Creating a GitHub EMU connection - PingOne - PingOne Cloud Platform

PingOne Cloud Platform
bundle
pingone
ft:publication_title
PingOne Cloud Platform
Product_Version_ce
PingOne
PingOne Cloud Platform
category
Administratorguide
ContentType
Guide
Product
Productdocumentation
p1
p1cloudplatform
ContentType_ce
Guide
Guide > Administrator Guide
Product documentation

Use a GitHub EMU (Enterprise Managed Users) connection to enable provisioning from PingOne to the GitHub EMU user directory.

Make sure that you have:
  • A GitHub EMU tenant
  • The Base URL for the GitHub EMU tenant, such as https://api.github.com/scim/v2/enterprises/<enterprise_slug>. For more information, see Creating an enterprise account in the GitHub documentation.
  • The access token for the GitHub EMU tenant. For more information, see Getting a GitHub EMU access token.
  1. Go to Integrations > Provisioning.
  2. Click + and then click New connection.
  3. For Identity Store, click the Select button.
  4. Under GitHub EMU, click Select and then click Next.
  5. Enter a name and description for this provisioning connection. The connection name will appear in the list when you've completed and saved the connection.
  6. Click Next.
  7. On the Configure authentication screen, enter the following:
    • Base URL: The fully qualified URL to use for the connected application, such as https://api.github.com/scim/v2/enterprises/<enterprise_slug>. For more information, see Creating an enterprise account in the GitHub documentation.
    • Access Token: The access token from GitHub EMU for the connected application. For more information, see Getting a GitHub EMU access token.
  8. If there are any issues with the connection, a Test connection failed message will appear. Click Continue to resume the setup with an invalid connection. You will not be able to use the connection for provisioning until you have established a valid connection to GitHub EMU. Click Cancel to modify the settings and try again.
  9. On the Configure preferences screen, enter the following:
    • Allow users to be created: Determines whether to create a user in the GitHub EMU user directory when the user is created in the PingOne identity store.
    • Allow users to be updated: Determines whether to update user attributes in the GitHub EMU user directory when the user is updated in the PingOne identity store.
    • Allow users to be disabled: When a user is disabled in the PingOne identity store, PingOne disables the user in the GitHub EMU user directory.
      Note:

      Users that are disabled in PingOne are marked as suspended in the GitHub EMU identity store.

    • Allow users to be deprovisioned: Determines whether to deprovision a user in the GitHub EMU user directory when the user is deprovisioned in the PingOne identity store.
    • Remove action: Determines the action to take when removing a user from the GitHub EMU user directory.
      • Disable: When a user is deprovisioned from the PingOne identity store, PingOne disables the user in the external identity store.
      • Delete: When a user is deprovisioned from the PingOne identity store, PingOne removes the user in the external identity store.
    • Deprovision on rule deletion: Determines whether to deprovision users that were provisioned using this rule if the rule is deleted.
  10. Click Finish.

Create a rule