GitHub access control

Schwendner, Joanne joanne_schwendner at
Wed Jul 15 18:02:32 UTC 2020

Does anyone have experience with controlling access to
individual Organizations in GitHub Cloud?  We would like to control access
by using Grouper group memberships.  We are successfully using their SAML
SSO support.  But...

It seems the only attribute GitHub cares about is NameID.  We are currently
passing our persistent ID in NameID.  If it's there, they get in. To block
access for a user, we would have to NOT send NameID in the assertion, if
that's even possible.

Is it possible to conditionally NOT send NameID depending on a user's other
attributes?  Is there another way to manage GitHub Org access (besides



Joanne Schwendner
Senior Developer - Web, Integration, & Identity Services
Brown University
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the users mailing list