Github SAML Integration
This document explains how to implement MonoSign with Github. It covers Single Sign-On. Before you continue, it is better to start with Github’s Single Sign-On implementation page.
Creating an Application on MonoSign
Create your application on MonoSign and configure your access policy. Once you create, click “Keys” and add a new Access Key for SAML Key for access.
You are gonna see your configuration for your Github app as follows;
Configuration Single Sign-On for Github
In order to activate SAML in Github, the organization needs to be upgraded to an enterprise plan. In the top right corner of GitHub, click your profile photo, then click Your organizations. Next to the organization, click Settings. On the Billing and plans page, you can check your plan. Make sure your organization has an enterprise plan or upgrade it if you are willing to activate SAML SSO.
To activate SAML, click Authentication security in the Security section of the sidebar. Under SAML single sign-on, click Enable SAML authentication box.
You should fill out the form according to SAML key information created in the second chapter. Correspondings of the concepts are as below.
Github | MonoSign |
---|---|
Sign on URL | Sign on service |
Issuer | Entity id |
Public certificate | x509 format of the issued certificate for your SAML key |
You can download the certificate by clicking the Certificate button at the end of SAML key information.
You need to view your certificate in x509 format. in that case, we prefer using OpenSSL - “a robust, commercial-grade, full-featured toolkit for general-purpose cryptography and secure communication.”
Use the command below to view the certificate.
openssl x509 -in {path of your certificate} -text
The output contains various information about the certificate. However, you should check encryption algorithms and the text starts with “-----BEGIN CERTIFICATE-----”. Fill the steps 6 and 7 in the image above according to the output.
After filling the form click the Test SAML configuration button to enable the Save button. The test button will redirect you to the MonoSign login page.
You will see the application name which the key is created for. In that case, this is Github. A successful login will redirect you to the Github settings page but this time you will be able to save the settings. Click the save button to activate SAML Single Sign-On on Github.