Torii integrates with GitHub Enterprise and syncs the user list into Torii.
We also support 2 actions, allowing to invite and remove organization members from Github.
User & License Data
Torii lists the users who were provisioned by GitHub and will not list any other users or licenses.
Requirements:
A GitHub Enterprise Cloud account
Users are authenticated using SAML single sign-on.
Users are provisioned by an Identity Provider using SCIM.
Instructions:
- Create a personal access token on GitHub with the
admin:orgscope, or withscim:enterprisescope for enterprise accounts using SCIM. Authorize the personal access token for use with SAML single sign-on.
Add the access token on the Torii Integrations page.
Why is the admin: org scope required?
Torii’s GitHub Enterprise integration is based on GitHub’s SCIM API, which requires the admin: org scope. Unfortunately, GitHub does not provide alternatives and more limited scopes to access the required data.
As a technical user of GitHub, how can I verify the integration will work?
This isn't mandatory, but you can verify the access token was created successfully before connecting it out to Torii.
For technical users: verify by trying to access the SCIM API and seeing the list of users on your account:
GET https://api.github.com/scim/v2/organizations/YOUR_ORG_NAME/Users(replace the YOUR_ORG_NAME with your organization name and use Basic Authentication with the YOUR_ORG_NAME:ACCESS_TOKEN pair)
Q&A
Q: After connecting, I'm seeing the error "Your GitHub account reports no users." What's wrong?
A: This error indicates that no users are visible to Torii via GitHub's SCIM API. Verify that your users are provisioned to your GitHub organization through an Identity Provider using SCIM (see Requirement #3 above). Without SCIM provisioning, Torii cannot retrieve member or license information, even if your Personal Access Token is valid and authorized for SAML SSO.
Q: Are user roles always synced from GitHub?
A: Roles are synced only for EMU-enabled Enterprises.