88
edits
GitHub/GHE SAML User FAQ: Difference between revisions
Added verbiage for github account management and SAML
Cknowles-moz (talk | contribs) (add an email to your profile, and set it to staff visible.) |
Cknowles-moz (talk | contribs) (Added verbiage for github account management and SAML) |
||
| Line 4: | Line 4: | ||
== What is SAML? Isn't this the same as SSO? == | == What is SAML? Isn't this the same as SSO? == | ||
You often hear about SSO (Single Sign On), allowing you to use one account in many places. The protocol that SSO uses to do this is SAML - Security Assurance Markup Language. In the case of GitHub, we aren't using it to just do one set of credentials, you'll still have your Mozilla/People.m.o login, AND your GitHub login, but this will make it so that you will have to have a valid account setup with Mozilla to access Mozilla organizations in GitHub. This is why we stopped calling this "SSO" in this project, as that setup a false sense of "Are you going to make me change my github configs/accounts?!?!" Once setup, things should proceed much as before. | You often hear about SSO (Single Sign On), allowing you to use one account in many places. The protocol that SSO uses to do this is SAML - Security Assurance Markup Language. In the case of GitHub, we aren't using it to just do one set of credentials, you'll still have your Mozilla/People.m.o login, AND your GitHub login, but this will make it so that you will have to have a valid account setup with Mozilla to access Mozilla organizations in GitHub. This is why we stopped calling this "SSO" in this project, as that setup a false sense of "Are you going to make me change my github configs/accounts?!?!" Once setup, things should proceed much as before. | ||
== But my GitHub account is Mine! What happens if I leave Mozilla? == | |||
SAMLing does NOT change your GitHub account, nor does it give Mozilla personnel any authority over your account. You will still log into GitHub with your usual GitHub account/password/2FA setup. | |||
The only thing SAMLing does is authorize your GitHub account to access Mozilla SAML controlled areas in GitHub. This is handled via Auth0 and your [https://people.mozilla.org/e/ people.m.o] profile. | |||
If you leave Mozilla, you'll lose that special access, but your GitHub account is yours. | |||
== I already did this for org X, so I'm done, right? == | == I already did this for org X, so I'm done, right? == | ||
| Line 22: | Line 29: | ||
## You may see a button to “Authorize Mozilla” - Click that. | ## You may see a button to “Authorize Mozilla” - Click that. | ||
# Get back to your people.m.o profile, and edit the identities (Steps 1-5) | # Get back to your people.m.o profile, and edit the identities (Steps 1-5) | ||
This linkage does '''NOT''' change anything in your GitHub account, merely allowing Mozilla staff to see the connection between your GitHub ID and your people account. | This linkage does '''NOT''' change anything in your GitHub account, merely allowing Mozilla staff and Auth0 to see the connection between your GitHub ID and your people account. | ||
=== Make an email address at least Staff visible === | === Make an email address at least Staff visible === | ||