Azure AD (AAD) Service Principal Support for GHEC EMUs (Preview) #360
Labels
cloud
Available on Cloud
Enterprise
Product SKU: GitHub Enterprise
identity
Feature: Github identity
preview
Feature phase: Preview
Comments
github-product-roadmap
added
admin-cloud
preview
ankneis
moved this from Q4 2022 – Oct-Dec
to Q1 2023 – Jan-Mar
in GitHub Public Roadmap
blakebrunson
changed the title
|
This issue is being closed as outdated. For more information, please check out this Discussion post. Stay tuned for new additions to our refreshed public roadmap! |
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Summary
Many large GitHub Enterprise customers use Service Principals to serve their automation needs in a centralised, auditable and secure fashion. Service Principals support the full identity and credential lifecycle for automation scenarios.
Intended Outcome
In this initiative, we will enable support for Azure AD Service Principles for GHEC EMUs as credentials on GitHub apps. We will later bring this capability to GHAE and GHES.
How will it work?
To begin, enterprise customers will first need to configure a GHEC EMU Enterprise utilizing Azure AD OpenID Connect (OIDC). Next, an Azure AD admin will create the application and service principal objects in the application's AAD tenant. Finally, an organization owner will register the Service Principal as a credential on a GitHub Application within their GHEC EMU Enterprise, installed to one or more organizations.
The text was updated successfully, but these errors were encountered: