GitHub Enterprise Expansion
Last updated
Last updated
This GitHub Enterprise integration builds on the existing GitHub integration within the Rezonate platform, specifically designed to enhance identity security through OIDC-based federation between EntraID and GitHub. The integration detects key federation relationships and tenant-level policies, offering greater control and reducing potential misconfigurations.
Key Features:
Federation Detection: Automatically identifies and monitors the federation between EntraID and GitHub via OIDC, improving overall visibility into authentication flows.
Policy Detection: Detects tenant-level configurations for additional SAML and OIDC providers, ensuring policy alignment across federated identity systems.
MFA Exposure Improvement: By accurately detecting these federations and policies, the integration helps minimize false-positive MFA issues, leading to smoother authentication experiences.
This integration provides enhanced coverage for organizations using GitHub Enterprise, ensuring proper identity configuration and reducing security gaps related to authentication mechanisms.
This integration Requires READ-ONLY Access and has to be performed by an Enterprise Administrator
Log in to GitHub with a GitHub Enterprise admin account
On the top-right corner of the screen, click on the user’s avatar
Click on “Your enterprise”
Copy the and share with Rezonate the GitHub enterprise name from the redirected url: https://github.com/enterprises/<enterprise_name>
Create a classic Personal access token:
On the top-right corner of the screen, click on the user’s avatar -> Click on “Settings”
From the left pane menu, scroll to the bottom of the page and click on “Developer settings”
From the left pane, expand “Personal access tokens” and choose “Tokens (classic)”
Click on “Generate new token” and choose “Generate new token (classic)”
Name the token “Rezonate Integration Access Token”, Set the expiration to 1 year.
Select the following scopes:
read:org
read:enterprise
read:user
user:email
Click “Generate token”.
Share back with Rezonate the following:
Enterprise Name (As extracted from the URL)
The generated Token.
