Share all details related to your problem, including any error messages you may have received.
I am trying to integrate IdentityIQ to GitHub so that we can pull in users, teams, permissions/roles. We are looking to pull user data and what team and permissions they have. Then we can manage those permissions and also complete certification on it.
We are using Web Services connector. I have been exploring both Rest API and GraphQL for GitHub to see if there is a way to map this info back to a user account.
Looking to see if anyone has connecting to GitHub in this way and might be able to provide some guidance.
@GreeneT
We have previously used active directly group based authorization in GitHub to manage the user accesses. The groups were being managed by sailpoint through AD connector and users were getting access to GitHub based on their memberships to the specific AD groups.
This solution was pretty simple and no other connector was being developed/used for GitHub.
Hi @GreeneT, Actually I did that once (3 years back) maybe the APIs now changed…
The challenge was in one point only regarding getting the users’ data, actually, you need to get the users from groups APIs we didn’t have any endpoints to get the users directly so we did that through Before Operation rule by getting all the users inside the groups and removing the duplicates then calling the users API/endpoint.
Lemme know if you need more elaboration on that, also maybe the APIs changed from the last time we worked on it.
So, we have tried with the REST API, and it seems next to impossible to just pull a list of teams on an Org that shows the members of the team with permissions/roles they might have for each team they are part of.
Would make things easier if this info was listed on the user record. What do you mean by groups?
I am now trying to pull out this data by using GraphQL so I don’t need to parse a bunch of data in a Before Rule. But it seems I am running into similar roadblocks. I figured a company of GitHub size would have better APIs for user management. But seems there is an OOTB connector for GitHub with IDN but not IIQ.
We tried to use API both rest GraphQL but was not able to achieve because of the complex combination , It was long back so don’t remember full issues .
Organization
GET /user/memberships/orgs
Team
GET /orgs/{organization_name}/teams/{team_name}/members
Later we moved to option of AD group which was mapped to okta and that use to provide the required access to GitHub cloud .