}. For more information, see "[About {% data variables.product.prodname_codespaces %}](/github/developing-online-with-codespaces/about-codespaces)."
|
||||
| [`marketplace_agreement_signature`](#marketplace_agreement_signature-category-actions) | Contains all activities related to signing the {% data variables.product.prodname_marketplace %} Developer Agreement.
|
||||
| [`marketplace_listing`](#marketplace_listing-category-actions) | Contains all activities related to listing apps in {% data variables.product.prodname_marketplace %}.{% endif %}
|
||||
| [`oauth_access`](#oauth_access-category-actions) | Contains all activities related to [{% data variables.product.prodname_oauth_app %}s](/articles/authorizing-oauth-apps) you've connected with.{% ifversion fpt %}
|
||||
| [`oauth_access`](#oauth_access-category-actions) | Contains all activities related to [{% data variables.product.prodname_oauth_apps %}](/github/authenticating-to-github/keeping-your-account-and-data-secure/authorizing-oauth-apps) you've connected with.{% ifversion fpt %}
|
||||
| [`payment_method`](#payment_method-category-actions) | Contains all activities related to paying for your {% data variables.product.prodname_dotcom %} subscription.{% endif %}
|
||||
| [`profile_picture`](#profile_picture-category-actions) | Contains all activities related to your profile picture.
|
||||
| [`project`](#project-category-actions) | Contains all activities related to project boards.
|
||||
@@ -122,7 +122,7 @@ An overview of some of the most common actions that are recorded as events in th
|
||||
|
||||
| Action | Description
|
||||
|------------------|-------------------
|
||||
| `create` | Triggered when you [grant access to an {% data variables.product.prodname_oauth_app %}](/articles/authorizing-oauth-apps).
|
||||
| `create` | Triggered when you [grant access to an {% data variables.product.prodname_oauth_app %}](/github/authenticating-to-github/keeping-your-account-and-data-secure/authorizing-oauth-apps).
|
||||
| `destroy` | Triggered when you [revoke an {% data variables.product.prodname_oauth_app %}'s access to your account](/articles/reviewing-your-authorized-integrations).
|
||||
|
||||
{% ifversion fpt %}
|
||||
|
||||
@@ -84,7 +84,7 @@ You don't need to upload your public key to {% data variables.product.product_na
|
||||
{% ifversion fpt %}
|
||||
## Signature verification for bots
|
||||
|
||||
Organizations and {% data variables.product.prodname_github_app %}s that require commit signing can use bots to sign commits. If a commit or tag has a bot signature that is cryptographically verifiable, {% data variables.product.product_name %} marks the commit or tag as verified.
|
||||
Organizations and {% data variables.product.prodname_github_apps %} that require commit signing can use bots to sign commits. If a commit or tag has a bot signature that is cryptographically verifiable, {% data variables.product.product_name %} marks the commit or tag as verified.
|
||||
|
||||
Signature verification for bots will only work if the request is verified and authenticated as the {% data variables.product.prodname_github_app %} or bot and contains no custom author information, custom committer information, and no custom signature information, such as Commits API.
|
||||
{% endif %}
|
||||
|
||||
@@ -30,7 +30,7 @@ There are two types of status checks on {% data variables.product.product_name %
|
||||
- Checks
|
||||
- Statuses
|
||||
|
||||
_Checks_ are different from _statuses_ in that they provide line annotations, more detailed messaging, and are only available for use with {% data variables.product.prodname_github_app %}s.
|
||||
_Checks_ are different from _statuses_ in that they provide line annotations, more detailed messaging, and are only available for use with {% data variables.product.prodname_github_apps %}.
|
||||
|
||||
Organization owners and users with push access to a repository can create checks and statuses with {% data variables.product.product_name %}'s API. For more information, see "[Checks](/rest/reference/checks)" and "[Statuses](/rest/reference/repos#statuses)."
|
||||
|
||||
|
||||
@@ -7,7 +7,7 @@ redirect_from:
|
||||
versions:
|
||||
fpt: '*'
|
||||
---
|
||||
You can discover, browse, and install free and paid tools, including {% data variables.product.prodname_github_app %}s, {% data variables.product.prodname_oauth_app %}s, and {% data variables.product.prodname_actions %}, in [{% data variables.product.prodname_marketplace %}](https://github.com/marketplace).
|
||||
You can discover, browse, and install free and paid tools, including {% data variables.product.prodname_github_apps %}, {% data variables.product.prodname_oauth_apps %}, and {% data variables.product.prodname_actions %}, in [{% data variables.product.prodname_marketplace %}](https://github.com/marketplace).
|
||||
|
||||
If you purchase a paid tool, you'll pay for your tool subscription with the same billing information you use to pay for your {% data variables.product.product_name %} subscription, and receive one bill on your regular billing date. For more information, see "[About billing for {% data variables.product.prodname_marketplace %}](/articles/about-billing-for-github-marketplace)."
|
||||
|
||||
|
||||
@@ -7,19 +7,20 @@ redirect_from:
|
||||
versions:
|
||||
fpt: '*'
|
||||
---
|
||||
You can install integrations in your personal account or organizations you own. You can also install {% data variables.product.prodname_github_app %}s from a third-party in a specific repository where you have admin permissions or which is owned by your organization.
|
||||
You can install integrations in your personal account or organizations you own. You can also install {% data variables.product.prodname_github_apps %} from a third-party in a specific repository where you have admin permissions or which is owned by your organization.
|
||||
|
||||
## Differences between {% data variables.product.prodname_github_app %}s and {% data variables.product.prodname_oauth_app %}s
|
||||
## Differences between {% data variables.product.prodname_github_apps %} and {% data variables.product.prodname_oauth_apps %}
|
||||
|
||||
Integrations can be {% data variables.product.prodname_github_app %}s, {% data variables.product.prodname_oauth_app %}s, or anything that utilizes {% data variables.product.product_name %} APIs or webhooks.
|
||||
Integrations can be {% data variables.product.prodname_github_apps %}, {% data variables.product.prodname_oauth_apps %}, or anything that utilizes {% data variables.product.product_name %} APIs or webhooks.
|
||||
|
||||
{% data variables.product.prodname_github_app %}s offer granular permissions and request access to only what the app needs. {% data variables.product.prodname_github_app %}s also offer specific user-level permissions that each user must authorize individually when an app is installed or when the integrator changes the permissions requested by the app.
|
||||
{% data variables.product.prodname_github_apps %} offer granular permissions and request access to only what the app needs. {% data variables.product.prodname_github_apps %} also offer specific user-level permissions that each user must authorize individually when an app is installed or when the integrator changes the permissions requested by the app.
|
||||
|
||||
For more information, see:
|
||||
- "[Differences between {% data variables.product.prodname_github_app %}s and {% data variables.product.prodname_oauth_app %}s](/apps/differences-between-apps/)"
|
||||
- "[Differences between {% data variables.product.prodname_github_apps %} and {% data variables.product.prodname_oauth_apps %}](/apps/differences-between-apps/)"
|
||||
- "[About apps](/apps/about-apps/)"
|
||||
- "[User-level permissions](/apps/building-github-apps/identifying-and-authorizing-users-for-github-apps/#user-level-permissions)"
|
||||
- "[Authorizing {% data variables.product.prodname_oauth_app %}s](/articles/authorizing-oauth-apps/)"
|
||||
- "[Authorizing {% data variables.product.prodname_oauth_apps %}](/github/authenticating-to-github/keeping-your-account-and-data-secure/authorizing-oauth-apps)"
|
||||
- "[Authorizing {% data variables.product.prodname_github_apps %}](/github/authenticating-to-github/keeping-your-account-and-data-secure/authorizing-github-apps)"
|
||||
- "[Reviewing your authorized integrations](/articles/reviewing-your-authorized-integrations/)"
|
||||
|
||||
You can install a preconfigured {% data variables.product.prodname_github_app %}, if the integrators or app creators have created their app with the {% data variables.product.prodname_github_app %} manifest flow. For information about how to run your {% data variables.product.prodname_github_app %} with automated configuration, contact the integrator or app creator.
|
||||
@@ -30,10 +31,10 @@ You can create a {% data variables.product.prodname_github_app %} with simplifie
|
||||
|
||||
You can find an integration to install or publish your own integration in {% data variables.product.prodname_marketplace %}.
|
||||
|
||||
[{% data variables.product.prodname_marketplace %}](https://github.com/marketplace) contains {% data variables.product.prodname_github_app %}s and {% data variables.product.prodname_oauth_app %}s. For more information on finding an integration or creating your own integration, see "[About {% data variables.product.prodname_marketplace %}](/articles/about-github-marketplace)."
|
||||
[{% data variables.product.prodname_marketplace %}](https://github.com/marketplace) contains {% data variables.product.prodname_github_apps %} and {% data variables.product.prodname_oauth_apps %}. For more information on finding an integration or creating your own integration, see "[About {% data variables.product.prodname_marketplace %}](/articles/about-github-marketplace)."
|
||||
|
||||
## Integrations purchased directly from integrators
|
||||
|
||||
You can also purchase some integrations directly from integrators. As an organization member, if you find a {% data variables.product.prodname_github_app %} that you'd like to use, you can request that an organization approve and install the app for the organization.
|
||||
|
||||
If you have admin permissions for all organization-owned repositories the app is installed on, you can install {% data variables.product.prodname_github_app %}s with repository-level permissions without having to ask an organization owner to approve the app. When an integrator changes an app's permissions, if the permissions are for a repository only, organization owners and people with admin permissions to a repository with that app installed can review and accept the new permissions.
|
||||
If you have admin permissions for all organization-owned repositories the app is installed on, you can install {% data variables.product.prodname_github_apps %} with repository-level permissions without having to ask an organization owner to approve the app. When an integrator changes an app's permissions, if the permissions are for a repository only, organization owners and people with admin permissions to a repository with that app installed can review and accept the new permissions.
|
||||
|
||||
@@ -21,7 +21,7 @@ If you use a third-party static analysis tool that can produce results as Static
|
||||
|
||||
## Integrations with webhooks
|
||||
|
||||
You can use {% data variables.product.prodname_code_scanning %} webhooks to build or set up integrations, such as [{% data variables.product.prodname_github_app %}s](/apps/building-github-apps/) or [{% data variables.product.prodname_oauth_app %}s](/apps/building-oauth-apps/), that subscribe to {% data variables.product.prodname_code_scanning %} events in your repository. For example, you could build an integration that creates an issue on {% data variables.product.product_name %} or sends you a Slack notification when a new {% data variables.product.prodname_code_scanning %} alert is added in your repository. For more information, see "[Creating webhooks](/developers/webhooks-and-events/creating-webhooks)" and "[Webhook events and payloads](/developers/webhooks-and-events/webhook-events-and-payloads#code_scanning_alert)."
|
||||
You can use {% data variables.product.prodname_code_scanning %} webhooks to build or set up integrations, such as [{% data variables.product.prodname_github_apps %}](/apps/building-github-apps/) or [{% data variables.product.prodname_oauth_apps %}](/apps/building-oauth-apps/), that subscribe to {% data variables.product.prodname_code_scanning %} events in your repository. For example, you could build an integration that creates an issue on {% data variables.product.product_name %} or sends you a Slack notification when a new {% data variables.product.prodname_code_scanning %} alert is added in your repository. For more information, see "[Creating webhooks](/developers/webhooks-and-events/creating-webhooks)" and "[Webhook events and payloads](/developers/webhooks-and-events/webhook-events-and-payloads#code_scanning_alert)."
|
||||
|
||||
## Further reading
|
||||
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
---
|
||||
title: GitHub.com
|
||||
title: GitHub
|
||||
redirect_from:
|
||||
- /articles/
|
||||
- /common-issues-and-questions/
|
||||
|
||||
@@ -12,7 +12,7 @@ shortTitle: IAM for your enterprise
|
||||
---
|
||||
## About identity and access management for your enterprise account
|
||||
|
||||
{% data reusables.saml.dotcom-saml-explanation %} {% data reusables.saml.about-saml-enterprise-accounts %} For more information, see "[Enabling SAML single sign-on for organizations in your enterprise account](/github/setting-up-and-managing-your-enterprise/enabling-saml-single-sign-on-for-organizations-in-your-enterprise-account)."
|
||||
{% data reusables.saml.dotcom-saml-explanation %} {% data reusables.saml.about-saml-enterprise-accounts %} For more information, see "[Enforcing SAML single sign-on for organizations in your enterprise account](/github/setting-up-and-managing-your-enterprise/configuring-identity-and-access-management-for-your-enterprise-account/enforcing-saml-single-sign-on-for-organizations-in-your-enterprise-account)."
|
||||
|
||||
After you enable SAML SSO, depending on the IdP you use, you may be able to enable additional identity and access management features. {% data reusables.scim.enterprise-account-scim %}
|
||||
|
||||
|
||||
@@ -19,7 +19,7 @@ shortTitle: Configure SAML SSO
|
||||
|
||||
You can control access to your enterprise account in {% data variables.product.product_name %} and other web applications from one central interface by configuring the enterprise account to use SAML SSO with Okta, an Identity Provider (IdP).
|
||||
|
||||
SAML SSO controls and secures access to enterprise account resources like organizations, repositories, issues, and pull requests. For more information, see "[Enabling SAML single sign-on for organizations in your enterprise account](/github/setting-up-and-managing-your-enterprise/configuring-identity-and-access-management-for-your-enterprise-account/enabling-saml-single-sign-on-for-organizations-in-your-enterprise-account)."
|
||||
SAML SSO controls and secures access to enterprise account resources like organizations, repositories, issues, and pull requests. For more information, see "[Enforcing SAML single sign-on for organizations in your enterprise account](/github/setting-up-and-managing-your-enterprise/configuring-identity-and-access-management-for-your-enterprise-account/enforcing-saml-single-sign-on-for-organizations-in-your-enterprise-account)."
|
||||
|
||||
## Prerequisites
|
||||
|
||||
@@ -51,7 +51,7 @@ SAML SSO controls and secures access to enterprise account resources like organi
|
||||
1. To the right of the drop-down menu, type `.*.*`.
|
||||
1. Click **Save**.
|
||||
{% data reusables.saml.okta-view-setup-instructions %}
|
||||
1. Enable SAML for your enterprise account using the information in the setup instructions. For more information, see "[Enabling SAML single sign-on for organizations in your enterprise account](/github/setting-up-and-managing-your-enterprise/enabling-saml-single-sign-on-for-organizations-in-your-enterprise-account)."
|
||||
1. Enable SAML for your enterprise account using the information in the setup instructions. For more information, see "[Enforcing SAML single sign-on for organizations in your enterprise account](/github/setting-up-and-managing-your-enterprise/configuring-identity-and-access-management-for-your-enterprise-account/enforcing-saml-single-sign-on-for-organizations-in-your-enterprise-account)."
|
||||
|
||||
## Creating groups in Okta
|
||||
|
||||
|
||||
@@ -1,15 +1,16 @@
|
||||
---
|
||||
title: Enabling SAML single sign-on for organizations in your enterprise account
|
||||
intro: 'You can control and secure access to resources like repositories, issues, and pull requests by enabling SAML single sign-on (SSO) and centralized authentication through an IdP across all organizations owned by an enterprise account.'
|
||||
title: Enforcing SAML single sign-on for organizations in your enterprise account
|
||||
intro: 'You can control and secure access to resources like repositories, issues, and pull requests by enforcing SAML single sign-on (SSO) and centralized authentication through an IdP across all organizations owned by an enterprise account.'
|
||||
product: '{% data reusables.gated-features.enterprise-accounts %}'
|
||||
permissions: Enterprise owners can enable SAML single sign-on for organizations in an enterprise account.
|
||||
permissions: Enterprise owners can enforce SAML single sign-on for organizations in an enterprise account.
