Set up GitHub Enterprise as the SP and EAA as the IdP
How to set up the GitHub Enterprise application as a service provider (SP) and EAA is the identity provider (IdP).
Click Start a free trial. Provide all the
required information to complete registration.
- Provide all the required information to complete the registration and click Download your trial. You will receive an email with information to set up your portal account.
Access your personalized site using the tenant URL and
After validating your credentials the GitHub home page appears.
Click Download at the top of the page. The Try
GitHub Enterprise page appears.
Click Download your license under Step 1:
Click Get the latest release of GitHub
Enterprise under Step 2: Download the Appliance. The
Download GitHub Enterprise page appears.
Based on your requirements, select from either the GitHub On-Premises
or the GitHub in the Cloud menu. This example uses Amazon Web Services
from the GitHub in the Cloud menu.
Select an AWS region from the menu.
After you select a region you see an AMI ID. Use this ID to create the
instance in AWS.
Log in to your AWS
account and create the instance and configure the instance following the
instructions in the Installing GitHub Enterprise on
Copy the VM's Public DNS (IPv4) URL and paste it into a web browser. At
the prompt, upload your license file and set a management console
- Click Start a free trial. Provide all the required information to complete registration.
Create a new application on EAA.
See Configure EAA as the IdP for a
custom SaaS application to create an application. Do not deploy the
application at this time.
In the IdP info section
under the SAML SETTINGS tab, copy the Entity
ID, Single SignOn (ACS)
URL, and Signing
Certificate information or copy or download the metadata
file to your computer. You will need this data to configure the GitHub
- Do not deploy the application at this time. You need to fill out the SAML settings fields with GitHub data before you can deploy.
- In the IdP info section under the SAML SETTINGS tab, copy the Entity ID, Single SignOn (ACS) URL, and Signing Certificate information or copy or download the metadata file to your computer. You will need this data to configure the GitHub Enterprise SP.
Configure GitHub Enterprise as the SP.
Log in to the GitHub
Enterprise management console using valid credentials.
In this example, use the management URL shown in Step 1k in the Public DNS (IPv4) field:
After you log in the Settings page appears.
Click on Authentication in the left panel of the
Settings page. The Authentication page appears.
- Select SAML as the authentication method and fill in the Single sign-on URL and Issuer fields using the EAA IdP metadata from Step 2a.
Upload the valid certificate from the IdP metadata. This is used to
verify the SAML response.
Configure the user attributes that use SAML to update the user profile
- Log in to the GitHub Enterprise management console using valid credentials.
Go back to the EAA
IdP application and configure the SAML settings under the SAML SETTINGS tab
to complete the setup.
Add the Entity
ID, SSO (ACS)
URL and other GitHub information from Step 1k required
for the SAML settings.
Click Save and go to
- On the DEPLOYMENT tab, click Deploy application.
- Add the Entity ID, SSO (ACS) URL and other GitHub information from Step 1k required for the SAML settings.
Configure the GitHub application
as an access application in EAA.
- Access EAA under the Applications tab, click Add Application.
- On the right panel under Add Custom Apps click Access App.
- Add an application name and description and then click Create App and Configure.
Configure the GENERAL
tab, providing the required information like Application server
hostname, and click Add or remove
connector to attach the connector.
See Install a connector in Amazon Web Services if you need to create a connector.
Configure the AUTHENTICATION tab, assigning the IdP and required
directories for the application access. For example:
Configure the SERVICES
tab as needed.
Configure the ADVANCED
SETTINGS tab, selecting SAML from the Application-facing
authentication mechanism and other information as needed.
Configure the SAML
SETTINGS tab, viewing or downloading the metadata to
configure the GitHub SP.