Make sure that you have:
  • A GitHub EMU tenant
  • The Base URL for the GitHub EMU tenant, such as https://api.github.com/scim/v2/enterprises/<enterprise_slug>. For more information, see Creating an enterprise account in the GitHub documentation.
  • The access token for the GitHub EMU tenant. For more information, see Getting a GitHub EMU access token.
  1. Go to Integrations > Provisioning.
  2. Click + and then click New connection.
  3. On the Identity Store line, click Select.
  4. Click GitHub EMU, click Select,and then click Next.
  5. Enter a name and description for the provisioning connection..

    The connection name is added to the Connections tab after you save the connection.

  6. Click Next.
  7. On the Configure authentication panel, enter the following:
    • Base URL: The fully qualified URL to use for the connected application, such as https://api.github.com/scim/v2/enterprises/<enterprise_slug>. For more information, see Creating an enterprise account in the GitHub documentation.
    • Access Token: The access token from GitHub EMU for the connected application. For more information, see Getting a GitHub EMU access token.
  8. Click Test connection to verify that PingOne can establish a connection to GitHub EMU.

    If there are any issues with the connection, a Test Connection Failed dialog box opens. Click Continue to resume the setup with an invalid connection.

    Important:

    You cannot use the connection for provisioning until you have established a valid connection to GitHub EMU. Click Cancel in the Test Connection Failed dialog box and follow step 7, to try again.

    Learn more about troubleshooting your connection in Troubleshooting Test Connections Failure.
  9. On the Configure preferences screen, enter the following:
    • Allow users to be created: Determines whether to create a user in the GitHub EMU user directory when the user is created in the PingOne identity store.
    • Allow users to be updated: Determines whether to update user attributes in the GitHub EMU user directory when the user is updated in the PingOne identity store.
    • Allow users to be disabled: When a user is disabled in the PingOne identity store, PingOne disables the user in the GitHub EMU user directory.
      Note:

      Users that are disabled in PingOne are marked as suspended in the GitHub EMU identity store.

    • Allow users to be deprovisioned: Determines whether to deprovision a user in the GitHub EMU user directory when the user is deprovisioned in the PingOne identity store.
    • Remove action: Determines the action to take when removing a user from the GitHub EMU user directory.
      • Disable: When a user is deprovisioned from the PingOne identity store, PingOne disables the user in the external identity store.
      • Delete: When a user is deprovisioned from the PingOne identity store, PingOne removes the user in the external identity store.
    • Deprovision on rule deletion: Determines whether to deprovision users that were provisioned using this rule if the rule is deleted.
  10. Click Finish.

To sync group members out of PingOne into a software as a service (SaaS) application, follow the instructions in Configuring outbound group provisioning.