jprdonnelly/docs
1
0
Fork 0
mirror of synced 2025-12-21 10:57:10 -05:00
Code Issues Projects Releases Wiki Activity
Files
copilot/add-changelog-file
docs/content/admin/managing-iam/using-cas-for-enterprise-iam/using-cas.md
Isaac Brown 5a2ca78e45 Swap product_name for prodname_ghe_server in GHES docs (#54031) 
Co-authored-by: Kevin Heis <heiskr@users.noreply.github.com>
Co-authored-by: Sarah Schneider <sarahs@users.noreply.github.com>
Co-authored-by: Rachael Rose Renk <91027132+rachaelrenk@users.noreply.github.com>
2025-01-22 17:37:52 +00:00

3.1 KiB
Raw Permalink Blame History

title, redirect_from, intro, versions, type, topics
title redirect_from intro versions type topics
Using CAS
/enterprise/admin/articles/configuring-cas-authentication
/enterprise/admin/articles/about-cas-authentication
/enterprise/admin/user-management/using-cas
/enterprise/admin/authentication/using-cas
/admin/authentication/using-cas
/enterprise/admin/authentication/authenticating-users-for-your-github-enterprise-server-instance/using-cas
/admin/identity-and-access-management/authenticating-users-for-your-github-enterprise-server-instance/using-cas
/admin/identity-and-access-management/using-cas-for-enterprise-iam/using-cas
If you use Central Authentication Service (CAS) to centralize access to multiple web applications, you can integrate {% data variables.product.prodname_ghe_server %} by configuring CAS authentication for your instance.
ghes
*
how_to
Accounts
Authentication
Enterprise
Identity
SSO

About CAS authentication for {% data variables.product.prodname_ghe_server %}

CAS is a single sign-on (SSO) protocol that centralizes authentication to multiple web applications. For more information, see Central Authentication Service on Wikipedia.

After you configure CAS, people who use {% data variables.location.product_location %} must use a {% data variables.product.pat_generic %} to authenticate API or Git requests over HTTP(S). CAS credentials cannot be used to authenticate these requests. For more information, see AUTOTITLE.

If you configure CAS, people with accounts on your identity provider (IdP) do not consume a user license until the person signs into {% data variables.location.product_location %}.

{% data reusables.enterprise_user_management.built-in-authentication %}

Username considerations with CAS

{% data reusables.enterprise_user_management.consider-usernames-for-external-authentication %} For more information, see AUTOTITLE.

CAS attributes

The username attribute is required and should be set to the {% data variables.product.prodname_ghe_server %} username.

No other attributes are available.

Configuring CAS

{% data reusables.enterprise_site_admin_settings.access-settings %} {% data reusables.enterprise_site_admin_settings.management-console %} {% data reusables.enterprise_management_console.authentication %}

  1. Under "Authentication", select CAS.
  2. {% data reusables.enterprise_user_management.built-in-authentication-option %}
  3. In the Server URL field, type the full URL of your CAS server. If your CAS server uses a certificate that can't be validated by {% data variables.product.prodname_ghe_server %}, you can use the ghe-ssl-ca-certificate-install command to install it as a trusted certificate. For more information, see AUTOTITLE. {% data reusables.enterprise.apply-configuration %}
Reference in New Issue View Git Blame Copy Permalink