Skip to content

Azure AD (AAD) Service Principal Support for GHEC EMUs (Preview) #360

New issue
New issue
Closed as not planned
Closed as not planned
Azure AD (AAD) Service Principal Support for GHEC EMUs (Preview)#360
Labels
EnterpriseProduct SKU: GitHub EnterprisecloudAvailable on CloudidentityFeature: Github identitypreviewFeature phase: Preview
@github-product-roadmap

Description

@github-product-roadmap
github-product-roadmap
opened on Dec 15, 2021

Summary

Many large GitHub Enterprise customers use Service Principals to serve their automation needs in a centralised, auditable and secure fashion. Service Principals support the full identity and credential lifecycle for automation scenarios.

Intended Outcome

In this initiative, we will enable support for Azure AD Service Principles for GHEC EMUs as credentials on GitHub apps. We will later bring this capability to GHAE and GHES.

How will it work?

To begin, enterprise customers will first need to configure a GHEC EMU Enterprise utilizing Azure AD OpenID Connect (OIDC). Next, an Azure AD admin will create the application and service principal objects in the application's AAD tenant. Finally, an organization owner will register the Service Principal as a credential on a GitHub Application within their GHEC EMU Enterprise, installed to one or more organizations.

Metadata

Metadata

Assignees

No one assigned

    Labels

    EnterpriseProduct SKU: GitHub EnterprisecloudAvailable on CloudidentityFeature: Github identitypreviewFeature phase: Preview

    Type

    No type

    Projects

    GitHub Public Roadmap

    Status

    Future

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions