- 1 GitHub Enterprise SAML Issues
- 2 This page is a Landing spot from Auth0 if there's been an error authenticating your SAML connection with GitHub
GitHub Enterprise SAML Issues
This page is a Landing spot from Auth0 if there's been an error authenticating your SAML connection with GitHub
There are three things needed in your account in people.mozilla.org in order to successfully SAML with GitHub, and other settings that may lead to problems with SAML authentication to Mozilla related GitHub organizations.
You need a profile in people.mozilla.org
- If you're Mozilla staff or NDA'd, you should already have one linked to your LDAP account
- If you're not, but still need access to SAML'd GitHub resources, you can sign up for one by going here and clicking on "Log in/Sign up"
- We'd prefer you use LDAP or FxA for the Login source.
Linking your people.mozilla.org account to your GitHub ID
In your profile on people.mozilla.org you need to have your identity from GitHub connected and verified.
- Log onto your profile people.mozilla.org
- Scroll down until you see the "Identities" section
- Click on the pencil icon to edit it.
- Click on "+ Identities"
- Select "GitHub" from the dropdown menu and click "VERIFY"
- Note, you can also link your Bugzilla ID here.
- You should be taken to GitHub to log in and verify your ID.
- You may see a button to “Authorize Mozilla” - Click that.
- Get back to your people.m.o profile, and edit the identities (Steps 1-5)
This linkage does NOT change anything in your GitHub account, merely allowing Mozilla staff to see the connection between your GitHub ID and your people account.
Being a member of the correct groups in people.mozilla.org
If you want to SAML to a GitHub organization named <ORGNAME> you'll need to belong to a group in people.mozilla.org named "GHE_<ORGNAME>_users" - so if "mozilla-it" is the org, "GHE_mozilla-it_users" is the group.
- Log into people.mozilla.org and look at the access groups here
- Search for the group in question
- Click on the group name
- Click on "Request Invitation" - a curator of the group may reach out to you with any questions
- If your invitation is approved, you'll receive an email for confirmation, and you'll be a member of the group.
- Once you have the invitation approved, log out of people (click on the profile pic in the upper left and click "Logout") then click "Sign in" also in the upper left.
If nothing works
There are several ways to reach out to us
- Best - bugzilla bug for GitHub Administration
- We're on matrix in the #github-admin channel
- Email to firstname.lastname@example.org