Enable SSO for SSH Keys and Tokens
To get set up with GitHub Single Sign-On (SSO), there are a couple of settings a user must configure on their account. Follow the below instructions; failure to do so may cause access issues with some GitHub functionality, such as project deploy/user SSH keys, ability to initiate pipelines and edit config, etc.
- Log into GitHub and navigate to your user’s Settings → SSH and GPG keys (direct link here).
- For each key used in one or more protected orgs, Configure SSO → Authorize the org(s) so that the key can access protected resources:
- These SSH keys should now have access to the protected orgs. No further action within CircleCI is required.
Enabling SSO for Tokens and Apps
If using GitHub personal access tokens in your CircleCI pipelines, you’ll also need to Enable SSO for each token. Follow the same steps as above:
- Go to Settings → Developer Settings → Personal access tokens
- Follow the same steps as described above to enable protected org access for these tokens.
See our support article here for troubleshooting common SSO/SAML-related issues for user GitHub OAuth credentials (used for most interactions with CircleCI, including creating pipelines on new commits).
For troubleshooting issues with GitHub SSH keys and personal access tokens, see the above sections.