|
||||
versions:
|
||||
fpt: '*'
|
||||
topics:
|
||||
- Enterprise
|
||||
redirect_from:
|
||||
- /github/setting-up-and-managing-your-enterprise/configuring-identity-and-access-management-for-your-enterprise-account/enabling-saml-single-sign-on-for-organizations-in-your-enterprise-account
|
||||
- /github/setting-up-and-managing-your-enterprise/enabling-saml-single-sign-on-for-organizations-in-your-enterprise-account
|
||||
shortTitle: Enable SSO for organizations
|
||||
shortTitle: Enforce SSO for organizations
|
||||
---
|
||||
## About SAML single sign-on for enterprise accounts
|
||||
|
||||
@@ -23,7 +24,7 @@ shortTitle: Enable SSO for organizations
|
||||
|
||||
{% data reusables.scim.enterprise-account-scim %}
|
||||
|
||||
## Enabling SAML single-sign on for organizations in your enterprise account
|
||||
## Enforcing SAML single-sign on for organizations in your enterprise account
|
||||
|
||||
{% note %}
|
||||
|
||||
@@ -37,7 +38,7 @@ For more detailed information about how to enable SAML using Okta, see "[Configu
|
||||
{% data reusables.enterprise-accounts.settings-tab %}
|
||||
{% data reusables.enterprise-accounts.security-tab %}
|
||||
4. {% data reusables.enterprise-accounts.view-current-policy-config-orgs %}
|
||||
5. Under "SAML single sign-on", select **Enable SAML authentication**.
|
||||
5. Under "SAML single sign-on", select **Require SAML authentication**.
|
||||
|
||||
6. In the **Sign on URL** field, type the HTTPS endpoint of your IdP for single sign-on requests. This value is available in your IdP configuration.
|
||||
|
||||
@@ -8,7 +8,7 @@ topics:
|
||||
- Enterprise
|
||||
children:
|
||||
- /about-identity-and-access-management-for-your-enterprise-account
|
||||
- /enabling-saml-single-sign-on-for-organizations-in-your-enterprise-account
|
||||
- /enforcing-saml-single-sign-on-for-organizations-in-your-enterprise-account
|
||||
- /configuring-saml-single-sign-on-for-your-enterprise-account-using-okta
|
||||
- /managing-team-synchronization-for-organizations-in-your-enterprise-account
|
||||
shortTitle: Configure IAM
|
||||
|
||||
@@ -27,7 +27,7 @@ You can also configure and manage team synchronization for an individual organiz
|
||||
|
||||
You or your Azure AD administrator must be a Global administrator or a Privileged Role administrator in Azure AD.
|
||||
|
||||
You must enable SAML single sign-on for organizations in your enterprise account with your supported IdP. For more information, see "[Enabling SAML single sign-on for organizations in your enterprise account](/github/setting-up-and-managing-your-enterprise/enabling-saml-single-sign-on-for-organizations-in-your-enterprise-account)."
|
||||
You must enforce SAML single sign-on for organizations in your enterprise account with your supported IdP. For more information, see "[Enforcing SAML single sign-on for organizations in your enterprise account](/github/setting-up-and-managing-your-enterprise/configuring-identity-and-access-management-for-your-enterprise-account/enforcing-saml-single-sign-on-for-organizations-in-your-enterprise-account)."
|
||||
|
||||
You must authenticate to your enterprise account using SAML SSO and the supported IdP. For more information, see "[Authenticating with SAML single sign-on](/articles/authenticating-with-saml-single-sign-on)."
|
||||
|
||||
|
||||
@@ -11,8 +11,8 @@ shortTitle: Integrate Jira with projects
|
||||
---
|
||||
{% data reusables.user_settings.access_settings %}
|
||||
{% data reusables.user_settings.developer_settings %}
|
||||
3. In the left sidebar, click **{% data variables.product.prodname_oauth_app %}s**.
|
||||
|
||||
3. In the left sidebar, click **{% data variables.product.prodname_oauth_apps %}**.
|
||||
|
||||
3. Click **Register a new application**.
|
||||
4. Under **Application name**, type "Jira".
|
||||
5. Under **Homepage URL**, type the full URL to your Jira instance.
|
||||
|
||||
@@ -196,7 +196,7 @@ For more information, see "[Autolinked references and URLs](/articles/autolinked
|
||||
|
||||
## Content attachments
|
||||
|
||||
Some {% data variables.product.prodname_github_app %}s provide information in {% data variables.product.product_name %} for URLs that link to their registered domains. {% data variables.product.product_name %} renders the information provided by the app under the URL in the body or comment of an issue or pull request.
|
||||
Some {% data variables.product.prodname_github_apps %} provide information in {% data variables.product.product_name %} for URLs that link to their registered domains. {% data variables.product.product_name %} renders the information provided by the app under the URL in the body or comment of an issue or pull request.
|
||||
|
||||
|
||||
|
||||
|
||||
Reference in New Issue
Block a user