Okta SCIM Setup Guide

This guide provides the steps required to configure Provisioning for our GitHub.com hosted offering of the new Business Plan.

Contents

  • Prerequisites
  • Supported SCIM Provisioning features
  • Configuration Steps

Prerequisites

  • You must have SAML SSO enabled (steps outlined below)

Supported Provisioning Features

The following provisioning features are supported:
  • Push New Users
  • New users created through OKTA will receive an email invitation to join your GitHub organization
  • Push User Deactivation
  • Deactivating the user through OKTA will remove the user from your GitHub organization account
  • Push Profile Updates
  • Updates made to the user's profile through OKTA will be pushed to the user’s organization membership metadata
  • Reactivate Users
  • Reactivating the user through Okta will send an email invitation for the user to rejoin the organization 

Configuration Steps

  1. Set  the Application Label
  1. From within Okta, find the GitHub.com account you are configuring this for. Note you can find the name by visiting the profile page of your GitHub organization account and grabbing the last part of the URL (e.g. if you are on http://github.com/saml-sso-org, it would be saml-sso-org)
  1. Click next. Follow the instructions in the View Setup Instructions link to enable SAML within your GitHub organization account.
  • Note that for SAML to work fully you would need to assign yourself to the app (step 4 in the screenshot above) to gain access
  1. Enable provisioning features and click on Authenticate with GitHub
  1. You will be taken to the authorization page on GitHub to grant Okta access to administer your organization. 
  1. Grant access to your organization account and click on Authorize application.
  1.  Next enable all provisioning features
  1. Click Next.

You can now assign people to the app if needed