Summary

  • 2 minutes

In this module, you learned about allowing access to your users, and how the authentication systems available for your GitHub organization help keep your sensitive data secure. You also learned about auditing which users and teams have access to the repositories in your organization. Your goal as a GitHub administrator should be to give your users access to your enterprise data with robust security restrictions that are painless to use. Securing who has access to your organization ensures that only the users who legitimately need access to your organization's data have it.

You learned:

  • How SAML SSO and 2FA are more secure than username/password authentication.
  • Which identity providers are supported by GitHub.
  • How user authorization with SCIM is supported by GitHub.
  • What options users have to identify with two-factor authentication.
  • How team synchronization through your IdP can automate team membership and help keep access to your data secure.

The goal of managing access to your enterprise is to create a strong and secure GitHub development environment for your users. Without these authorization and authentication tools in place, your enterprise could be compromised by bad actors who take advantage of the susceptibility of username and password vulnerabilities to access your data. Use the security features you learned about in this module to build a secure way to authenticate and authorize your users within your organization. These systems of authentication and authorization, along with team synchronization, will allow you to ensure organizational security, control user lifecycle management, and automate the user onboarding and off-boarding process with efficiency and security.

Learn more

Here are some links to more detailed information on the topics we discussed in this module: