diff --git a/content/admin/managing-iam/managing-recovery-codes-for-your-enterprise/downloading-your-enterprise-accounts-single-sign-on-recovery-codes.md b/content/admin/managing-iam/managing-recovery-codes-for-your-enterprise/downloading-your-enterprise-accounts-single-sign-on-recovery-codes.md index 96c5afdde7aa..7dc98ef2ae06 100644 --- a/content/admin/managing-iam/managing-recovery-codes-for-your-enterprise/downloading-your-enterprise-accounts-single-sign-on-recovery-codes.md +++ b/content/admin/managing-iam/managing-recovery-codes-for-your-enterprise/downloading-your-enterprise-accounts-single-sign-on-recovery-codes.md @@ -1,7 +1,7 @@ --- title: Downloading your enterprise account's single sign-on recovery codes shortTitle: Download recovery codes -intro: 'To ensure that you can access {% data variables.product.product_name %} if your identity provider (IdP) is unavailable, you should download your enterprise account''s single sign-on (SSO) recovery codes.' +intro: 'To ensure that you can access {% data variables.product.github %} if your identity provider (IdP) is unavailable, you should download your enterprise account''s single sign-on (SSO) recovery codes.' versions: ghec: '*' type: how_to diff --git a/content/admin/managing-iam/provisioning-user-accounts-with-scim/configuring-authentication-and-provisioning-with-entra-id.md b/content/admin/managing-iam/provisioning-user-accounts-with-scim/configuring-authentication-and-provisioning-with-entra-id.md index aabffe06e5cd..a1cb5f77c2d2 100644 --- a/content/admin/managing-iam/provisioning-user-accounts-with-scim/configuring-authentication-and-provisioning-with-entra-id.md +++ b/content/admin/managing-iam/provisioning-user-accounts-with-scim/configuring-authentication-and-provisioning-with-entra-id.md @@ -34,7 +34,7 @@ For more information, see [AUTOTITLE](/admin/managing-iam/provisioning-user-acco ## Prerequisites {% ifversion scim-for-ghes-public-beta %} -The general prerequisites for using SCIM on {% data variables.product.product_name %} apply. See the "Prerequisites" section in [AUTOTITLE](/admin/managing-iam/provisioning-user-accounts-with-scim/configuring-scim-provisioning-for-users#prerequisites). +The general prerequisites for using SCIM on {% data variables.product.prodname_ghe_server %} apply. See the "Prerequisites" section in [AUTOTITLE](/admin/managing-iam/provisioning-user-accounts-with-scim/configuring-scim-provisioning-for-users#prerequisites). In addition: @@ -44,7 +44,7 @@ In addition: * {% data reusables.saml.ghes-you-must-configure-saml-sso %} * {% data reusables.saml.create-a-machine-user %} {% endif %} -* To configure authentication and user provisioning for {% data variables.product.product_name %} using Entra ID, you must have an Entra ID account and tenant. For more information, see the [Entra ID website](https://www.microsoft.com/en-us/security/business/identity-access/microsoft-entra-id) and [Quickstart: Set up a tenant](https://learn.microsoft.com/entra/identity-platform/quickstart-create-new-tenant) in the Microsoft Docs. +* To configure authentication and user provisioning using Entra ID, you must have an Entra ID account and tenant. For more information, see the [Entra ID website](https://www.microsoft.com/en-us/security/business/identity-access/microsoft-entra-id) and [Quickstart: Set up a tenant](https://learn.microsoft.com/entra/identity-platform/quickstart-create-new-tenant) in the Microsoft Docs. {% ifversion scim-for-ghes-public-beta %} @@ -69,9 +69,9 @@ Before starting this section, ensure you have followed steps **1 and 2** in [AUT 1. In the "SAML certificates" section, download the SAML certificate (Base64). 1. In the "Set up {% data variables.product.prodname_ghe_server %}" section, make a note of the Login URL and Microsoft Entra Identifier. -### On {% data variables.product.product_name %} +### On {% data variables.product.prodname_ghe_server %} -1. Sign in to {% data variables.location.product_location %} as a user with access to the Management Console. +1. Sign in to {% data variables.product.prodname_ghe_server %} as a user with access to the Management Console. 1. Configure SAML using the information you have gathered. See [AUTOTITLE](/admin/managing-iam/using-saml-for-enterprise-iam/configuring-saml-single-sign-on-for-your-enterprise#configuring-saml-sso). ## 2. Configure SCIM @@ -100,8 +100,8 @@ When you have finished configuring SCIM, you may want to disable some SAML setti The steps to make a person an enterprise owner depend on whether you only use SAML or also use SCIM. For more information about enterprise owners, see [AUTOTITLE](/admin/user-management/managing-users-in-your-enterprise/roles-in-an-enterprise). -If you configured provisioning, to grant the user enterprise ownership in {% data variables.product.product_name %}, assign the enterprise owner role to the user in Entra ID. +If you configured provisioning, to grant the user enterprise ownership in {% data variables.product.github %}, assign the enterprise owner role to the user in Entra ID. -If you did not configure provisioning, to grant the user enterprise ownership in {% data variables.product.product_name %}, include the `administrator` attribute in the SAML assertion for the user account on the IdP, with the value of `true`. For more information about including the `administrator` attribute in the SAML claim from Entra ID, see [How to: customize claims issued in the SAML token for enterprise applications](https://docs.microsoft.com/azure/active-directory/develop/active-directory-saml-claims-customization) in the Microsoft Docs. +If you did not configure provisioning, to grant the user enterprise ownership in {% data variables.product.github %}, include the `administrator` attribute in the SAML assertion for the user account on the IdP, with the value of `true`. For more information about including the `administrator` attribute in the SAML claim from Entra ID, see [How to: customize claims issued in the SAML token for enterprise applications](https://docs.microsoft.com/azure/active-directory/develop/active-directory-saml-claims-customization) in the Microsoft Docs. {% endif %} diff --git a/content/admin/managing-iam/provisioning-user-accounts-with-scim/configuring-authentication-and-provisioning-with-pingfederate.md b/content/admin/managing-iam/provisioning-user-accounts-with-scim/configuring-authentication-and-provisioning-with-pingfederate.md index b53e0c189d9a..c7c718287015 100644 --- a/content/admin/managing-iam/provisioning-user-accounts-with-scim/configuring-authentication-and-provisioning-with-pingfederate.md +++ b/content/admin/managing-iam/provisioning-user-accounts-with-scim/configuring-authentication-and-provisioning-with-pingfederate.md @@ -39,7 +39,7 @@ If you're configuring SCIM provisioning for a new enterprise, make sure to compl {% else %} -The general prerequisites for using SCIM on {% data variables.product.product_name %} apply. See the "Prerequisites" section in [AUTOTITLE](/admin/managing-iam/provisioning-user-accounts-with-scim/configuring-scim-provisioning-for-users#prerequisites). +The general prerequisites for using SCIM on {% data variables.product.prodname_ghe_server %} apply. See the "Prerequisites" section in [AUTOTITLE](/admin/managing-iam/provisioning-user-accounts-with-scim/configuring-scim-provisioning-for-users#prerequisites). {% endif %} diff --git a/content/admin/managing-iam/provisioning-user-accounts-with-scim/configuring-scim-provisioning-for-users.md b/content/admin/managing-iam/provisioning-user-accounts-with-scim/configuring-scim-provisioning-for-users.md index c25a3e74cf38..24ca7538d116 100644 --- a/content/admin/managing-iam/provisioning-user-accounts-with-scim/configuring-scim-provisioning-for-users.md +++ b/content/admin/managing-iam/provisioning-user-accounts-with-scim/configuring-scim-provisioning-for-users.md @@ -60,8 +60,8 @@ If you're configuring SCIM provisioning for a new enterprise, make sure to compl * For authentication, your instance must use SAML SSO, or a mix of SAML and built-in authentication. * You cannot mix SCIM with other external authentication methods. If you use CAS or LDAP, you will need to migrate to SAML before using SCIM. * After you have configured SCIM, you must keep SAML authentication enabled to continue using SCIM. -* You must have administrative access on your IdP to configure user provisioning for {% data variables.product.product_name %}. -* You must have access to the Management Console on {% data variables.product.product_name %}. +* You must have administrative access on your IdP. +* You must have access to the Management Console on {% data variables.product.prodname_ghe_server %}. * If you are configuring SCIM on an instance with existing users, ensure you have understood how SCIM will identify and update these users. See [AUTOTITLE](/admin/managing-iam/provisioning-user-accounts-with-scim/user-provisioning-with-scim-on-ghes#what-will-happen-to-existing-users-on-my-instance). {% endif %} @@ -72,7 +72,7 @@ If you're configuring SCIM provisioning for a new enterprise, make sure to compl To ensure you can continue to sign in and configure settings when SCIM is enabled, you'll create an enterprise owner using built-in authentication. -1. Sign in to {% data variables.product.product_name %} as a user with access to the Management Console. +1. Sign in to {% data variables.product.prodname_ghe_server %} as a user with access to the Management Console. 1. If you have **already enabled SAML authentication**, ensure your settings allow you to create and promote a built-in setup user. Go to the "Authentication" section of the Management Console and enable the following settings: * Select **Allow creation of accounts with built-in authentication**, so you can create the user. diff --git a/content/admin/managing-iam/provisioning-user-accounts-with-scim/configuring-scim-provisioning-with-okta.md b/content/admin/managing-iam/provisioning-user-accounts-with-scim/configuring-scim-provisioning-with-okta.md index 993166f2a1db..9fc8216c2e9a 100644 --- a/content/admin/managing-iam/provisioning-user-accounts-with-scim/configuring-scim-provisioning-with-okta.md +++ b/content/admin/managing-iam/provisioning-user-accounts-with-scim/configuring-scim-provisioning-with-okta.md @@ -39,10 +39,10 @@ Alternatively, if you only intend to use Okta for SAML authentication and you wa | Feature | Description | | --- | --- | -| Push New Users | Users that are assigned to {% ifversion ghec %}the {% data variables.product.prodname_emu_idp_application %}{% else %}{% data variables.product.company_short %}'s{% endif %} application in Okta are automatically created in the enterprise on {% data variables.product.product_name %}. | -| Push Profile Update | Updates made to the user's profile in Okta will be pushed to {% data variables.product.product_name %}. | -| Push Groups | Groups in Okta that are assigned to the {% ifversion ghec %}the {% data variables.product.prodname_emu_idp_application %}{% else %}{% data variables.product.company_short %}'s{% endif %} application as Push Groups are automatically created in the enterprise on {% data variables.product.product_name %}. | -| Push User Deactivation | Unassigning the user from {% ifversion ghec %}the {% data variables.product.prodname_emu_idp_application %}{% else %}{% data variables.product.company_short %}'s{% endif %} application in Okta will disable the user on {% data variables.product.product_name %}. The user will not be able to sign in, but the user's information is maintained. | +| Push New Users | Users that are assigned to {% ifversion ghec %}the {% data variables.product.prodname_emu_idp_application %}{% else %}{% data variables.product.company_short %}'s{% endif %} application in Okta are automatically created in the enterprise on {% data variables.product.github %}. | +| Push Profile Update | Updates made to the user's profile in Okta will be pushed to {% data variables.product.github %}. | +| Push Groups | Groups in Okta that are assigned to the {% ifversion ghec %}the {% data variables.product.prodname_emu_idp_application %}{% else %}{% data variables.product.company_short %}'s{% endif %} application as Push Groups are automatically created in the enterprise on {% data variables.product.github %}. | +| Push User Deactivation | Unassigning the user from {% ifversion ghec %}the {% data variables.product.prodname_emu_idp_application %}{% else %}{% data variables.product.company_short %}'s{% endif %} application in Okta will disable the user on {% data variables.product.github %}. The user will not be able to sign in, but the user's information is maintained. | | Reactivate Users | Users in Okta whose Okta accounts are reactivated and who are assigned back to {% ifversion ghec %}the {% data variables.product.prodname_emu_idp_application %}{% else %}{% data variables.product.company_short %}'s{% endif %} application on Okta will be enabled. | {% ifversion ghec %} @@ -55,7 +55,7 @@ Alternatively, if you only intend to use Okta for SAML authentication and you wa ## Prerequisites {% ifversion ghes %} -The general prerequisites for using SCIM on {% data variables.product.product_name %} apply. See the "Prerequisites" section in [AUTOTITLE](/admin/managing-iam/provisioning-user-accounts-with-scim/configuring-scim-provisioning-for-users#prerequisites). +The general prerequisites for using SCIM on {% data variables.product.prodname_ghe_server %} apply. See the "Prerequisites" section in [AUTOTITLE](/admin/managing-iam/provisioning-user-accounts-with-scim/configuring-scim-provisioning-for-users#prerequisites). In addition: @@ -90,7 +90,7 @@ Before starting this section, ensure you have followed steps **1 and 2** in [AUT 1. On the right side of the page, click **View SAML setup instructions**. 1. Make a note of the "Sign on URL" and the "Issuer" URL. -### On {% data variables.product.product_name %} +### On {% data variables.product.prodname_ghe_server %} 1. Sign in to {% data variables.location.product_location %} as a user with access to the Management Console. 1. Configure SAML using the information you have gathered. See [AUTOTITLE](/admin/managing-iam/using-saml-for-enterprise-iam/configuring-saml-single-sign-on-for-your-enterprise#configuring-saml-sso). @@ -150,4 +150,4 @@ You can also automatically manage organization membership by adding groups to th ## How do I deprovision users and groups? -To remove a user or group from {% data variables.product.product_name %}, remove the user or group from both the "Assignments" tab and the "Push groups" tab in Okta. For users, make sure the user is removed from all groups in the "Push Groups" tab. +To remove a user or group from {% data variables.product.github %}, remove the user or group from both the "Assignments" tab and the "Push groups" tab in Okta. For users, make sure the user is removed from all groups in the "Push Groups" tab. diff --git a/content/admin/managing-iam/provisioning-user-accounts-with-scim/provisioning-users-and-groups-with-scim-using-the-rest-api.md b/content/admin/managing-iam/provisioning-user-accounts-with-scim/provisioning-users-and-groups-with-scim-using-the-rest-api.md index 1ed6832e624c..47a57d9903b5 100644 --- a/content/admin/managing-iam/provisioning-user-accounts-with-scim/provisioning-users-and-groups-with-scim-using-the-rest-api.md +++ b/content/admin/managing-iam/provisioning-user-accounts-with-scim/provisioning-users-and-groups-with-scim-using-the-rest-api.md @@ -41,7 +41,7 @@ If your enterprise on {% data variables.product.prodname_dotcom %} is created fo {% else %} -## About SCIM provisioning on {% data variables.product.product_name %} +## About SCIM provisioning on {% data variables.product.prodname_ghe_server %} To provision and maintain user accounts using SCIM, your identity management system must offer the following functionality: @@ -65,7 +65,7 @@ For more information about configuring SCIM provisioning using a partner IdP, se If you cannot use a partner IdP for both authentication and provisioning due to migration overhead, licensing costs, or organizational inertia, you can use another identity management system or combination of systems. The systems must provide authentication using SAML and user lifecycle management using SCIM, and must adhere to {% data variables.product.company_short %}'s integration guidelines. -{% data variables.product.company_short %} has not tested integration with every identity management system. While integration with {% ifversion ghec %}{% data variables.product.prodname_emus %}{% else %}{% data variables.product.product_name %}{% endif %} may be possible, {% data variables.product.company_short %}'s support team may not be able to assist you with issues related to these systems. If you need help with an identity management system that's not a partner IdP, or if you use a partner IdP only for SAML authentication, you must consult the system's documentation, support team, or other resources. +{% data variables.product.company_short %} has not tested integration with every identity management system. While integration with {% ifversion ghec %}{% data variables.product.prodname_emus %}{% else %}{% data variables.product.prodname_ghe_server %}{% endif %} may be possible, {% data variables.product.company_short %}'s support team may not be able to assist you with issues related to these systems. If you need help with an identity management system that's not a partner IdP, or if you use a partner IdP only for SAML authentication, you must consult the system's documentation, support team, or other resources. ## Prerequisites @@ -75,7 +75,7 @@ If you cannot use a partner IdP for both authentication and provisioning due to * You must enable an open SCIM configuration for your enterprise. For more information, see [AUTOTITLE](/admin/identity-and-access-management/provisioning-user-accounts-for-enterprise-managed-users/configuring-scim-provisioning-for-enterprise-managed-users#configuring-provisioning-for-other-identity-management-systems). * To authenticate requests to the REST API endpoints for SCIM, you must use a {% data variables.product.pat_v1 %} associated with your enterprise's setup user. The token requires the **scim:enterprise** scope. {% data variables.product.company_short %} recommends that you do not configure an expiration date for the token. See [AUTOTITLE](/admin/managing-iam/understanding-iam-for-enterprises/getting-started-with-enterprise-managed-users#create-a-personal-access-token). {%- else %} -To implement SCIM using the REST API, the general prerequisites for using SCIM on {% data variables.product.product_name %} apply. See the "Prerequisites" section in [AUTOTITLE](/admin/managing-iam/provisioning-user-accounts-with-scim/configuring-scim-provisioning-for-users#prerequisites). +To implement SCIM using the REST API, the general prerequisites for using SCIM on {% data variables.product.prodname_ghe_server %} apply. See the "Prerequisites" section in [AUTOTITLE](/admin/managing-iam/provisioning-user-accounts-with-scim/configuring-scim-provisioning-for-users#prerequisites). In addition, the following prerequisites apply: @@ -85,9 +85,9 @@ In addition, the following prerequisites apply: {% data reusables.scim.scim-standard-prerequisite %} * The user records for the systems that you use for authentication and provisioning must share a unique identifier and satisfy {% data variables.product.company_short %}'s matching criteria. For more information, see [AUTOTITLE](/rest/enterprise-admin/scim#mapping-of-saml-and-scim-data) in the REST API documentation. -## Best practices for SCIM provisioning with {% data variables.product.prodname_dotcom %}'s REST API +## Best practices for SCIM provisioning with {% data variables.product.github %}'s REST API -When you configure your identity management system to provision users or groups of users on {% data variables.product.product_name %}, {% data variables.product.company_short %} strongly recommends that you adhere to the following guidelines. +When you configure your identity management system to provision users or groups of users on {% data variables.product.github %}, {% data variables.product.company_short %} strongly recommends that you adhere to the following guidelines. * [Ensure your identity management system is the only source of write operations](#ensure-your-identity-management-system-is-the-only-source-of-write-operations) * [Send valid requests to REST API endpoints](#send-valid-requests-to-rest-api-endpoints) @@ -113,23 +113,23 @@ However, you can safely retrieve information from {% data variables.product.comp {% data variables.product.prodname_dotcom %}'s REST API endpoints for provisioning users with SCIM require well-formed requests. Bear in mind the following guidelines: * Requests that don't match the API's expectations will return a `400 Bad Request` error. -* REST API endpoints for provisioning users with SCIM require a `User-Agent` header. {% data variables.product.product_name %} will reject requests without this header. +* REST API endpoints for provisioning users with SCIM require a `User-Agent` header. {% data variables.product.github %} will reject requests without this header. {%- ifversion ghec %} * If your enterprise is on {% data variables.enterprise.data_residency_site %}, ensure you send API requests to the endpoint for your enterprise at `{% data variables.enterprise.data_residency_api %}`. {%- endif %} ### Provision users before you provision groups -SCIM groups are effective for the management of user access at scale. For example, you can use groups on your identity management system to manage team and organization membership on {% data variables.product.product_name %}. +SCIM groups are effective for the management of user access at scale. For example, you can use groups on your identity management system to manage team and organization membership on {% data variables.product.github %}. To manage team membership with groups on your identity management system, you must sequentially complete the following steps: -1. Provision user accounts on {% data variables.product.product_name %}. -1. Provision a group on {% data variables.product.product_name %}. +1. Provision user accounts on {% data variables.product.github %}. +1. Provision a group on {% data variables.product.github %}. 1. Update the membership of the group on your identity management system. -1. Create a team on {% data variables.product.product_name %} that's mapped to the group on your identity management system. +1. Create a team on {% data variables.product.github %} that's mapped to the group on your identity management system. -### Validate access for groups on {% data variables.product.prodname_dotcom %} +### Validate access for groups on {% data variables.product.github %} If you manage access using groups on your identity management system, you can validate that users get the access you intend. You can use the REST API to compare your system's group memberships with {% data variables.product.prodname_dotcom %}'s understanding of those groups. For more information, see [AUTOTITLE](/rest/teams/external-groups#about-external-groups) and [AUTOTITLE](/rest/teams/teams#get-a-team-by-name) in the REST API documentation. @@ -168,7 +168,7 @@ To provision, list, or manage users, make requests to the following REST API end Before a person with an identity on your identity management system can sign in to your enterprise, you must create the corresponding user. Your enterprise doesn't require an available license to provision a new user account. * For an overview of the supported attributes for users, see [SCIM](/rest/enterprise-admin/scim#supported-scim-user-attributes) in the REST API documentation. -* You can view provisioned users in the web UI for {% data variables.product.product_name %}. For more information, see [AUTOTITLE](/admin/managing-accounts-and-repositories/managing-users-in-your-enterprise/viewing-people-in-your-enterprise). +* You can view provisioned users in the {% data variables.product.github %} UI. For more information, see [AUTOTITLE](/admin/managing-accounts-and-repositories/managing-users-in-your-enterprise/viewing-people-in-your-enterprise). | Action | Method | Endpoint and more information | Events in the audit log | | :- | :- | :- | :- | @@ -181,7 +181,7 @@ Before a person with an identity on your identity management system can sign in ## Soft-deprovisioning users with the REST API -To prevent a user from signing in to access your enterprise, you can soft-deprovision the user by sending a `PUT` or `PATCH` request to update a user's `active` field to `false` to `/scim/v2/{% ifversion ghec %}enterprises/{enterprise}/{% endif %}Users/{scim_user_id}`. When you soft-deprovision a user, {% data variables.product.product_name %} obfuscates the user record's `login` and `email` fields, and the user is suspended. +To prevent a user from signing in to access your enterprise, you can soft-deprovision the user by sending a `PUT` or `PATCH` request to update a user's `active` field to `false` to `/scim/v2/{% ifversion ghec %}enterprises/{enterprise}/{% endif %}Users/{scim_user_id}`. When you soft-deprovision a user, {% data variables.product.github %} obfuscates the user record's `login` and `email` fields, and the user is suspended. When you soft-deprovision a user, the `external_identity.update` event does not appear in the audit log. The following events appear in the audit log: @@ -215,10 +215,10 @@ When you hard-deprovision a user, the following events occur: * The user record's `login` and `email` fields are obfuscated. * The user's display name is set to an empty string. -* {% data variables.product.product_name %} deletes all of the user's SCIM attributes, emails, SSH keys, {% data variables.product.pat_generic_plural %}, and GPG keys. -* The user's account on {% data variables.product.product_name %} is suspended, and authentication to sign in to the account will fail. +* {% data variables.product.github %} deletes all of the user's SCIM attributes, emails, SSH keys, {% data variables.product.pat_generic_plural %}, and GPG keys. +* The user's account on {% data variables.product.github %} is suspended, and authentication to sign in to the account will fail. -To reprovision the user, you must use the `POST` method to create a new user. The new user can reuse the deprovisioned user's `login`. If the email addresses of the hard-deprovisioned user and the new user match, {% data variables.product.product_name %} will attribute existing Git commits associated with the email address to the new user. Existing resources and comments created by the original user will not be associated with the new user. +To reprovision the user, you must use the `POST` method to create a new user. The new user can reuse the deprovisioned user's `login`. If the email addresses of the hard-deprovisioned user and the new user match, {% data variables.product.github %} will attribute existing Git commits associated with the email address to the new user. Existing resources and comments created by the original user will not be associated with the new user. ## Provisioning groups with the REST API @@ -228,7 +228,7 @@ While your enterprise doesn't require an available license to provision a new us * For an overview of the supported attributes for groups, see [SCIM](/rest/enterprise-admin/scim#supported-scim-group-attributes) in the REST API documentation. * For an overview of audit log events related to groups, see [AUTOTITLE](/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/audit-log-events-for-your-enterprise#external_group). -* You can view provisioned groups in the web UI for {% data variables.product.product_name %}. For more information, see [AUTOTITLE](/admin/identity-and-access-management/provisioning-user-accounts-for-enterprise-managed-users/managing-team-memberships-with-identity-provider-groups#viewing-idp-groups-group-membership-and-connected-teams). +* You can view provisioned groups in the {% data variables.product.github %} UI. For more information, see [AUTOTITLE](/admin/identity-and-access-management/provisioning-user-accounts-for-enterprise-managed-users/managing-team-memberships-with-identity-provider-groups#viewing-idp-groups-group-membership-and-connected-teams). | Action | Method | Endpoint and more information | Related events in the audit log | | :- | :- | :- | :- | @@ -241,7 +241,7 @@ While your enterprise doesn't require an available license to provision a new us ### Additional audit log events for changes to IdP groups -If you update the members of an existing group using a `PUT` or `PATCH` request to `/scim/v2/{% ifversion ghec %}enterprises/{enterprise}/{% endif %}Groups/{scim_group_id}`, {% data variables.product.product_name %} may add the user to the organization or remove the user from the organization depending on the user's current organization membership. If the user is already a member of at least one team in the organization, the user is a member of the organization. If the user is not a member of any teams in the organization, the user may also not already be a member of the organization. +If you update the members of an existing group using a `PUT` or `PATCH` request to `/scim/v2/{% ifversion ghec %}enterprises/{enterprise}/{% endif %}Groups/{scim_group_id}`, {% data variables.product.github %} may add the user to the organization or remove the user from the organization depending on the user's current organization membership. If the user is already a member of at least one team in the organization, the user is a member of the organization. If the user is not a member of any teams in the organization, the user may also not already be a member of the organization. If your request updates a group linked to a team in an organization where a user is not already a member, in addition to `external_group.update`, the following events appear in the audit log: @@ -272,9 +272,9 @@ After you configure SCIM provisioning for your enterprise, you may need to migra * If a request to provision a user fails with a `400` error, and the error message in your identity management system's log indicates issues with account ownership or username formatting, review [AUTOTITLE](/admin/identity-and-access-management/iam-configuration-reference/username-considerations-for-external-authentication). -* After successful authentication, {% data variables.product.product_name %} links the user who authenticated to an identity provisioned by SCIM. The unique identifiers for authentication and provisioning must match. For more information, see [AUTOTITLE](/rest/enterprise-admin/scim#mapping-of-saml-and-scim-data).{% ifversion ghec %} You can also view this mapping on {% data variables.product.github %}. See [AUTOTITLE](/admin/managing-accounts-and-repositories/managing-users-in-your-enterprise/viewing-and-managing-a-users-saml-access-to-your-enterprise#viewing-and-revoking-a-linked-identity).{% endif %} +* After successful authentication, {% data variables.product.github %} links the user who authenticated to an identity provisioned by SCIM. The unique identifiers for authentication and provisioning must match. For more information, see [AUTOTITLE](/rest/enterprise-admin/scim#mapping-of-saml-and-scim-data).{% ifversion ghec %} You can also view this mapping on {% data variables.product.github %}. See [AUTOTITLE](/admin/managing-accounts-and-repositories/managing-users-in-your-enterprise/viewing-and-managing-a-users-saml-access-to-your-enterprise#viewing-and-revoking-a-linked-identity).{% endif %} -* If you manage access using groups on your identity management system, you can troubleshoot using the REST API or web UI for {% data variables.product.product_name %}. +* If you manage access using groups on your identity management system, you can troubleshoot using the REST API or web UI for {% data variables.product.github %}. * You can use the REST API to compare your identity management system's group memberships with {% data variables.product.prodname_dotcom %}'s understanding of those groups. See [AUTOTITLE](/rest/teams/external-groups#about-external-groups) and [AUTOTITLE](/rest/teams/teams#get-a-team-by-name). * For more information about troubleshooting using the web UI, see [AUTOTITLE](/admin/identity-and-access-management/provisioning-user-accounts-for-enterprise-managed-users/troubleshooting-team-membership-with-identity-provider-groups). diff --git a/content/admin/managing-iam/provisioning-user-accounts-with-scim/user-provisioning-with-scim-on-ghes.md b/content/admin/managing-iam/provisioning-user-accounts-with-scim/user-provisioning-with-scim-on-ghes.md index db3f8b85b847..2b2ae29316f4 100644 --- a/content/admin/managing-iam/provisioning-user-accounts-with-scim/user-provisioning-with-scim-on-ghes.md +++ b/content/admin/managing-iam/provisioning-user-accounts-with-scim/user-provisioning-with-scim-on-ghes.md @@ -23,13 +23,13 @@ redirect_from: {% data reusables.scim.ghes-beta-note %} -## About user provisioning for {% data variables.product.product_name %} +## About user provisioning for {% data variables.product.prodname_ghe_server %} If you use SAML single sign-on (SSO) for {% data variables.location.product_location %}, you can configure SCIM to automatically create or suspend user accounts and grant access to your instance when you assign or unassign the application on your IdP. For more information about SCIM, see [System for Cross-domain Identity Management: Protocol (RFC 7644)](https://tools.ietf.org/html/rfc7644) on the IETF website. -If you do not configure user provisioning with SCIM, your IdP will not communicate with {% data variables.product.product_name %} automatically when you assign or unassign the application to a user. Without SCIM, {% data variables.product.product_name %} creates a user account using SAML Just-in-Time (JIT) provisioning the first time someone navigates to {% data variables.product.product_name %} and signs in by authenticating through your IdP. +If you do not configure user provisioning with SCIM, your IdP will not communicate with {% data variables.product.prodname_ghe_server %} automatically when you assign or unassign the application to a user. Without SCIM, {% data variables.product.prodname_ghe_server %} creates a user account using SAML Just-in-Time (JIT) provisioning the first time someone navigates to {% data variables.product.prodname_ghe_server %} and signs in by authenticating through your IdP. -To configure provisioning for your enterprise, you must enable provisioning on {% data variables.product.product_name %}, then {% ifversion scim-for-ghes-public-beta %}either {% endif %}install and configure a provisioning application on your IdP{% ifversion scim-for-ghes-public-beta %}, or configure SCIM provisioning manually using {% data variables.product.company_short %}'s REST API endpoints for SCIM{% endif %}. +To configure provisioning for your enterprise, you must enable provisioning on {% data variables.product.prodname_ghe_server %}, then {% ifversion scim-for-ghes-public-beta %}either {% endif %}install and configure a provisioning application on your IdP{% ifversion scim-for-ghes-public-beta %}, or configure SCIM provisioning manually using {% data variables.product.company_short %}'s REST API endpoints for SCIM{% endif %}. ## Supported identity providers @@ -57,7 +57,7 @@ If you cannot use a single partner IdP for both authentication and provisioning, {% else %} -During the {% data variables.release-phases.private_preview %}, your account team will provide documentation for the configuration of SCIM for {% data variables.product.product_name %} on a supported IdP. +During the {% data variables.release-phases.private_preview %}, your account team will provide documentation for the configuration of SCIM for {% data variables.product.prodname_ghe_server %} on a supported IdP. {% endif %} @@ -65,7 +65,7 @@ During the {% data variables.release-phases.private_preview %}, your account tea {% data reusables.enterprise_user_management.scim-manages-user-lifecycle %} -When SCIM is enabled, you will no longer be able to delete, suspend, or promote SCIM-provisioned users directly on {% data variables.product.product_name %}. You must manage these processes from your IdP. +When SCIM is enabled, you will no longer be able to delete, suspend, or promote SCIM-provisioned users directly on {% data variables.product.prodname_ghe_server %}. You must manage these processes from your IdP. ## What will happen to existing users on my instance? @@ -77,13 +77,13 @@ If you currently use SAML SSO, and you are enabling SCIM, you should be aware of ## What happens during SAML authentication? -After an IdP administrator grants a person access to {% data variables.location.product_location %}, the user can authenticate through the IdP to access {% data variables.product.product_name %} using SAML SSO. +After an IdP administrator grants a person access to {% data variables.location.product_location %}, the user can authenticate through the IdP to access {% data variables.product.prodname_ghe_server %} using SAML SSO. * When a user authenticates through SAML, to associate a user with a SAML identity, {% data variables.product.prodname_dotcom %} compares a normalized `NameID` claim from the IdP (or another value you have configured) to the account's username. For details about normalization, see [AUTOTITLE](/admin/identity-and-access-management/managing-iam-for-your-enterprise/username-considerations-for-external-authentication#about-username-normalization). * If there is no account with a matching username on the instance, the user will fail to sign in. - * To make this match, {% data variables.product.product_name %} compares the SAML `NameId` claim from the IdP to the SCIM `userName` attribute for each user account provisioned by SCIM on the instance. - * Additionally, for Entra ID, {% data variables.product.product_name %} compares the object identifier from the SAML request with an existing SCIM external ID. -* If your environment does not use `NameID` to uniquely identify users, a site administrator can configure custom user attributes for the instance. {% data variables.product.product_name %} will respect this mapping when SCIM is configured. For more information about mapping user attributes, see [AUTOTITLE](/admin/identity-and-access-management/using-saml-for-enterprise-iam/configuring-saml-single-sign-on-for-your-enterprise#configuring-saml-sso). + * To make this match, {% data variables.product.prodname_ghe_server %} compares the SAML `NameId` claim from the IdP to the SCIM `userName` attribute for each user account provisioned by SCIM on the instance. + * Additionally, for Entra ID, {% data variables.product.prodname_ghe_server %} compares the object identifier from the SAML request with an existing SCIM external ID. +* If your environment does not use `NameID` to uniquely identify users, a site administrator can configure custom user attributes for the instance. {% data variables.product.prodname_ghe_server %} will respect this mapping when SCIM is configured. For more information about mapping user attributes, see [AUTOTITLE](/admin/identity-and-access-management/using-saml-for-enterprise-iam/configuring-saml-single-sign-on-for-your-enterprise#configuring-saml-sso). {% ifversion scim-for-ghes-public-beta %} @@ -126,13 +126,13 @@ To get started with SCIM, you will: * Your IdP must support making SCIM calls to a Service Provider (SP). -* You must have administrative access on your IdP to configure the application for user provisioning for {% data variables.product.product_name %}. +* You must have administrative access on your IdP to configure the application for user provisioning for {% data variables.product.prodname_ghe_server %}. ## Enabling user provisioning for your enterprise To perform provisioning actions on your instance, you will create a built-in user account and promote the account to an enterprise owner. -After you enable SCIM on a {% data variables.product.product_name %} instance, all user accounts are suspended. The built-in user account will continue to perform provisioning actions. After you grant a user access to your instance from your IdP, the IdP will communicate with the instance using SCIM to unsuspend the user's account. +After you enable SCIM on a {% data variables.product.prodname_ghe_server %} instance, all user accounts are suspended. The built-in user account will continue to perform provisioning actions. After you grant a user access to your instance from your IdP, the IdP will communicate with the instance using SCIM to unsuspend the user's account. 1. Create a built-in user account to perform provisioning actions on your instance. For more information, see [AUTOTITLE](/admin/identity-and-access-management/managing-iam-for-your-enterprise/allowing-built-in-authentication-for-users-outside-your-provider#inviting-users-outside-your-provider-to-authenticate-to-your-instance). 1. Promote the dedicated user account to an enterprise owner. For more information, see [AUTOTITLE](/admin/user-management/managing-users-in-your-enterprise/inviting-people-to-manage-your-enterprise#adding-an-enterprise-administrator-to-your-enterprise-account). @@ -159,6 +159,6 @@ After you enable SCIM on a {% data variables.product.product_name %} instance, a ``` The command should return an empty array. -1. Configure user provisioning in the application for {% data variables.product.product_name %} on your IdP. To request documentation for a supported IdP, contact your account manager on {% data variables.contact.contact_enterprise_sales %}. If your IdP is unsupported, you must create the application and configure SCIM manually. +1. Configure user provisioning in the application for {% data variables.product.prodname_ghe_server %} on your IdP. To request documentation for a supported IdP, contact your account manager on {% data variables.contact.contact_enterprise_sales %}. If your IdP is unsupported, you must create the application and configure SCIM manually. {% endif %} diff --git a/content/admin/managing-iam/reconfiguring-iam-for-enterprise-managed-users/migrating-your-enterprise-to-a-new-identity-provider-or-tenant.md b/content/admin/managing-iam/reconfiguring-iam-for-enterprise-managed-users/migrating-your-enterprise-to-a-new-identity-provider-or-tenant.md index de7147742ac3..0640555ede9d 100644 --- a/content/admin/managing-iam/reconfiguring-iam-for-enterprise-managed-users/migrating-your-enterprise-to-a-new-identity-provider-or-tenant.md +++ b/content/admin/managing-iam/reconfiguring-iam-for-enterprise-managed-users/migrating-your-enterprise-to-a-new-identity-provider-or-tenant.md @@ -39,8 +39,8 @@ To migrate to a new configuration for authentication and provisioning, you must * If the normalized SCIM `userName` values will remain the same after the migration, you can complete the migration yourself. * If the normalized SCIM `userName` values will change after the migration, {% data variables.product.company_short %} will need to help with your migration. For more information, see [Migrating when the normalized SCIM `userName` values will change](#migrating-when-the-normalized-scim-username-values-will-change). * Do not remove any users or groups from the application for {% data variables.product.prodname_emus %} on your identity management system until after your migration is complete. -* {% data variables.product.product_name %} will delete any {% data variables.product.pat_generic_plural %} or SSH keys associated with your enterprise's {% data variables.enterprise.prodname_managed_users %}. Plan for a migration window after reconfiguration during which you can create and provide new credentials to any external integrations. -* {% data variables.product.product_name %} will remove connections between teams on {% data variables.product.prodname_dotcom %} and IdP groups, and does not reinstate the connections after migration. {% data variables.product.prodname_dotcom %} will also remove all members from the team and leave the team unconnected to your IdP. You may experience disruption if you use groups on your identity management system to manage access to organizations or licenses. {% data variables.product.company_short %} recommends that you use the REST API to list team connections and group membership before you migrate, and to reinstate connections afterwards. For more information, see [AUTOTITLE](/rest/teams/external-groups) in the REST API documentation. +* {% data variables.product.github %} will delete any {% data variables.product.pat_generic_plural %} or SSH keys associated with your enterprise's {% data variables.enterprise.prodname_managed_users %}. Plan for a migration window after reconfiguration during which you can create and provide new credentials to any external integrations. +* {% data variables.product.github %} will remove connections between teams on {% data variables.product.prodname_dotcom %} and IdP groups, and does not reinstate the connections after migration. {% data variables.product.prodname_dotcom %} will also remove all members from the team and leave the team unconnected to your IdP. You may experience disruption if you use groups on your identity management system to manage access to organizations or licenses. {% data variables.product.company_short %} recommends that you use the REST API to list team connections and group membership before you migrate, and to reinstate connections afterwards. For more information, see [AUTOTITLE](/rest/teams/external-groups) in the REST API documentation. ## Migrating to a new IdP or tenant @@ -73,11 +73,11 @@ If you don't already have single sign-on recovery codes for your enterprise, dow 1. Use a recovery code to sign into {% data variables.product.prodname_dotcom %} as the setup user, whose username is your enterprise's shortcode suffixed with `_admin`. For more information about the setup user, see [AUTOTITLE](/admin/identity-and-access-management/understanding-iam-for-enterprises/getting-started-with-enterprise-managed-users). 1. Disable authentication and provisioning for your enterprise. For more information, see [AUTOTITLE](/admin/identity-and-access-management/configuring-authentication-for-enterprise-managed-users/disabling-authentication-for-enterprise-managed-users#disabling-authentication). -1. Wait up to an hour for {% data variables.product.product_name %} to reset your enterprise's SCIM records and suspend your enterprise's members. +1. Wait up to an hour for {% data variables.product.github %} to reset your enterprise's SCIM records and suspend your enterprise's members. ### 5. Validate suspension of your enterprise's members -After you disable authentication and provisioning, {% data variables.product.product_name %} will suspend all of the {% data variables.enterprise.prodname_managed_users %} for your enterprise. You can validate suspension of your enterprise's members using the web UI. +After you disable authentication and provisioning, {% data variables.product.github %} will suspend all of the {% data variables.enterprise.prodname_managed_users %} for your enterprise. You can validate suspension of your enterprise's members using the web UI. 1. View the suspended members in your enterprise. For more information, see [AUTOTITLE](/admin/managing-accounts-and-repositories/managing-users-in-your-enterprise/viewing-people-in-your-enterprise#viewing-suspended-members). 1. If all of your enterprise's members are not yet suspended, continue waiting, and review the logs on your SCIM provider. @@ -91,7 +91,7 @@ After you validate the suspension of your enterprise's members, reconfigure auth 1. Configure authentication using SAML or OIDC SSO. For more information, see [AUTOTITLE](/admin/identity-and-access-management/configuring-authentication-for-enterprise-managed-users). 1. Configure SCIM provisioning. For more information, see [AUTOTITLE](/admin/identity-and-access-management/provisioning-user-accounts-for-enterprise-managed-users/configuring-scim-provisioning-for-enterprise-managed-users). -To unsuspend your {% data variables.enterprise.prodname_managed_users %} and allow them to sign in to {% data variables.product.product_name %}, your SCIM provider must reprovision their accounts. +To unsuspend your {% data variables.enterprise.prodname_managed_users %} and allow them to sign in to {% data variables.product.github %}, your SCIM provider must reprovision their accounts. ## Migrating when the normalized SCIM `userName` values will change diff --git a/content/admin/managing-iam/understanding-iam-for-enterprises/about-identity-and-access-management.md b/content/admin/managing-iam/understanding-iam-for-enterprises/about-identity-and-access-management.md index a46a5e2eec0d..2a3e2aa03ed2 100644 --- a/content/admin/managing-iam/understanding-iam-for-enterprises/about-identity-and-access-management.md +++ b/content/admin/managing-iam/understanding-iam-for-enterprises/about-identity-and-access-management.md @@ -1,7 +1,7 @@ --- title: About identity and access management shortTitle: About IAM -intro: 'Administrators for {% ifversion ghec %}{% data variables.product.product_name %}{% elsif ghes %}a {% data variables.product.product_name %} instance{% endif %} must decide how users will access {% ifversion ghec %}the enterprise''s resources{% ifversion ghec %} on {% data variables.product.prodname_dotcom_the_website %}{% endif %}{% elsif ghes %} the instance{% endif %}.' +intro: 'Administrators must decide how users will access the enterprise''s resources on {% data variables.product.github %}.' versions: ghec: '*' ghes: '*' @@ -18,7 +18,7 @@ topics: - SSO --- -## About IAM for {% data variables.product.product_name %} +## About IAM for {% data variables.product.github %} {% ifversion ghec %} @@ -28,7 +28,7 @@ After learning more about authentication and provisioning for each of these opti {% elsif ghes %} -Administrators who configure a {% data variables.product.product_name %} instance can use local accounts and built-in authentication on the instance. Alternatively, to centralize identity and access for an enterprise's web applications, administrators can configure an external authentication method. If you use SAML, you can optionally provision user accounts on the instance from your identity provider (IdP) using System for Cross-domain Identity Management (SCIM). +Administrators who configure a {% data variables.product.prodname_ghe_server %} instance can use local accounts and built-in authentication on the instance. Alternatively, to centralize identity and access for an enterprise's web applications, administrators can configure an external authentication method. If you use SAML, you can optionally provision user accounts on the instance from your identity provider (IdP) using System for Cross-domain Identity Management (SCIM). {% endif %} @@ -40,7 +40,7 @@ Administrators who configure a {% data variables.product.product_name %} instanc {% ifversion ghec %} -When you create an enterprise on {% data variables.product.product_name %}, you can decide how people authenticate to access your resources on {% data variables.product.prodname_dotcom_the_website %}, and who controls the user accounts. +When you create an enterprise on {% data variables.product.github %}, you can decide how people authenticate to access your resources and who controls the user accounts. * [Authentication through {% data variables.location.product_location %}](#authentication-through-githubcom) * [Authentication through {% data variables.location.product_location %} with additional SAML access restriction](#authentication-through-githubcom-with-additional-saml-access-restriction) @@ -62,7 +62,7 @@ If you need more control of the accounts for your enterprise members on {% data {% elsif ghes %} -The following authentication methods are available for {% data variables.product.product_name %}. +The following authentication methods are available for {% data variables.product.prodname_ghe_server %}. * [Built-in authentication](#built-in-authentication) * [External authentication](#external-authentication) @@ -99,7 +99,7 @@ Alternatively, if you use [{% data variables.product.prodname_emus %}](#authenti {% elsif ghes %} -If you configure built-in authentication, CAS, LDAP, or SAML, {% data variables.product.product_name %} creates a user account when an authorized person signs into the instance, or "just in time" (JIT). Optionally, if you use SAML, you can provision user accounts from your identity provider (IdP) using SCIM. For more information, see [AUTOTITLE](/admin/identity-and-access-management/using-saml-for-enterprise-iam/configuring-user-provisioning-with-scim-for-your-enterprise). +If you configure built-in authentication, CAS, LDAP, or SAML, {% data variables.product.prodname_ghe_server %} creates a user account when an authorized person signs into the instance, or "just in time" (JIT). Optionally, if you use SAML, you can provision user accounts from your identity provider (IdP) using SCIM. For more information, see [AUTOTITLE](/admin/identity-and-access-management/using-saml-for-enterprise-iam/configuring-user-provisioning-with-scim-for-your-enterprise). {% endif %} diff --git a/content/admin/managing-iam/understanding-iam-for-enterprises/about-saml-for-enterprise-iam.md b/content/admin/managing-iam/understanding-iam-for-enterprises/about-saml-for-enterprise-iam.md index cbf0f254903a..fc0279046d6f 100644 --- a/content/admin/managing-iam/understanding-iam-for-enterprises/about-saml-for-enterprise-iam.md +++ b/content/admin/managing-iam/understanding-iam-for-enterprises/about-saml-for-enterprise-iam.md @@ -68,7 +68,7 @@ After you configure SAML, people who use {% data variables.location.product_loca {% endif %} -For more information about the configuration of SAML SSO on {% data variables.product.product_name %}, see [AUTOTITLE](/admin/identity-and-access-management/using-saml-for-enterprise-iam/configuring-saml-single-sign-on-for-your-enterprise). +For more information about the configuration of SAML SSO on {% data variables.product.github %}, see [AUTOTITLE](/admin/identity-and-access-management/using-saml-for-enterprise-iam/configuring-saml-single-sign-on-for-your-enterprise). {% ifversion ghes %} @@ -99,11 +99,7 @@ Shibboleth | {% octicon "check" aria-label="Supported" %} | {% octicon "x" aria- {% data reusables.saml.saml-supported-idps %} -{% ifversion ghes %} - -If your IdP supports encrypted assertions, you can configure encrypted assertions on {% data variables.product.product_name %} for increased security during the authentication process. - -{% endif %} +If your IdP supports encrypted assertions, you can configure encrypted assertions on {% data variables.product.prodname_ghe_server %} for increased security during the authentication process. {% data reusables.saml.saml-single-logout-not-supported %} diff --git a/content/admin/managing-iam/understanding-iam-for-enterprises/allowing-built-in-authentication-for-users-outside-your-provider.md b/content/admin/managing-iam/understanding-iam-for-enterprises/allowing-built-in-authentication-for-users-outside-your-provider.md index bade896a30b0..9750a8f9da61 100644 --- a/content/admin/managing-iam/understanding-iam-for-enterprises/allowing-built-in-authentication-for-users-outside-your-provider.md +++ b/content/admin/managing-iam/understanding-iam-for-enterprises/allowing-built-in-authentication-for-users-outside-your-provider.md @@ -22,7 +22,7 @@ shortTitle: Fallback authentication ## About built-in authentication for users outside your provider -By default, when you enable external authentication for {% data variables.product.product_name %}, built-in authentication is disabled for your instance. For more information, see [AUTOTITLE](/admin/identity-and-access-management/managing-iam-for-your-enterprise/about-authentication-for-your-enterprise#external-authentication). +By default, when you enable external authentication for {% data variables.product.prodname_ghe_server %}, built-in authentication is disabled for your instance. For more information, see [AUTOTITLE](/admin/identity-and-access-management/managing-iam-for-your-enterprise/about-authentication-for-your-enterprise#external-authentication). If you're unable to add specific accounts to your external authentication provider, such as accounts for contractors or machine users, you can configure fallback authentication. Fallback authentication allows built-in authentication for outside users and to access a fallback account if your authentication provider is unavailable. diff --git a/content/admin/managing-iam/understanding-iam-for-enterprises/index.md b/content/admin/managing-iam/understanding-iam-for-enterprises/index.md index d559561e3c07..54f8fb446d79 100644 --- a/content/admin/managing-iam/understanding-iam-for-enterprises/index.md +++ b/content/admin/managing-iam/understanding-iam-for-enterprises/index.md @@ -4,7 +4,7 @@ intro: | {%- ifversion ghec %} You can invite existing personal accounts on {% data variables.location.product_location %} to be members of your enterprise, and you can optionally enable SAML single sign-on (SSO) to centrally manage access. Alternatively, you can use {% data variables.product.prodname_emus %} with SAML SSO to create and control the accounts of your enterprise members. {%- elsif ghes %} - You can use {% data variables.product.product_name %}'s built-in authentication, or you can centrally manage authentication and access to your instance with CAS, LDAP, or SAML. + You can use {% data variables.product.prodname_ghe_server %}'s built-in authentication, or you can centrally manage authentication and access to your instance with CAS, LDAP, or SAML. {%- endif %} redirect_from: - /enterprise/admin/categories/authentication diff --git a/content/admin/managing-iam/understanding-iam-for-enterprises/troubleshooting-identity-and-access-management-for-your-enterprise.md b/content/admin/managing-iam/understanding-iam-for-enterprises/troubleshooting-identity-and-access-management-for-your-enterprise.md index 04d12277bf55..66829fca6d33 100644 --- a/content/admin/managing-iam/understanding-iam-for-enterprises/troubleshooting-identity-and-access-management-for-your-enterprise.md +++ b/content/admin/managing-iam/understanding-iam-for-enterprises/troubleshooting-identity-and-access-management-for-your-enterprise.md @@ -29,7 +29,7 @@ If a user is unable to successfully authenticate using SAML, it may be helpful t ## Username conflicts -{% ifversion ghec %}If your enterprise uses {% data variables.product.prodname_emus %}, {% endif %}{% data variables.product.product_name %} normalizes the SCIM `userName` attribute value that is sent by an identity provider (IdP) in a SCIM API call to create each person's username on {% data variables.product.prodname_dotcom %}. If multiple accounts are normalized into the same {% data variables.product.prodname_dotcom %} username, a username conflict occurs, and only the first user account is created. For more information, see [AUTOTITLE](/admin/identity-and-access-management/managing-iam-for-your-enterprise/username-considerations-for-external-authentication). +{% ifversion ghec %}If your enterprise uses {% data variables.product.prodname_emus %}, {% endif %}{% data variables.product.github %} normalizes the SCIM `userName` attribute value that is sent by an identity provider (IdP) in a SCIM API call to create each person's username on {% data variables.product.prodname_dotcom %}. If multiple accounts are normalized into the same {% data variables.product.prodname_dotcom %} username, a username conflict occurs, and only the first user account is created. For more information, see [AUTOTITLE](/admin/identity-and-access-management/managing-iam-for-your-enterprise/username-considerations-for-external-authentication). {% ifversion ghec %} diff --git a/content/admin/managing-iam/using-saml-for-enterprise-iam/configuring-saml-single-sign-on-for-your-enterprise-using-okta.md b/content/admin/managing-iam/using-saml-for-enterprise-iam/configuring-saml-single-sign-on-for-your-enterprise-using-okta.md index 7f416f92453b..c1fede72b197 100644 --- a/content/admin/managing-iam/using-saml-for-enterprise-iam/configuring-saml-single-sign-on-for-your-enterprise-using-okta.md +++ b/content/admin/managing-iam/using-saml-for-enterprise-iam/configuring-saml-single-sign-on-for-your-enterprise-using-okta.md @@ -1,6 +1,6 @@ --- title: Configuring SAML single sign-on for your enterprise using Okta -intro: 'You can use Security Assertion Markup Language (SAML) single sign-on (SSO) with Okta to automatically manage access to your enterprise account on {% data variables.product.product_name %}.' +intro: 'You can use Security Assertion Markup Language (SAML) single sign-on (SSO) with Okta to automatically manage access to your enterprise account on {% data variables.product.github %}.' redirect_from: - /github/setting-up-and-managing-your-enterprise/configuring-single-sign-on-for-your-enterprise-account-using-okta - /github/setting-up-and-managing-your-enterprise-account/configuring-saml-single-sign-on-for-your-enterprise-account-using-okta @@ -22,7 +22,7 @@ shortTitle: Configure SAML SSO with Okta ## About SAML with Okta -You can control access to your enterprise account in {% data variables.product.product_name %} and other web applications from one central interface by configuring the enterprise account to use SAML SSO with Okta, an Identity Provider (IdP). +You can control access to your enterprise account in {% data variables.product.github %} and other web applications from one central interface by configuring the enterprise account to use SAML SSO with Okta, an Identity Provider (IdP). SAML SSO controls and secures access to enterprise account resources like organizations, repositories, issues, and pull requests. For more information, see [AUTOTITLE](/admin/identity-and-access-management/using-saml-for-enterprise-iam/configuring-saml-single-sign-on-for-your-enterprise). diff --git a/content/admin/managing-iam/using-saml-for-enterprise-iam/configuring-saml-single-sign-on-for-your-enterprise.md b/content/admin/managing-iam/using-saml-for-enterprise-iam/configuring-saml-single-sign-on-for-your-enterprise.md index 92d3a15f3853..bb25a0e70496 100644 --- a/content/admin/managing-iam/using-saml-for-enterprise-iam/configuring-saml-single-sign-on-for-your-enterprise.md +++ b/content/admin/managing-iam/using-saml-for-enterprise-iam/configuring-saml-single-sign-on-for-your-enterprise.md @@ -2,7 +2,7 @@ title: Configuring SAML single sign-on for your enterprise shortTitle: Configure SAML SSO intro: 'You can control and secure access to {% ifversion ghec %}resources like repositories, issues, and pull requests within your enterprise''s organizations{% elsif ghes %}{% data variables.location.product_location %}{% endif %} by {% ifversion ghec %}enforcing{% elsif ghes %}configuring{% endif %} SAML single sign-on (SSO) through your identity provider (IdP).' -permissions: '{% ifversion ghes %}Site administrators{% elsif ghec %}Enterprise owners{% endif %} can configure SAML SSO for {% ifversion ghec %}an enterprise on {% data variables.product.product_name %}{% elsif ghes %}a {% data variables.product.product_name %} instance{% endif %}.' +permissions: '{% ifversion ghes %}Site administrators{% elsif ghec %}Enterprise owners{% endif %} can configure SAML SSO for {% ifversion ghec %}an enterprise on {% data variables.product.github %}{% elsif ghes %}a {% data variables.product.prodname_ghe_server %} instance{% endif %}.' versions: ghec: '*' ghes: '*' @@ -53,7 +53,7 @@ For more information, see [AUTOTITLE](/organizations/managing-saml-single-sign-o {% elsif ghes %} -SAML SSO allows you to centrally control and secure access to {% data variables.location.product_location %} from your SAML IdP. When an unauthenticated user visits {% data variables.location.product_location %} in a browser, {% data variables.product.product_name %} will redirect the user to your SAML IdP to authenticate. After the user successfully authenticates with an account on the IdP, the IdP redirects the user back to {% data variables.location.product_location %}. {% data variables.product.product_name %} validates the response from your IdP, then grants access to the user. +SAML SSO allows you to centrally control and secure access to {% data variables.location.product_location %} from your SAML IdP. When an unauthenticated user visits {% data variables.location.product_location %} in a browser, {% data variables.product.github %} will redirect the user to your SAML IdP to authenticate. After the user successfully authenticates with an account on the IdP, the IdP redirects the user back to {% data variables.location.product_location %}. {% data variables.product.github %} validates the response from your IdP, then grants access to the user. After a user successfully authenticates on your IdP, the user's SAML session for {% data variables.location.product_location %} is active in the browser for 24 hours. After 24 hours, the user must authenticate again with your IdP. @@ -109,7 +109,7 @@ For more detailed information about how to enable SAML using Okta, see [AUTOTITL ## Configuring SAML SSO -You can enable or disable SAML authentication for {% data variables.location.product_location %}, or you can edit an existing configuration. You can view and edit authentication settings for {% data variables.product.product_name %} in the {% data variables.enterprise.management_console %}. For more information, see [AUTOTITLE](/admin/configuration/administering-your-instance-from-the-management-console). +You can enable or disable SAML authentication for {% data variables.location.product_location %}, or you can edit an existing configuration. You can view and edit authentication settings in the {% data variables.enterprise.management_console %}. For more information, see [AUTOTITLE](/admin/configuration/administering-your-instance-from-the-management-console). > [!NOTE] > {% data reusables.enterprise.test-in-staging %} diff --git a/content/admin/managing-iam/using-saml-for-enterprise-iam/enabling-encrypted-assertions.md b/content/admin/managing-iam/using-saml-for-enterprise-iam/enabling-encrypted-assertions.md index e7233377e2ce..1da21e518227 100644 --- a/content/admin/managing-iam/using-saml-for-enterprise-iam/enabling-encrypted-assertions.md +++ b/content/admin/managing-iam/using-saml-for-enterprise-iam/enabling-encrypted-assertions.md @@ -2,7 +2,7 @@ title: Enabling encrypted assertions shortTitle: Enable encrypted assertions intro: 'You can improve {% data variables.location.product_location %}''s security with SAML single sign-on (SSO) by encrypting the messages that your SAML identity provider (IdP) sends.' -permissions: 'Site administrators can configure encrypted assertions for a {% data variables.product.product_name %} instance.' +permissions: 'Site administrators' versions: ghes: '> 3.3' type: how_to @@ -19,11 +19,11 @@ redirect_from: ## About encrypted assertions -If your IdP support encryption of assertions, you can configure encrypted assertions on {% data variables.product.product_name %} for increased security during the authentication process. +If your IdP support encryption of assertions, you can configure encrypted assertions on {% data variables.product.prodname_ghe_server %} for increased security during the authentication process. ## Prerequisites -To enable encrypted assertions for authentication to {% data variables.product.product_name %}, you must configure SAML authentication, and your IdP must support encrypted assertions. +To enable encrypted assertions for authentication to {% data variables.product.prodname_ghe_server %}, you must configure SAML authentication, and your IdP must support encrypted assertions. ## Enabling encrypted assertions @@ -32,7 +32,7 @@ To enable encrypted assertions, you must provide {% data variables.location.prod > [!NOTE] > {% data reusables.enterprise.test-in-staging %} -1. Optionally, enable SAML debugging. SAML debugging records verbose entries in {% data variables.product.product_name %}'s authentication log, and may help you troubleshoot failed authentication attempts. For more information, see [AUTOTITLE](/admin/identity-and-access-management/using-saml-for-enterprise-iam/troubleshooting-saml-authentication#configuring-saml-debugging). +1. Optionally, enable SAML debugging. SAML debugging records verbose entries in {% data variables.product.prodname_ghe_server %}'s authentication log, and may help you troubleshoot failed authentication attempts. For more information, see [AUTOTITLE](/admin/identity-and-access-management/using-saml-for-enterprise-iam/troubleshooting-saml-authentication#configuring-saml-debugging). {% data reusables.enterprise_site_admin_settings.access-settings %} {% data reusables.enterprise_site_admin_settings.management-console %} {% data reusables.enterprise_management_console.authentication %} diff --git a/content/admin/managing-iam/using-saml-for-enterprise-iam/managing-team-synchronization-for-organizations-in-your-enterprise.md b/content/admin/managing-iam/using-saml-for-enterprise-iam/managing-team-synchronization-for-organizations-in-your-enterprise.md index e5f02f97092a..9c5c627a7e66 100644 --- a/content/admin/managing-iam/using-saml-for-enterprise-iam/managing-team-synchronization-for-organizations-in-your-enterprise.md +++ b/content/admin/managing-iam/using-saml-for-enterprise-iam/managing-team-synchronization-for-organizations-in-your-enterprise.md @@ -1,6 +1,6 @@ --- title: Managing team synchronization for organizations in your enterprise -intro: 'You can enable team synchronization between Microsoft Entra ID (previously known as Azure AD) and {% data variables.product.product_name %} to allow organizations owned by your enterprise account to manage team membership through IdP groups.' +intro: 'You can enable team synchronization between Microsoft Entra ID (previously known as Azure AD) and {% data variables.product.github %} to allow organizations owned by your enterprise account to manage team membership through IdP groups.' permissions: Enterprise owners can manage team synchronization for an enterprise account. versions: ghec: '*' diff --git a/content/admin/managing-iam/using-saml-for-enterprise-iam/troubleshooting-saml-authentication.md b/content/admin/managing-iam/using-saml-for-enterprise-iam/troubleshooting-saml-authentication.md index 18d950dfb593..450714d49a2f 100644 --- a/content/admin/managing-iam/using-saml-for-enterprise-iam/troubleshooting-saml-authentication.md +++ b/content/admin/managing-iam/using-saml-for-enterprise-iam/troubleshooting-saml-authentication.md @@ -22,16 +22,16 @@ redirect_from: ## About problems with SAML authentication -{% data variables.product.product_name %} logs error messages for failed SAML authentication in the systemd journal logs for the `github-unicorn` container. You can review responses in this log, and you can also configure more verbose logging. +{% data variables.product.prodname_ghe_server %} logs error messages for failed SAML authentication in the systemd journal logs for the `github-unicorn` container. You can review responses in this log, and you can also configure more verbose logging. For more information about SAML response requirements, see [AUTOTITLE](/admin/identity-and-access-management/using-saml-for-enterprise-iam/saml-configuration-reference#saml-response-requirements). ## Configuring SAML debugging -You can configure {% data variables.product.product_name %} to write verbose debug logs for every SAML authentication attempt. You may be able to troubleshoot failed authentication attempts with this extra output. +You can configure {% data variables.product.prodname_ghe_server %} to write verbose debug logs for every SAML authentication attempt. You may be able to troubleshoot failed authentication attempts with this extra output. > [!WARNING] -> * Only enable SAML debugging temporarily, and disable debugging immediately after you finish troubleshooting. If you leave debugging enabled, the size of the logs increases much faster than usual, which can negatively impact the performance of {% data variables.product.product_name %}. +> * Only enable SAML debugging temporarily, and disable debugging immediately after you finish troubleshooting. If you leave debugging enabled, the size of the logs increases much faster than usual, which can negatively impact the performance of {% data variables.product.prodname_ghe_server %}. > * Test new authentication settings for {% data variables.location.product_location %} in a staging environment before you apply the settings in your production environment. For more information, see [AUTOTITLE](/admin/installation/setting-up-a-github-enterprise-server-instance/setting-up-a-staging-instance). {% data reusables.enterprise-accounts.access-enterprise %} @@ -54,9 +54,9 @@ base64 --decode ENCODED_OUTPUT ## Error: "Another user already owns the account" -When a user signs into {% data variables.location.product_location %} for the first time with SAML authentication, {% data variables.product.product_name %} creates a user account on the instance and maps the SAML `NameID` and `nameid-format` to the account. +When a user signs into {% data variables.location.product_location %} for the first time with SAML authentication, {% data variables.product.github %} creates a user account on the instance and maps the SAML `NameID` and `nameid-format` to the account. -When the user signs in again, {% data variables.product.prodname_ghe_server %} compares the account's `NameID` and `nameid-format` mapping to the IdP's response. If the `NameID` or `nameid-format` in the IdP's response no longer matches the values that {% data variables.product.product_name %} expects for the user, the sign-in will fail. The user will see the following message. +When the user signs in again, {% data variables.product.prodname_ghe_server %} compares the account's `NameID` and `nameid-format` mapping to the IdP's response. If the `NameID` or `nameid-format` in the IdP's response no longer matches the values that {% data variables.product.github %} expects for the user, the sign-in will fail. The user will see the following message. > Another user already owns the account. Please have your administrator check the authentication log. @@ -84,7 +84,7 @@ If your IdP does not sign the SAML response, or the signature does not match the SAML Response is not signed or has been modified. ``` -Ensure that you configure signed assertions for the {% data variables.product.product_name %} application on your IdP. +Ensure that you configure signed assertions for the {% data variables.product.github %} application on your IdP. ## Error: "Audience is invalid" or "No assertion found" diff --git a/content/admin/managing-iam/using-saml-for-enterprise-iam/updating-a-users-saml-nameid.md b/content/admin/managing-iam/using-saml-for-enterprise-iam/updating-a-users-saml-nameid.md index 91429f186cd2..b1d5c4ac9227 100644 --- a/content/admin/managing-iam/using-saml-for-enterprise-iam/updating-a-users-saml-nameid.md +++ b/content/admin/managing-iam/using-saml-for-enterprise-iam/updating-a-users-saml-nameid.md @@ -17,13 +17,13 @@ redirect_from: ## About updates to users' SAML `NameID` -In some situations, you may need to update values associated with a person's account on your SAML IdP. If that identifier is also the `NameID` that you use for authentication on {% data variables.product.product_name %}, you must update the `NameID` mapping on your instance so the person can continue to authenticate successfully. For more information, see [AUTOTITLE](/admin/identity-and-access-management/managing-iam-for-your-enterprise/username-considerations-for-external-authentication). +In some situations, you may need to update values associated with a person's account on your SAML IdP. If that identifier is also the `NameID` that you use for authentication on {% data variables.product.github %}, you must update the `NameID` mapping on your instance so the person can continue to authenticate successfully. For more information, see [AUTOTITLE](/admin/identity-and-access-management/managing-iam-for-your-enterprise/username-considerations-for-external-authentication). To update user SAML `NameID` mappings in bulk, you can use the `ghe-saml-mapping-csv` command. For more information, see [AUTOTITLE](/admin/administering-your-instance/administering-your-instance-from-the-command-line/command-line-utilities#ghe-saml-mapping-csv). ## Updating a user's SAML `NameID` -Enterprise owners can update a user's SAML `NameID` on a {% data variables.product.product_name %} instance. +Enterprise owners can update a user's SAML `NameID` on a {% data variables.product.github %} instance. {% data reusables.enterprise_site_admin_settings.access-settings %} 1. In the left sidebar, click **All users**. diff --git a/content/admin/monitoring-activity-in-your-enterprise/analyzing-how-your-team-works-with-server-statistics/about-server-statistics.md b/content/admin/monitoring-activity-in-your-enterprise/analyzing-how-your-team-works-with-server-statistics/about-server-statistics.md index decb2a004366..3f8e99645166 100644 --- a/content/admin/monitoring-activity-in-your-enterprise/analyzing-how-your-team-works-with-server-statistics/about-server-statistics.md +++ b/content/admin/monitoring-activity-in-your-enterprise/analyzing-how-your-team-works-with-server-statistics/about-server-statistics.md @@ -58,7 +58,7 @@ The following aggregate metrics will be collected and transmitted on a daily bas | B | `host_name` | The hostname for your instance | | C | `dormant_users.dormancy_threshold` | The length of time a user must be inactive to be considered dormant | | D | `dormant_users.total_dormant_users` | Number of dormant user accounts | -| E | `ghes_version` | The version of {% data variables.product.product_name %} that your instance is running | +| E | `ghes_version` | The version of {% data variables.product.prodname_ghe_server %} that your instance is running | | F | `server_id` | The UUID generated for your instance | G | `collection_date` | The date the metrics were collected | | H | `schema_version` | The version of the database schema used to store this data | diff --git a/content/admin/monitoring-activity-in-your-enterprise/exploring-user-activity-in-your-enterprise/accessing-reports-for-your-instance.md b/content/admin/monitoring-activity-in-your-enterprise/exploring-user-activity-in-your-enterprise/accessing-reports-for-your-instance.md index 92e042404a53..ce3ae7405020 100644 --- a/content/admin/monitoring-activity-in-your-enterprise/exploring-user-activity-in-your-enterprise/accessing-reports-for-your-instance.md +++ b/content/admin/monitoring-activity-in-your-enterprise/exploring-user-activity-in-your-enterprise/accessing-reports-for-your-instance.md @@ -9,15 +9,15 @@ topics: - Enterprise --- -## About reports for {% data variables.product.product_name %} +## About reports for {% data variables.product.prodname_ghe_server %} If you need to get information about the users, organizations, and repositories on {% data variables.location.product_location %}, you can fetch data using the REST API. For more information, see [AUTOTITLE](/rest/about-the-rest-api/about-the-rest-api). The REST API might not provide all of the data that you want, and requires some technical expertise to use. Alternatively, you can reports containing overviews of users, organizations, and repositories on your instance. ## Downloading reports using the web UI - -1. From an administrative account on {% data variables.product.product_name %}, in the upper-right corner of any page, click {% octicon "rocket" aria-label="Site admin" %}. + +1. From an administrative account on {% data variables.product.prodname_ghe_server %}, in the upper-right corner of any page, click {% octicon "rocket" aria-label="Site admin" %}. 1. In the left sidebar, click **Reports**. 1. Next to the report you want to download, click **Download**. diff --git a/content/admin/monitoring-activity-in-your-enterprise/exploring-user-activity-in-your-enterprise/activity-dashboard.md b/content/admin/monitoring-activity-in-your-enterprise/exploring-user-activity-in-your-enterprise/activity-dashboard.md index a28ef6c610df..5dc82b0324f4 100644 --- a/content/admin/monitoring-activity-in-your-enterprise/exploring-user-activity-in-your-enterprise/activity-dashboard.md +++ b/content/admin/monitoring-activity-in-your-enterprise/exploring-user-activity-in-your-enterprise/activity-dashboard.md @@ -31,7 +31,7 @@ The Activity dashboard provides weekly, monthly, and yearly graphs of the number {% ifversion global-nav-update %} 1. In the top-left corner of any page, select {% octicon "three-bars" aria-label="Open global navigation menu" %}, then click **{% octicon "telescope" aria-hidden="true" %} Explore**. - ![Screenshot of the navigation bar on {% data variables.product.product_name %}. The "Open global navigation menu" icon is outlined in dark orange.](/assets/images/help/navigation/global-navigation-menu-icon.png) + ![Screenshot of the navigation bar on {% data variables.product.github %}. The "Open global navigation menu" icon is outlined in dark orange.](/assets/images/help/navigation/global-navigation-menu-icon.png) {% else %} 1. At the top of any page, click **Explore**. diff --git a/content/admin/monitoring-activity-in-your-enterprise/exploring-user-activity-in-your-enterprise/log-forwarding.md b/content/admin/monitoring-activity-in-your-enterprise/exploring-user-activity-in-your-enterprise/log-forwarding.md index 905baa474327..c93b8828b3df 100644 --- a/content/admin/monitoring-activity-in-your-enterprise/exploring-user-activity-in-your-enterprise/log-forwarding.md +++ b/content/admin/monitoring-activity-in-your-enterprise/exploring-user-activity-in-your-enterprise/log-forwarding.md @@ -1,6 +1,6 @@ --- title: Log forwarding -intro: '{% data variables.product.product_name %} uses `syslog-ng` to forward system and application logs to the server you specify.' +intro: '{% data variables.product.prodname_ghe_server %} uses `syslog-ng` to forward system and application logs to the server you specify.' redirect_from: - /enterprise/admin/articles/log-forwarding - /enterprise/admin/installation/log-forwarding diff --git a/content/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/about-the-audit-log-for-your-enterprise.md b/content/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/about-the-audit-log-for-your-enterprise.md index 7231a6202929..30547cf7e7d0 100644 --- a/content/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/about-the-audit-log-for-your-enterprise.md +++ b/content/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/about-the-audit-log-for-your-enterprise.md @@ -1,6 +1,6 @@ --- title: About the audit log for your enterprise -intro: 'To support debugging and internal and external compliance, {% data variables.product.product_name %} provides logs of audited{% ifversion ghes %} system,{% endif %} user, organization, and repository events.' +intro: 'To support debugging and internal and external compliance, {% data variables.product.github %} provides logs of audited{% ifversion ghes %} system,{% endif %} user, organization, and repository events.' shortTitle: About audit logs redirect_from: - /enterprise/admin/articles/audit-logging diff --git a/content/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/displaying-ip-addresses-in-the-audit-log-for-your-enterprise.md b/content/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/displaying-ip-addresses-in-the-audit-log-for-your-enterprise.md index b834319fe592..c311c0efa5b8 100644 --- a/content/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/displaying-ip-addresses-in-the-audit-log-for-your-enterprise.md +++ b/content/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/displaying-ip-addresses-in-the-audit-log-for-your-enterprise.md @@ -16,7 +16,7 @@ topics: ## About display of IP addresses in the audit log -By default, {% data variables.product.product_name %} does not display the source IP address for events in your enterprise's audit log. {% data reusables.audit_log.about-ip-display %} +By default, {% data variables.product.github %} does not display the source IP address for events in your enterprise's audit log. {% data reusables.audit_log.about-ip-display %} You are responsible for meeting any legal obligations that accompany the viewing or storage of IP addresses displayed within your enterprise's audit log. @@ -28,9 +28,9 @@ You can display IP addresses in the audit log regardless of which authentication ## Events that display IP addresses in the audit log -{% data variables.product.product_name %} displays an IP address in the audit log when a member of the enterprise interacts with a resource owned by your enterprise or an organization in your enterprise. For example, you will see an IP address for audited events involving an internal or private repository owned by an organization in your enterprise, or resources associated with those repositories, such as an issue, pull request, action, or project. +{% data variables.product.github %} displays an IP address in the audit log when a member of the enterprise interacts with a resource owned by your enterprise or an organization in your enterprise. For example, you will see an IP address for audited events involving an internal or private repository owned by an organization in your enterprise, or resources associated with those repositories, such as an issue, pull request, action, or project. -If members of your enterprise access {% data variables.location.product_location %} with personal accounts that they manage, because you do not use {% data variables.product.prodname_emus %}, {% data variables.product.product_name %} does not display an event or IP address in the audit log for the following actions. +If members of your enterprise access {% data variables.location.product_location %} with personal accounts that they manage, because you do not use {% data variables.product.prodname_emus %}, {% data variables.product.github %} does not display an event or IP address in the audit log for the following actions. * Authentication to {% data variables.location.product_location %} * Interactions with a resource owned by the personal account, including a repository, gist, or project diff --git a/content/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/exporting-audit-log-activity-for-your-enterprise.md b/content/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/exporting-audit-log-activity-for-your-enterprise.md index 706d39d1c00e..e880b819ec39 100644 --- a/content/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/exporting-audit-log-activity-for-your-enterprise.md +++ b/content/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/exporting-audit-log-activity-for-your-enterprise.md @@ -14,7 +14,7 @@ topics: ## About exports of audit log and Git events data -You can export the audit log by downloading a JSON or CSV file from your enterprise on {% data variables.product.product_name %}. When you export audit log events, you can query by one or more of these supported qualifiers to filter for specific log events to export. See [AUTOTITLE](/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/searching-the-audit-log-for-your-enterprise#search-based-on-the-action-performed). +You can export the audit log by downloading a JSON or CSV file from your enterprise on {% data variables.product.github %}. When you export audit log events, you can query by one or more of these supported qualifiers to filter for specific log events to export. See [AUTOTITLE](/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/searching-the-audit-log-for-your-enterprise#search-based-on-the-action-performed). The audit log lists events triggered by activities that affect your enterprise within the last 180 days. {% data reusables.audit_log.git-events-retention-period %} @@ -24,7 +24,7 @@ You can export Git events data by downloading a JSON file from your enterprise a {% data reusables.audit_log.exported-log-keys-and-values %} -As an alternative to exporting log events, you can use the API to retrieve audit log events, or set up {% data variables.product.product_name %} to stream audit data as events are logged. For more information, see [AUTOTITLE](/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/using-the-audit-log-api-for-your-enterprise) and [AUTOTITLE](/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/streaming-the-audit-log-for-your-enterprise). +As an alternative to exporting log events, you can use the API to retrieve audit log events, or set up {% data variables.product.github %} to stream audit data as events are logged. For more information, see [AUTOTITLE](/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/using-the-audit-log-api-for-your-enterprise) and [AUTOTITLE](/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/streaming-the-audit-log-for-your-enterprise). ## Exporting audit log data diff --git a/content/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/searching-the-audit-log-for-your-enterprise.md b/content/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/searching-the-audit-log-for-your-enterprise.md index e665c2520ef5..ec62b98e824b 100644 --- a/content/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/searching-the-audit-log-for-your-enterprise.md +++ b/content/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/searching-the-audit-log-for-your-enterprise.md @@ -29,7 +29,7 @@ For more information about viewing your enterprise audit log, see [AUTOTITLE](/a You can also use the API to retrieve audit log events. For more information, see [AUTOTITLE](/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/using-the-audit-log-api-for-your-enterprise). -You cannot search for entries using text. You can, however, construct search queries using a variety of filters. Many operators used when querying the log, such as `-`, `>`, or `<`, match the same format as searching across {% data variables.product.product_name %}. For more information, see [AUTOTITLE](/search-github/getting-started-with-searching-on-github/about-searching-on-github). +You cannot search for entries using text. You can, however, construct search queries using a variety of filters. Many operators used when querying the log, such as `-`, `>`, or `<`, match the same format as searching across {% data variables.product.github %}. For more information, see [AUTOTITLE](/search-github/getting-started-with-searching-on-github/about-searching-on-github). > [!NOTE] > {% data reusables.audit_log.retention-periods %} diff --git a/content/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/streaming-the-audit-log-for-your-enterprise.md b/content/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/streaming-the-audit-log-for-your-enterprise.md index 6060e159d5bc..e602d73a0056 100644 --- a/content/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/streaming-the-audit-log-for-your-enterprise.md +++ b/content/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/streaming-the-audit-log-for-your-enterprise.md @@ -65,7 +65,7 @@ To set up the audit log stream, follow the instructions for your provider: {% ifversion ghec %} ->[!NOTE] To get a list of IP address ranges that {% data variables.product.prodname_dotcom %} uses for connections to the streaming endpoint, use the REST API. The `meta` endpoint for {% data variables.product.product_name %} includes a `hooks` key with a list of the IP addresses. See [AUTOTITLE](/rest/meta/meta#get-github-enterprise-cloud-meta-information). +>[!NOTE] To get a list of IP address ranges that {% data variables.product.prodname_dotcom %} uses for connections to the streaming endpoint, use the REST API. The `meta` endpoint for {% data variables.product.prodname_dotcom_the_website %} includes a `hooks` key with a list of the IP addresses. See [AUTOTITLE](/rest/meta/meta#get-github-enterprise-cloud-meta-information). {% endif %} @@ -88,7 +88,7 @@ You can stream audit logs to multiple endpoints. For example, you can stream you {% endif %} {% ifversion streaming-oidc-s3 %} -You can set up streaming to S3 with access keys or, to avoid storing long-lived secrets in {% data variables.product.product_name %}, with OpenID Connect (OIDC). +You can set up streaming to S3 with access keys or, to avoid storing long-lived secrets on {% data variables.product.github %}, with OpenID Connect (OIDC). * [Setting up streaming to S3 with access keys](#setting-up-streaming-to-s3-with-access-keys) * [Setting up streaming to S3 with OpenID Connect](#setting-up-streaming-to-s3-with-openid-connect) @@ -232,7 +232,7 @@ From {% data variables.product.prodname_dotcom %}: ### Setting up streaming to Datadog -To set up streaming to Datadog, create a client token or an API key in Datadog, then configure audit log streaming in {% data variables.product.product_name %} using the token for authentication. You do not need to create a bucket or other storage container in Datadog. +To set up streaming to Datadog, create a client token or an API key in Datadog, then configure audit log streaming in {% data variables.product.github %} using the token for authentication. You do not need to create a bucket or other storage container in Datadog. After you set up streaming to Datadog, you can see your audit log data by filtering by "github.audit.streaming." See [Log Management](https://docs.datadoghq.com/logs/). @@ -248,7 +248,7 @@ After you set up streaming to Datadog, you can see your audit log data by filter ### Setting up streaming to Google Cloud Storage -To set up streaming to Google Cloud Storage, create a service account in Google Cloud with the appropriate credentials and permissions, then configure audit log streaming in {% data variables.product.product_name %} using the service account's credentials for authentication. +To set up streaming to Google Cloud Storage, create a service account in Google Cloud with the appropriate credentials and permissions, then configure audit log streaming in {% data variables.product.github %} using the service account's credentials for authentication. 1. Create a service account for Google Cloud. You do not need to set access controls or IAM roles for this account. See [Creating and managing service accounts](https://cloud.google.com/iam/docs/creating-managing-service-accounts#creating) in the Google Cloud documentation. 1. Create a JSON key for the service account, and store the key securely. See [Creating and managing service account keys](https://cloud.google.com/iam/docs/creating-managing-service-account-keys#creating) in the Google Cloud documentation. diff --git a/content/admin/monitoring-and-managing-your-instance/configuring-clustering/replacing-a-cluster-node.md b/content/admin/monitoring-and-managing-your-instance/configuring-clustering/replacing-a-cluster-node.md index 2b5eb1eb84d9..2824a64565d8 100644 --- a/content/admin/monitoring-and-managing-your-instance/configuring-clustering/replacing-a-cluster-node.md +++ b/content/admin/monitoring-and-managing-your-instance/configuring-clustering/replacing-a-cluster-node.md @@ -191,13 +191,13 @@ If you want to provide the VM for your primary MySQL node with more resources, o > [!WARNING] > If you do not wait for MySQL replication to finish, you risk data loss on your instance. -1. To set the current MySQL primary node to read-only mode, run the following command from of the instance's nodes. +1. To set the current MySQL primary node to read-only mode, run the following command from the MySQL primary node. ```shell copy echo "SET GLOBAL super_read_only = 1;" | sudo mysql ``` -1. Wait until Global Transaction Identifiers (GTIDs) set on the primary and replica MySQL nodes are identical. To check the GTIDs, run the following command from any of the instance's nodes. +1. Wait until Global Transaction Identifiers (GTIDs) set on the primary and replica MySQL nodes are identical. To check the GTIDs, run the following command from any cluster node. ```shell copy ghe-cluster-each -r mysql -- 'echo "SELECT @@global.gtid_executed;" | sudo mysql' diff --git a/content/admin/overview/about-github-enterprise-cloud.md b/content/admin/overview/about-github-enterprise-cloud.md index 7f3fa4285f0f..abd20cf8ad68 100644 --- a/content/admin/overview/about-github-enterprise-cloud.md +++ b/content/admin/overview/about-github-enterprise-cloud.md @@ -20,11 +20,11 @@ topics: * {% data variables.product.company_short %}'s compliance reports * The option to host your company's data in a specific region, on a unique subdomain -For a full list of features included with {% data variables.product.product_name %}, see our [Pricing](https://github.com/pricing) page. +For a full list of features included with {% data variables.product.prodname_ghe_cloud %}, see our [Pricing](https://github.com/pricing) page. -## What are the differences between {% data variables.product.product_name %} and other plans? +## What are the differences between {% data variables.product.prodname_ghe_cloud %} and other plans? -A key difference between {% data variables.product.product_name %} and other {% data variables.product.prodname_dotcom %} plans is access to an enterprise account, which gives administrators a central point for managing multiple organizations. See [AUTOTITLE](/admin/overview/about-enterprise-accounts). +A key difference between {% data variables.product.prodname_ghe_cloud %} and other {% data variables.product.prodname_dotcom %} plans is access to an enterprise account, which gives administrators a central point for managing multiple organizations. See [AUTOTITLE](/admin/overview/about-enterprise-accounts). {% data reusables.enterprise.ghe-includes-ghec-and-ghes %} For more information about {% data variables.product.prodname_ghe_server %} and how it differs from {% data variables.product.prodname_ghe_cloud %}, see [AUTOTITLE](/admin/overview/about-github-for-enterprises#about-deployment-options). @@ -32,16 +32,16 @@ A key difference between {% data variables.product.product_name %} and other {% ## About documentation -Documentation for both administrators and users of {% data variables.product.product_name %} is available on this site, {% data variables.product.prodname_docs %}. +Documentation for both administrators and users of {% data variables.product.prodname_ghe_cloud %} is available on this site, {% data variables.product.prodname_docs %}. * [Enterprise administrator documentation](/admin) * [User documentation](/) {% data reusables.docs.ghec-docs %} -## Can I try {% data variables.product.product_name %}? +## Can I try {% data variables.product.prodname_ghe_cloud %}? -You can sign up for a free, 30-day trial of {% data variables.product.product_name %} on {% data variables.product.prodname_dotcom_the_website %}. See [AUTOTITLE](/admin/overview/setting-up-a-trial-of-github-enterprise-cloud). +You can sign up for a free, 30-day trial of {% data variables.product.prodname_ghe_cloud %} on {% data variables.product.prodname_dotcom_the_website %}. See [AUTOTITLE](/admin/overview/setting-up-a-trial-of-github-enterprise-cloud). If you require {% data variables.enterprise.data_residency_short %}, contact {% data variables.contact.contact_enterprise_sales %}. diff --git a/content/admin/overview/about-github-enterprise-server.md b/content/admin/overview/about-github-enterprise-server.md index 1e4f4c160a39..3c70b8d9b93e 100644 --- a/content/admin/overview/about-github-enterprise-server.md +++ b/content/admin/overview/about-github-enterprise-server.md @@ -1,6 +1,6 @@ --- title: About GitHub Enterprise Server -intro: 'Find out if {% data variables.product.product_name %} is right for your business.' +intro: 'Find out if {% data variables.product.prodname_ghe_server %} is right for your business.' versions: ghes: '*' type: overview @@ -11,32 +11,32 @@ topics: {% data reusables.enterprise.ghes-is-a-self-hosted-platform %} Your business can benefit from increased control and avoid issues associated the public cloud, while your developers can benefit from familiar features and workflows from {% data variables.product.prodname_dotcom_the_website %}. -{% data variables.product.product_name %} is suitable for enterprises that are subject to regulatory compliance. It runs on your infrastructure and is governed by access and security controls that you define, such as firewalls, network policies, IAM, monitoring, and VPNs. +{% data variables.product.prodname_ghe_server %} is suitable for enterprises that are subject to regulatory compliance. It runs on your infrastructure and is governed by access and security controls that you define, such as firewalls, network policies, IAM, monitoring, and VPNs. If your main compliance requirement is for your company's data to reside in a specific region, you may want to consider {% data variables.enterprise.data_residency %}. With this option, you won't need to schedule downtime for maintenance or upgrades, and your users will have access to the latest features from {% data variables.product.prodname_dotcom_the_website %}, such as {% data variables.product.prodname_copilot %}. See [AUTOTITLE](/enterprise-cloud@latest/admin/data-residency/about-github-enterprise-cloud-with-data-residency) in the {% data variables.product.prodname_ghe_cloud %} documentation. -{% data variables.product.product_name %} is a deployment option for the {% data variables.product.prodname_enterprise %} plan. To learn about available features and assess other deployment options, see [AUTOTITLE](/admin/overview/about-github-for-enterprises). +{% data variables.product.prodname_ghe_server %} is a deployment option for the {% data variables.product.prodname_enterprise %} plan. To learn about available features and assess other deployment options, see [AUTOTITLE](/admin/overview/about-github-for-enterprises). ## Features and releases {% data reusables.enterprise.constantly-improving %} -Most features are released on {% data variables.product.prodname_dotcom_the_website %} first, then come to {% data variables.product.product_name %} through the release process. You can see which features we're working on in the [{% data variables.product.prodname_roadmap %}]({% data variables.product.prodname_roadmap_link %}). +Most features are released on {% data variables.product.prodname_dotcom_the_website %} first, then come to {% data variables.product.prodname_ghe_server %} through the release process. You can see which features we're working on in the [{% data variables.product.prodname_roadmap %}]({% data variables.product.prodname_roadmap_link %}). ### Optional features -You can also configure optional features on {% data variables.product.product_name %} to improve the software development lifecycle for your enterprise. +You can also configure optional features on {% data variables.product.prodname_ghe_server %} to improve the software development lifecycle for your enterprise. * **{% data variables.product.prodname_actions %}:** Automate CI/CD and development workflows * **{% data variables.product.prodname_GH_advanced_security %}:** Scan code for secrets and vulnerabilities * **{% data variables.product.prodname_github_connect %}:** Benefit from data and features on {% data variables.product.prodname_dotcom_the_website %} * **{% data variables.product.prodname_registry %}:** Host software packages for your enterprise -## How do I deploy {% data variables.product.product_name %}? +## How do I deploy {% data variables.product.prodname_ghe_server %}? {% data reusables.enterprise.github-distributes-ghes %} Installing third-party software or making changes to the underlying operating system is not supported. -You can deploy {% data variables.product.product_name %} to a virtualization hypervisor within your on-premises datacenter, or to a public cloud service. +You can deploy {% data variables.product.prodname_ghe_server %} to a virtualization hypervisor within your on-premises datacenter, or to a public cloud service. ### Supported on-premises hypervisors @@ -52,7 +52,7 @@ You can deploy {% data variables.product.product_name %} to a virtualization hyp ## Administrative options -You can give certain employees administrative access to your {% data variables.product.product_name %} instance. {% data variables.product.company_short %} has found that people with Linux administration experience are more successful with deployment and maintenance. +You can give certain employees administrative access to your {% data variables.product.prodname_ghe_server %} instance. {% data variables.product.company_short %} has found that people with Linux administration experience are more successful with deployment and maintenance. Administrators can: @@ -62,7 +62,7 @@ Administrators can: ## Backups and availability -{% data variables.product.product_name %} provides options for safeguarding against data loss or service disruptions. +{% data variables.product.prodname_ghe_server %} provides options for safeguarding against data loss or service disruptions. * To back up configuration and user data, you can take regular snapshots of your instance using our Backup Utilities system. * To increase reliability, you can configure a passive replica instance to fail over to in the event of a system or network failure. @@ -70,6 +70,6 @@ Administrators can: ## Getting started -You can sign up for a free, 45-day trial of {% data variables.product.product_name %}. See [AUTOTITLE](/admin/overview/setting-up-a-trial-of-github-enterprise-server). +You can sign up for a free, 45-day trial of {% data variables.product.prodname_ghe_server %}. See [AUTOTITLE](/admin/overview/setting-up-a-trial-of-github-enterprise-server). If you're ready to get started with a production instance, see [AUTOTITLE](/get-started/onboarding/getting-started-with-github-enterprise-server). diff --git a/content/admin/overview/about-the-github-enterprise-api.md b/content/admin/overview/about-the-github-enterprise-api.md index d5cda1079df7..75a41eb8d57b 100644 --- a/content/admin/overview/about-the-github-enterprise-api.md +++ b/content/admin/overview/about-the-github-enterprise-api.md @@ -1,6 +1,6 @@ --- title: About the GitHub Enterprise API -intro: '{% data variables.product.product_name %} supports REST and GraphQL APIs.' +intro: '{% data variables.product.prodname_ghe_server %} supports REST and GraphQL APIs.' redirect_from: - /enterprise/admin/installation/about-the-github-enterprise-server-api - /enterprise/admin/articles/about-the-enterprise-api diff --git a/content/admin/overview/about-upgrades-to-new-releases.md b/content/admin/overview/about-upgrades-to-new-releases.md index f1f3ec58a4cf..f8fb94877f76 100644 --- a/content/admin/overview/about-upgrades-to-new-releases.md +++ b/content/admin/overview/about-upgrades-to-new-releases.md @@ -44,7 +44,7 @@ Between feature releases, you can benefit from patch releases, which: There are two ways to upgrade {% data variables.product.prodname_ghe_server %}: -* To set up a **completely new {% data variables.product.product_name %} instance** and configure the instance however you like, see [AUTOTITLE](/admin/installation/setting-up-a-github-enterprise-server-instance) and [AUTOTITLE](/admin/configuration/configuring-your-enterprise). +* To set up a **completely new {% data variables.product.prodname_ghe_server %} instance** and configure the instance however you like, see [AUTOTITLE](/admin/installation/setting-up-a-github-enterprise-server-instance) and [AUTOTITLE](/admin/configuration/configuring-your-enterprise). * To upgrade your **existing instance** to a new release, see [AUTOTITLE](/admin/upgrading-your-instance/preparing-to-upgrade/overview-of-the-upgrade-process). ## Further reading diff --git a/content/admin/overview/best-practices-for-enterprises.md b/content/admin/overview/best-practices-for-enterprises.md index af9d0587dc66..9e397b8a927d 100644 --- a/content/admin/overview/best-practices-for-enterprises.md +++ b/content/admin/overview/best-practices-for-enterprises.md @@ -16,7 +16,7 @@ topics: ## Choose an enterprise type -Before you start using {% data variables.product.product_name %}, you must choose a type of enterprise. {% data reusables.enterprise.ghec-authentication-options %} +Before you start using {% data variables.product.prodname_ghe_cloud %}, you must choose a type of enterprise. {% data reusables.enterprise.ghec-authentication-options %} For help identifying the type of enterprise that will best meet your needs, see [AUTOTITLE](/admin/identity-and-access-management/understanding-iam-for-enterprises/choosing-an-enterprise-type-for-github-enterprise-cloud). diff --git a/content/admin/overview/index.md b/content/admin/overview/index.md index de217c07539f..e455928d3794 100644 --- a/content/admin/overview/index.md +++ b/content/admin/overview/index.md @@ -1,6 +1,6 @@ --- title: Overview -intro: 'You can learn about {% data variables.product.product_name %} and manage{% ifversion ghes %} accounts and access, licenses, and{% endif %} billing.' +intro: 'Learn about {% data variables.product.prodname_enterprise %} products and manage{% ifversion ghes %} accounts and access, licenses, and{% endif %} billing.' redirect_from: - /enterprise/admin/overview versions: diff --git a/content/admin/overview/system-overview.md b/content/admin/overview/system-overview.md index 469196b0d9af..ba4936a531ec 100644 --- a/content/admin/overview/system-overview.md +++ b/content/admin/overview/system-overview.md @@ -1,6 +1,6 @@ --- title: System overview -intro: 'Learn more about {% data variables.product.product_name %}''s system internals, functionality, and security.' +intro: 'Learn more about {% data variables.product.prodname_ghe_server %}''s system internals, functionality, and security.' redirect_from: - /enterprise/admin/installation/system-overview - /enterprise/admin/overview/system-overview @@ -15,19 +15,19 @@ topics: - Storage --- -## About {% data variables.product.product_name %} +## About {% data variables.product.prodname_ghe_server %} {% data reusables.enterprise.ghes-is-a-self-hosted-platform %} {% data reusables.enterprise.github-distributes-ghes %} For more information, see [AUTOTITLE](/admin/overview/about-github-enterprise-server). ## Storage architecture -{% data variables.product.product_name %} requires two storage volumes, one mounted to the _root filesystem_ path (`/`) and the other to the _user filesystem_ path (`/data/user`). This architecture simplifies the upgrade, rollback, and recovery procedures by separating the running software environment from persistent application data. +{% data variables.product.prodname_ghe_server %} requires two storage volumes, one mounted to the _root filesystem_ path (`/`) and the other to the _user filesystem_ path (`/data/user`). This architecture simplifies the upgrade, rollback, and recovery procedures by separating the running software environment from persistent application data. -The root filesystem is included in the distributed machine image. It contains the base operating system and the {% data variables.product.product_name %} application environment. The root filesystem should be treated as ephemeral. Any data on the root filesystem will be replaced when upgrading to future {% data variables.product.product_name %} releases. +The root filesystem is included in the distributed machine image. It contains the base operating system and the {% data variables.product.prodname_ghe_server %} application environment. The root filesystem should be treated as ephemeral. Any data on the root filesystem will be replaced when upgrading to future {% data variables.product.prodname_ghe_server %} releases. The root storage volume is split into two equally-sized partitions. One of the partitions will be mounted as the root filesystem (`/`). The other partition is only mounted during upgrades and rollbacks of upgrades as `/mnt/upgrade`, to facilitate easier rollbacks if necessary. For example, if a {% ifversion ghes > 3.14 %}400GB root volume is allocated, there will be 200GB allocated to the root filesystem and 200GB{% else %}200GB root volume is allocated, there will be 100GB allocated to the root filesystem and 100GB{% endif %} reserved for the upgrades and rollbacks. -{% ifversion ghes > 3.13 %}In new installations of 3.14 and later, the root storage volume is split into four partitions. Two small partitions are for the supported boot modes (BIOS and UEFI), and the other two equally large partitions are for the {% data variables.product.product_name %} primary, and upgrades and rollbacks.{% endif %} +{% ifversion ghes > 3.13 %}In new installations of 3.14 and later, the root storage volume is split into four partitions. Two small partitions are for the supported boot modes (BIOS and UEFI), and the other two equally large partitions are for the {% data variables.product.prodname_ghe_server %} primary, and upgrades and rollbacks.{% endif %} The root filesystem contains files that store the following information. This list is not exhaustive. @@ -47,7 +47,7 @@ The user filesystem contains files that store following configuration and data. ## Deployment topologies -By default, {% data variables.product.product_name %} runs as a standalone instance. You can increase the reliability and performance of {% data variables.product.product_name %} by using a different topology for your deployment. +By default, {% data variables.product.prodname_ghe_server %} runs as a standalone instance. You can increase the reliability and performance of {% data variables.product.prodname_ghe_server %} by using a different topology for your deployment. * To mitigate the impact of system or network failures, you can deploy a passive replica instance. During an outage that affects your primary instance, you can manually fail over to the replica instance. For more information, see [AUTOTITLE](/admin/enterprise-management/configuring-high-availability/about-high-availability-configuration). * You can configure multiple active replicas to improve performance for developers who are geographically distant from your primary instance. For more information, see [AUTOTITLE](/admin/enterprise-management/configuring-high-availability/about-geo-replication). @@ -56,9 +56,9 @@ By default, {% data variables.product.product_name %} runs as a standalone insta ## Data retention and datacenter redundancy > [!WARNING] -> Before using {% data variables.product.product_name %} in a production environment, we strongly recommend you set up backups and a disaster recovery plan. +> Before using {% data variables.product.prodname_ghe_server %} in a production environment, we strongly recommend you set up backups and a disaster recovery plan. -{% data variables.product.product_name %} includes support for online and incremental backups with {% data variables.product.prodname_enterprise_backup_utilities %}. You can take incremental snapshots over a secure network link (the SSH administrative port) over long distances for off-site or geographically dispersed storage. You can restore snapshots over the network into a newly provisioned instance at time of recovery in case of disaster at the primary datacenter. +{% data variables.product.prodname_ghe_server %} includes support for online and incremental backups with {% data variables.product.prodname_enterprise_backup_utilities %}. You can take incremental snapshots over a secure network link (the SSH administrative port) over long distances for off-site or geographically dispersed storage. You can restore snapshots over the network into a newly provisioned instance at time of recovery in case of disaster at the primary datacenter. In addition to network backups, both AWS (EBS) and VMware disk snapshots of the user storage volumes are supported while the instance is offline or in maintenance mode. Regular volume snapshots can be used as a low-cost, low-complexity alternative to network backups with {% data variables.product.prodname_enterprise_backup_utilities %} if your service level requirements allow for regular offline maintenance. @@ -68,7 +68,7 @@ For more information, see [AUTOTITLE](/admin/configuration/configuring-your-ente {% data reusables.enterprise.ghes-runs-on-your-infrastructure %} -{% data variables.product.product_name %} also includes additional security features. +{% data variables.product.prodname_ghe_server %} also includes additional security features. * [Operating system, software, and patches](#operating-system-software-and-patches) * [Network security](#network-security) @@ -81,31 +81,31 @@ For more information, see [AUTOTITLE](/admin/configuration/configuring-your-ente ### Operating system, software, and patches -{% data variables.product.product_name %} runs a customized Linux operating system with only the necessary applications and services. {% data variables.product.company_short %} distributes patches for the instance's core operating system as part of its standard product release cycle. Patches address functionality, stability, and non-critical security issues for {% data variables.product.product_name %}. {% data variables.product.company_short %} also provides critical security patches as needed outside of the regular release cycle. +{% data variables.product.prodname_ghe_server %} runs a customized Linux operating system with only the necessary applications and services. {% data variables.product.company_short %} distributes patches for the instance's core operating system as part of its standard product release cycle. Patches address functionality, stability, and non-critical security issues for {% data variables.product.prodname_ghe_server %}. {% data variables.product.company_short %} also provides critical security patches as needed outside of the regular release cycle. -{% data variables.product.product_name %} is provided as an appliance, and many of the operating system packages are modified compared to the usual {% ifversion ghes > 3.10 %}Ubuntu{% else %}Debian{% endif %} distribution. We do not support modifying the underlying operating system for this reason (including operating system upgrades), which is aligned with the [{% data variables.product.prodname_ghe_server %} license and support agreement](https://enterprise.github.com/license), under section 11.3 Exclusions. +{% data variables.product.prodname_ghe_server %} is provided as an appliance, and many of the operating system packages are modified compared to the usual {% ifversion ghes > 3.10 %}Ubuntu{% else %}Debian{% endif %} distribution. We do not support modifying the underlying operating system for this reason (including operating system upgrades), which is aligned with the [{% data variables.product.prodname_ghe_server %} license and support agreement](https://enterprise.github.com/license), under section 11.3 Exclusions. -Currently, the base operating system for {% data variables.product.product_name %} is {% ifversion ghes > 3.10 %}Ubuntu 20 (Focal Fossa){% else %}Debian 10 (Buster), which receives support under the Debian Long Term Support program{% endif %}. +Currently, the base operating system for {% data variables.product.prodname_ghe_server %} is {% ifversion ghes > 3.10 %}Ubuntu 20 (Focal Fossa){% else %}Debian 10 (Buster), which receives support under the Debian Long Term Support program{% endif %}. -Regular patch updates are released on the {% data variables.product.product_name %} [releases](https://enterprise.github.com/releases) page, and the [release notes](/admin/release-notes) page provides more information. These patches typically contain upstream vendor and project security patches after they've been tested and quality approved by our engineering team. There can be a slight time delay from when the upstream update is released to when it's tested and bundled in an upcoming {% data variables.product.product_name %} patch release. +Regular patch updates are released on the {% data variables.product.prodname_ghe_server %} [releases](https://enterprise.github.com/releases) page, and the [release notes](/admin/release-notes) page provides more information. These patches typically contain upstream vendor and project security patches after they've been tested and quality approved by our engineering team. There can be a slight time delay from when the upstream update is released to when it's tested and bundled in an upcoming {% data variables.product.prodname_ghe_server %} patch release. ### Network security -{% data variables.product.product_name %}'s internal firewall restricts network access to the instance's services. Only services necessary for the appliance to function are available over the network. For more information, see [AUTOTITLE](/admin/configuration/configuring-network-settings/network-ports). +{% data variables.product.prodname_ghe_server %}'s internal firewall restricts network access to the instance's services. Only services necessary for the appliance to function are available over the network. For more information, see [AUTOTITLE](/admin/configuration/configuring-network-settings/network-ports). ### Application security -{% data variables.product.company_short %}'s application security team focuses full-time on vulnerability assessment, penetration testing, and code review for {% data variables.product.company_short %} products, including {% data variables.product.product_name %}. {% data variables.product.company_short %} also contracts with outside security firms to provide point-in-time security assessments of {% data variables.product.company_short %} products. +{% data variables.product.company_short %}'s application security team focuses full-time on vulnerability assessment, penetration testing, and code review for {% data variables.product.company_short %} products, including {% data variables.product.prodname_ghe_server %}. {% data variables.product.company_short %} also contracts with outside security firms to provide point-in-time security assessments of {% data variables.product.company_short %} products. ### External services and support access -{% data variables.product.product_name %} can operate without any egress access from your network to outside services. You can optionally enable integration with external services for email delivery, external monitoring, and log forwarding. For more information, see [AUTOTITLE](/admin/configuration/configuring-your-enterprise/configuring-email-for-notifications), [AUTOTITLE](/admin/enterprise-management/monitoring-your-appliance/setting-up-external-monitoring), and [AUTOTITLE](/admin/monitoring-activity-in-your-enterprise/exploring-user-activity/log-forwarding). +{% data variables.product.prodname_ghe_server %} can operate without any egress access from your network to outside services. You can optionally enable integration with external services for email delivery, external monitoring, and log forwarding. For more information, see [AUTOTITLE](/admin/configuration/configuring-your-enterprise/configuring-email-for-notifications), [AUTOTITLE](/admin/enterprise-management/monitoring-your-appliance/setting-up-external-monitoring), and [AUTOTITLE](/admin/monitoring-activity-in-your-enterprise/exploring-user-activity/log-forwarding). You can manually collect and send troubleshooting data to {% data variables.contact.github_support %}. For more information, see [AUTOTITLE](/support/contacting-github-support/providing-data-to-github-support). ### Encrypted communication -{% data variables.product.company_short %} designs {% data variables.product.product_name %} to run behind your corporate firewall. To secure communication over the wire, we encourage you to enable Transport Layer Security (TLS). {% data variables.product.product_name %} supports 2048-bit and higher commercial TLS certificates for HTTPS traffic. For more information, see [AUTOTITLE](/admin/configuration/configuring-network-settings/configuring-tls). +{% data variables.product.company_short %} designs {% data variables.product.prodname_ghe_server %} to run behind your corporate firewall. To secure communication over the wire, we encourage you to enable Transport Layer Security (TLS). {% data variables.product.prodname_ghe_server %} supports 2048-bit and higher commercial TLS certificates for HTTPS traffic. For more information, see [AUTOTITLE](/admin/configuration/configuring-network-settings/configuring-tls). By default, the instance also offers Secure Shell (SSH) access for both repository access using Git and administrative purposes. For more information, see [AUTOTITLE](/authentication/connecting-to-github-with-ssh/about-ssh) and [AUTOTITLE](/admin/configuration/configuring-your-enterprise/accessing-the-administrative-shell-ssh). @@ -113,17 +113,17 @@ If you configure SAML authentication for {% data variables.location.product_loca ### Users and access permissions -{% data variables.product.product_name %} provides three types of accounts. +{% data variables.product.prodname_ghe_server %} provides three types of accounts. * The `admin` Linux user account has controlled access to the underlying operating system, including direct filesystem and database access. A small set of trusted administrators should have access to this account, which they can access over SSH. For more information, see [AUTOTITLE](/admin/configuration/configuring-your-enterprise/accessing-the-administrative-shell-ssh). * User accounts in the instance's web application have full access to their own data and any data that other users or organizations explicitly grant. * Site administrators in the instance's web application are user accounts that can manage high-level web application and instance settings, user and organization account settings, and repository data. -For more information about {% data variables.product.product_name %}'s user permissions, see [AUTOTITLE](/get-started/learning-about-github/access-permissions-on-github). +For more information about {% data variables.product.prodname_ghe_server %}'s user permissions, see [AUTOTITLE](/get-started/learning-about-github/access-permissions-on-github). ### Authentication -{% data variables.product.product_name %} provides four authentication methods. +{% data variables.product.prodname_ghe_server %} provides four authentication methods. * SSH public key authentication provides both repository access using Git and administrative shell access. For more information, see [AUTOTITLE](/authentication/connecting-to-github-with-ssh/about-ssh) and [AUTOTITLE](/admin/configuration/configuring-your-enterprise/accessing-the-administrative-shell-ssh). * Username and password authentication with HTTP cookies provides web application access and session management, with optional two-factor authentication (2FA). For more information, see [AUTOTITLE](/admin/identity-and-access-management/using-built-in-authentication/configuring-built-in-authentication). @@ -132,7 +132,7 @@ For more information about {% data variables.product.product_name %}'s user perm ### Audit and access logging -{% data variables.product.product_name %} stores both traditional operating system and application logs. The application also writes detailed auditing and security logs, which {% data variables.product.product_name %} stores permanently. You can forward both types of logs in real time to multiple destinations via the `syslog-ng` protocol. For more information, see [AUTOTITLE](/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/about-the-audit-log-for-your-enterprise) and [AUTOTITLE](/admin/monitoring-activity-in-your-enterprise/exploring-user-activity/log-forwarding). +{% data variables.product.prodname_ghe_server %} stores both traditional operating system and application logs. The application also writes detailed auditing and security logs, which {% data variables.product.prodname_ghe_server %} stores permanently. You can forward both types of logs in real time to multiple destinations via the `syslog-ng` protocol. For more information, see [AUTOTITLE](/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/about-the-audit-log-for-your-enterprise) and [AUTOTITLE](/admin/monitoring-activity-in-your-enterprise/exploring-user-activity/log-forwarding). Access and audit logs include information like the following. @@ -149,9 +149,9 @@ Access and audit logs include information like the following. * Repository push events, access grants, transfers, and renames * Organization membership changes, including team creation and destruction -## Open source dependencies for {% data variables.product.product_name %} +## Open source dependencies for {% data variables.product.prodname_ghe_server %} -You can see a complete list of dependencies in your instance's version of {% data variables.product.product_name %}, as well as each project's license, at `http(s)://HOSTNAME/site/credits`. +You can see a complete list of dependencies in your instance's version of {% data variables.product.prodname_ghe_server %}, as well as each project's license, at `http(s)://HOSTNAME/site/credits`. Tarballs with a full list of dependencies and associated metadata are available on your instance. diff --git a/data/reusables/gpg/private-email.md b/data/reusables/gpg/private-email.md index 571daec2ab26..3b3862b31355 100644 --- a/data/reusables/gpg/private-email.md +++ b/data/reusables/gpg/private-email.md @@ -1,3 +1,3 @@ {% ifversion fpt or ghec %} -To keep your email address private, use your {% data variables.product.product_name %}-provided `no-reply` email address. +To keep your email address private, use your {% data variables.product.github %}-provided `no-reply` email address. {% endif %} diff --git a/data/reusables/gpg/supported-gpg-key-algorithms.md b/data/reusables/gpg/supported-gpg-key-algorithms.md index 12bdfbe0e549..7eaec102abda 100644 --- a/data/reusables/gpg/supported-gpg-key-algorithms.md +++ b/data/reusables/gpg/supported-gpg-key-algorithms.md @@ -1,7 +1,7 @@ ### Supported GPG key algorithms -{% data variables.product.product_name %} supports several GPG key algorithms. If you try to add a key generated with an unsupported algorithm, you may encounter an error. +{% data variables.product.github %} supports several GPG key algorithms. If you try to add a key generated with an unsupported algorithm, you may encounter an error. * RSA * ElGamal diff --git a/data/reusables/identity-and-permissions/about-team-sync.md b/data/reusables/identity-and-permissions/about-team-sync.md index 8c7539634f98..09f0cbfa5f1c 100644 --- a/data/reusables/identity-and-permissions/about-team-sync.md +++ b/data/reusables/identity-and-permissions/about-team-sync.md @@ -1 +1 @@ -If team sync is enabled for your organization or enterprise account, you can synchronize a {% data variables.product.prodname_dotcom %} team with an IdP group. When you synchronize a {% data variables.product.prodname_dotcom %} team with an IdP group, membership changes to the IdP group are reflected on {% data variables.product.product_name %} automatically, reducing the need for manual updates and custom scripts. +If team sync is enabled for your organization or enterprise account, you can synchronize a {% data variables.product.github %} team with an IdP group. When you do this, membership changes to the IdP group are reflected on {% data variables.product.github %} automatically, reducing the need for manual updates and custom scripts. diff --git a/data/reusables/identity-and-permissions/team-and-idp-group.md b/data/reusables/identity-and-permissions/team-and-idp-group.md index d053e8cac8ae..52c7459c74ae 100644 --- a/data/reusables/identity-and-permissions/team-and-idp-group.md +++ b/data/reusables/identity-and-permissions/team-and-idp-group.md @@ -1 +1 @@ -To connect a team on {% data variables.product.product_name %} to an IdP group, the team must already exist in your organization. Even if you have configured SCIM provisioning, creating a group in your IdP does not automatically create a team on {% data variables.product.product_name %}. +To connect a team on {% data variables.product.github %} to an IdP group, the team must already exist in your organization. Even if you have configured SCIM provisioning, creating a group in your IdP does not automatically create a team on {% data variables.product.github %}. diff --git a/data/reusables/identity-and-permissions/verification-status-check.md b/data/reusables/identity-and-permissions/verification-status-check.md index 2e87736793fe..9c1e4cf27913 100644 --- a/data/reusables/identity-and-permissions/verification-status-check.md +++ b/data/reusables/identity-and-permissions/verification-status-check.md @@ -1 +1 @@ -You can check the verification status of your signed commits or tags on {% data variables.product.product_name %} and view why your commit signatures might be unverified. For more information, see [AUTOTITLE](/authentication/troubleshooting-commit-signature-verification/checking-your-commit-and-tag-signature-verification-status). +You can check the verification status of your signed commits or tags on {% data variables.product.github %} and view why your commit signatures might be unverified. For more information, see [AUTOTITLE](/authentication/troubleshooting-commit-signature-verification/checking-your-commit-and-tag-signature-verification-status). diff --git a/data/reusables/interactions/interactions-detail.md b/data/reusables/interactions/interactions-detail.md index 187a3e73074d..7ba7e8b674d7 100644 --- a/data/reusables/interactions/interactions-detail.md +++ b/data/reusables/interactions/interactions-detail.md @@ -1 +1 @@ -When restrictions are enabled, only the specified type of {% data variables.product.product_name %} user will be able to participate in interactions. Restrictions automatically expire after a defined duration. +When restrictions are enabled, only the specified type of {% data variables.product.github %} user will be able to participate in interactions. Restrictions automatically expire after a defined duration. diff --git a/data/reusables/large_files/can-include-lfs-objects-archives.md b/data/reusables/large_files/can-include-lfs-objects-archives.md index e5025e47220a..fda2e42e078d 100644 --- a/data/reusables/large_files/can-include-lfs-objects-archives.md +++ b/data/reusables/large_files/can-include-lfs-objects-archives.md @@ -1,3 +1,3 @@ {% ifversion fpt or ghec %} -You can choose whether {% data variables.large_files.product_name_short %} objects are included in [source code archives](/repositories/working-with-files/using-files/downloading-source-code-archives), such as ZIP files and tarballs, that {% data variables.product.product_name %} creates for your repository. For more information, see [AUTOTITLE](/repositories/managing-your-repositorys-settings-and-features/managing-repository-settings/managing-git-lfs-objects-in-archives-of-your-repository). +You can choose whether {% data variables.large_files.product_name_short %} objects are included in [source code archives](/repositories/working-with-files/using-files/downloading-source-code-archives), such as ZIP files and tarballs, that {% data variables.product.github %} creates for your repository. For more information, see [AUTOTITLE](/repositories/managing-your-repositorys-settings-and-features/managing-repository-settings/managing-git-lfs-objects-in-archives-of-your-repository). {% endif %} diff --git a/data/reusables/large_files/rejected_pushes.md b/data/reusables/large_files/rejected_pushes.md index 4d04d4d367be..26fafdfdf189 100644 --- a/data/reusables/large_files/rejected_pushes.md +++ b/data/reusables/large_files/rejected_pushes.md @@ -1 +1 @@ -Users cannot push {% data variables.large_files.product_name_short %} assets to {% data variables.product.product_name %} if {% data variables.large_files.product_name_short %} is disabled on the enterprise or repository. +Users cannot push {% data variables.large_files.product_name_short %} assets to {% data variables.product.github %} if {% data variables.large_files.product_name_short %} is disabled on the enterprise or repository. diff --git a/data/reusables/marketplace/visit-marketplace.md b/data/reusables/marketplace/visit-marketplace.md index 1fcc94e6041b..347175597a04 100644 --- a/data/reusables/marketplace/visit-marketplace.md +++ b/data/reusables/marketplace/visit-marketplace.md @@ -1,3 +1,3 @@ 1. To open {% data variables.product.prodname_marketplace %}, in the top-left corner of {% data variables.product.prodname_dotcom %}, select {% octicon "three-bars" aria-label="Open global navigation menu" %}, then click **{% octicon "gift" aria-hidden="true" %} Marketplace**. - ![Screenshot of the navigation bar on {% data variables.product.product_name %}. The "Open global navigation menu" icon is outlined in dark orange.](/assets/images/help/navigation/global-navigation-menu-icon.png) + ![Screenshot of the navigation bar on {% data variables.product.github %}. The "Open global navigation menu" icon is outlined in dark orange.](/assets/images/help/navigation/global-navigation-menu-icon.png) diff --git a/data/reusables/migrations/create-empty-repo.md b/data/reusables/migrations/create-empty-repo.md index 30debc9bb812..85417ac65e47 100644 --- a/data/reusables/migrations/create-empty-repo.md +++ b/data/reusables/migrations/create-empty-repo.md @@ -1 +1 @@ -1. Create a new repository on {% data variables.product.github %}. To avoid errors, do not initialize the new repository with README, license, or gitignore files. You can add these files after your project has been pushed to {% data variables.product.product_name %}. For more information, see [AUTOTITLE](/repositories/creating-and-managing-repositories/creating-a-new-repository). +1. Create a new repository on {% data variables.product.github %}. To avoid errors, do not initialize the new repository with README, license, or gitignore files. You can add these files after your project has been pushed to {% data variables.product.github %}. For more information, see [AUTOTITLE](/repositories/creating-and-managing-repositories/creating-a-new-repository). diff --git a/data/reusables/migrations/push-to-github.md b/data/reusables/migrations/push-to-github.md index 1ca88ace47cc..cf804dd1cbac 100644 --- a/data/reusables/migrations/push-to-github.md +++ b/data/reusables/migrations/push-to-github.md @@ -1,3 +1,3 @@ 1. To push the repository to {% data variables.product.prodname_dotcom %}, run `git push --mirror origin`. - If your repository contains any files that are larger than {% data variables.product.product_name %}'s file size limit, your push may fail. Move the large files to {% data variables.large_files.product_name_short %} by running `git lfs import`, then try again. + If your repository contains any files that are larger than {% data variables.product.github %}'s file size limit, your push may fail. Move the large files to {% data variables.large_files.product_name_short %} by running `git lfs import`, then try again. diff --git a/data/reusables/organizations/about-following-organizations.md b/data/reusables/organizations/about-following-organizations.md index 58e53816bd50..7af59f585492 100644 --- a/data/reusables/organizations/about-following-organizations.md +++ b/data/reusables/organizations/about-following-organizations.md @@ -1 +1 @@ -When you follow organizations on {% data variables.product.product_name %}, you'll see their {% ifversion fpt or ghec %}public{% endif %} activity on your personal dashboard. This activity includes new discussions, sponsorships, and repositories. +When you follow organizations on {% data variables.product.github %}, you'll see their {% ifversion fpt or ghec %}public{% endif %} activity on your personal dashboard. This activity includes new discussions, sponsorships, and repositories. diff --git a/data/reusables/organizations/about-organizations.md b/data/reusables/organizations/about-organizations.md index 0dbdfd0de405..766c6b9f85df 100644 --- a/data/reusables/organizations/about-organizations.md +++ b/data/reusables/organizations/about-organizations.md @@ -1,3 +1,3 @@ -Your team can collaborate on {% data variables.product.product_name %} by using an organization account, which serves as a container for your shared work and gives the work a unique name and brand. +Your team can collaborate on {% data variables.product.github %} by using an organization account, which serves as a container for your shared work and gives the work a unique name and brand. Each person that uses {% data variables.product.prodname_dotcom %} always signs into a personal account, and multiple personal accounts can collaborate on shared projects by joining the same organization account. A subset of these personal accounts can be given the role of organization owner, which allows those people to granularly manage access to the organization's resources using sophisticated security and administrative features. diff --git a/data/reusables/organizations/add-extension-to-cert.md b/data/reusables/organizations/add-extension-to-cert.md index 0ce28b8abae5..cd253c5f19b1 100644 --- a/data/reusables/organizations/add-extension-to-cert.md +++ b/data/reusables/organizations/add-extension-to-cert.md @@ -1 +1 @@ -When you issue each client certificate, you must include an extension that specifies which {% data variables.product.product_name %} user the certificate is for. For more information, see [AUTOTITLE](/organizations/managing-git-access-to-your-organizations-repositories/about-ssh-certificate-authorities). +When you issue each client certificate, you must include an extension that specifies which {% data variables.product.github %} user the certificate is for. For more information, see [AUTOTITLE](/organizations/managing-git-access-to-your-organizations-repositories/about-ssh-certificate-authorities). diff --git a/data/reusables/package_registry/authenticate-packages.md b/data/reusables/package_registry/authenticate-packages.md index 8cec986bd343..c44395caa9e7 100644 --- a/data/reusables/package_registry/authenticate-packages.md +++ b/data/reusables/package_registry/authenticate-packages.md @@ -2,7 +2,7 @@ You need an access token to publish, install, and delete private, internal, and public packages. -You can use a {% data variables.product.pat_v1 %} to authenticate to {% data variables.product.prodname_registry %} or the {% ifversion fpt or ghec %}{% data variables.product.prodname_dotcom %}{% else %}{% data variables.product.product_name %}{% endif %} API. When you create a {% data variables.product.pat_v1 %}, you can assign the token different scopes depending on your needs. For more information about packages-related scopes for a {% data variables.product.pat_v1 %}, see [AUTOTITLE](/packages/learn-github-packages/about-permissions-for-github-packages#about-scopes-and-permissions-for-package-registries). +You can use a {% data variables.product.pat_v1 %} to authenticate to {% data variables.product.prodname_registry %} or the {% data variables.product.github %} API. When you create a {% data variables.product.pat_v1 %}, you can assign the token different scopes depending on your needs. For more information about packages-related scopes for a {% data variables.product.pat_v1 %}, see [AUTOTITLE](/packages/learn-github-packages/about-permissions-for-github-packages#about-scopes-and-permissions-for-package-registries). To authenticate to a {% data variables.product.prodname_registry %} registry within a {% data variables.product.prodname_actions %} workflow, you can use: * `GITHUB_TOKEN` to publish packages associated with the workflow repository. diff --git a/data/reusables/package_registry/container-registry-ghes-beta.md b/data/reusables/package_registry/container-registry-ghes-beta.md index 15676af31215..b88fea42f23d 100644 --- a/data/reusables/package_registry/container-registry-ghes-beta.md +++ b/data/reusables/package_registry/container-registry-ghes-beta.md @@ -1,6 +1,6 @@ {% ifversion ghes %} ->[!NOTE] {% data variables.product.prodname_container_registry %} is currently in {% data variables.release-phases.public_preview %} for {% data variables.product.product_name %} and subject to change. +>[!NOTE] {% data variables.product.prodname_container_registry %} is currently in {% data variables.release-phases.public_preview %} for {% data variables.product.prodname_ghe_server %} and subject to change. Both {% data variables.product.prodname_registry %} and subdomain isolation must be enabled to use {% data variables.product.prodname_container_registry %}. For more information, see [AUTOTITLE](/packages/working-with-a-github-packages-registry/working-with-the-container-registry). diff --git a/data/reusables/package_registry/container-registry-ghes-migration-availability.md b/data/reusables/package_registry/container-registry-ghes-migration-availability.md index 46bdf6af865c..a3d922152fde 100644 --- a/data/reusables/package_registry/container-registry-ghes-migration-availability.md +++ b/data/reusables/package_registry/container-registry-ghes-migration-availability.md @@ -1 +1 @@ -{% data variables.product.product_name %} 3.6 supports migration for Docker images stored in organizations. A future release will support migration of user-owned images. +{% data variables.product.prodname_ghe_server %} 3.6 supports migration for Docker images stored in organizations. A future release will support migration of user-owned images. diff --git a/data/reusables/package_registry/docker_registry_deprecation_status.md b/data/reusables/package_registry/docker_registry_deprecation_status.md index 45283a75b6d1..2f7c2886b75a 100644 --- a/data/reusables/package_registry/docker_registry_deprecation_status.md +++ b/data/reusables/package_registry/docker_registry_deprecation_status.md @@ -1,2 +1,2 @@ > [!NOTE] -> The {% data variables.product.prodname_registry %} Docker registry {% ifversion ghes %} will be superseded in a future {% data variables.product.product_name %} release with the {% data variables.product.prodname_container_registry %}, which offers improved container support.{% elsif fpt %} is superseded by the {% data variables.product.prodname_container_registry %}, which offers improved container support. {% endif %} {% ifversion fpt or ghec %} For more information, see [AUTOTITLE](/packages/working-with-a-github-packages-registry/migrating-to-the-container-registry-from-the-docker-registry). {% endif %} +> The {% data variables.product.prodname_registry %} Docker registry {% ifversion ghes %} will be superseded in a future {% data variables.product.prodname_ghe_server %} release with the {% data variables.product.prodname_container_registry %}, which offers improved container support.{% elsif fpt %} is superseded by the {% data variables.product.prodname_container_registry %}, which offers improved container support. {% endif %} {% ifversion fpt or ghec %} For more information, see [AUTOTITLE](/packages/working-with-a-github-packages-registry/migrating-to-the-container-registry-from-the-docker-registry). {% endif %} diff --git a/data/reusables/package_registry/packages-cluster-support.md b/data/reusables/package_registry/packages-cluster-support.md index d223cdb5790f..45fef0f710f7 100644 --- a/data/reusables/package_registry/packages-cluster-support.md +++ b/data/reusables/package_registry/packages-cluster-support.md @@ -1,6 +1,6 @@ {% ifversion ghes %} > [!NOTE] -> {% data variables.product.prodname_registry %} on {% data variables.product.product_name %} does not currently support clustering. +> {% data variables.product.prodname_registry %} on {% data variables.product.prodname_ghe_server %} does not currently support clustering. {% endif %} diff --git a/data/reusables/pages/build-locally-download-cname.md b/data/reusables/pages/build-locally-download-cname.md index 126b60faa52e..5a9abdf828e5 100644 --- a/data/reusables/pages/build-locally-download-cname.md +++ b/data/reusables/pages/build-locally-download-cname.md @@ -1 +1 @@ -1. If you use a static site generator to build your site locally and push the generated files to {% data variables.product.product_name %}, pull the commit that added the CNAME file to your local repository. For more information, see [AUTOTITLE](/pages/configuring-a-custom-domain-for-your-github-pages-site/troubleshooting-custom-domains-and-github-pages#cname-errors). +1. If you use a static site generator to build your site locally and push the generated files to {% data variables.product.github %}, pull the commit that added the CNAME file to your local repository. For more information, see [AUTOTITLE](/pages/configuring-a-custom-domain-for-your-github-pages-site/troubleshooting-custom-domains-and-github-pages#cname-errors). diff --git a/data/reusables/pages/must-have-repo-first.md b/data/reusables/pages/must-have-repo-first.md index 86deee1a4771..7023cac08033 100644 --- a/data/reusables/pages/must-have-repo-first.md +++ b/data/reusables/pages/must-have-repo-first.md @@ -1 +1 @@ -Before you can create your site, you must have a repository for your site on {% data variables.product.product_name %}. If you're not creating your site in an existing repository, see [Creating a repository for your site](#creating-a-repository-for-your-site). +Before you can create your site, you must have a repository for your site on {% data variables.product.github %}. If you're not creating your site in an existing repository, see [Creating a repository for your site](#creating-a-repository-for-your-site). diff --git a/data/reusables/pages/navigate-site-repo.md b/data/reusables/pages/navigate-site-repo.md index 1ac6a42f40f2..2a4ca702ad94 100644 --- a/data/reusables/pages/navigate-site-repo.md +++ b/data/reusables/pages/navigate-site-repo.md @@ -1 +1 @@ -1. On {% data variables.product.product_name %}, navigate to your site's repository. +1. On {% data variables.product.github %}, navigate to your site's repository. diff --git a/data/reusables/pages/pages-about-publishing-source.md b/data/reusables/pages/pages-about-publishing-source.md index 6fc78aa11f73..8d1d1053ba55 100644 --- a/data/reusables/pages/pages-about-publishing-source.md +++ b/data/reusables/pages/pages-about-publishing-source.md @@ -2,4 +2,4 @@ You can publish your site when changes are pushed to a specific branch, or you c If you do not need any control over the build process for your site, we recommend that you publish your site when changes are pushed to a specific branch. {% data reusables.pages.pages-about-branch-source %} -If you want to use a build process other than Jekyll or you do not want a dedicated branch to hold your compiled static files, we recommend that you write a {% data variables.product.prodname_actions %} workflow to publish your site. {% data variables.product.product_name %} provides workflow templates for common publishing scenarios to help you write your workflow. +If you want to use a build process other than Jekyll or you do not want a dedicated branch to hold your compiled static files, we recommend that you write a {% data variables.product.prodname_actions %} workflow to publish your site. {% data variables.product.github %} provides workflow templates for common publishing scenarios to help you write your workflow. diff --git a/data/reusables/pages/test-locally.md b/data/reusables/pages/test-locally.md index dc5eae6a5dcf..96d84f5c2808 100644 --- a/data/reusables/pages/test-locally.md +++ b/data/reusables/pages/test-locally.md @@ -1 +1 @@ -If you are publishing from a branch, changes to your site are published automatically when the changes are merged into your site's publishing source. If you are publishing from a custom {% data variables.product.prodname_actions %} workflow, changes are published whenever your workflow is triggered (typically by a push to the default branch). If you want to preview your changes first, you can make the changes locally instead of on {% data variables.product.product_name %}. Then, test your site locally. For more information, see [AUTOTITLE](/pages/setting-up-a-github-pages-site-with-jekyll/testing-your-github-pages-site-locally-with-jekyll). +If you are publishing from a branch, changes to your site are published automatically when the changes are merged into your site's publishing source. If you are publishing from a custom {% data variables.product.prodname_actions %} workflow, changes are published whenever your workflow is triggered (typically by a push to the default branch). If you want to preview your changes first, you can make the changes locally instead of on {% data variables.product.github %}. Then, test your site locally. For more information, see [AUTOTITLE](/pages/setting-up-a-github-pages-site-with-jekyll/testing-your-github-pages-site-locally-with-jekyll). diff --git a/data/reusables/pages/twenty-minutes-to-publish.md b/data/reusables/pages/twenty-minutes-to-publish.md index beefab8e7028..28231fe22c8a 100644 --- a/data/reusables/pages/twenty-minutes-to-publish.md +++ b/data/reusables/pages/twenty-minutes-to-publish.md @@ -1,2 +1,2 @@ > [!NOTE] -> It can take up to 10 minutes for changes to your site to publish after you push the changes to {% data variables.product.product_name %}. If you don't see your {% data variables.product.prodname_pages %} site changes reflected in your browser after an hour, see [AUTOTITLE](/pages/setting-up-a-github-pages-site-with-jekyll/about-jekyll-build-errors-for-github-pages-sites). +> It can take up to 10 minutes for changes to your site to publish after you push the changes to {% data variables.product.github %}. If you don't see your {% data variables.product.prodname_pages %} site changes reflected in your browser after an hour, see [AUTOTITLE](/pages/setting-up-a-github-pages-site-with-jekyll/about-jekyll-build-errors-for-github-pages-sites). diff --git a/data/reusables/profile/navigating-to-profile.md b/data/reusables/profile/navigating-to-profile.md index 1ce37ccde46d..135796e0b001 100644 --- a/data/reusables/profile/navigating-to-profile.md +++ b/data/reusables/profile/navigating-to-profile.md @@ -1 +1 @@ -1. In the upper-right corner of any {% data variables.product.product_name %} page, click your profile photo, then click **Your profile**. +1. In the upper-right corner of any page, click your profile photo, then click **Your profile**. diff --git a/data/reusables/profile/pronouns-visibility.md b/data/reusables/profile/pronouns-visibility.md index 55c14aceb9b8..f2920365b3be 100644 --- a/data/reusables/profile/pronouns-visibility.md +++ b/data/reusables/profile/pronouns-visibility.md @@ -1 +1 @@ -Your pronouns will only be visible to users that are signed in to {% data variables.product.product_name %}. +Your pronouns will only be visible to users that are signed in to {% data variables.product.github %}. diff --git a/data/reusables/projects/last-updated-explanation.md b/data/reusables/projects/last-updated-explanation.md index b9994a385a57..2583967d4f43 100644 --- a/data/reusables/projects/last-updated-explanation.md +++ b/data/reusables/projects/last-updated-explanation.md @@ -1,4 +1,4 @@ -{% data variables.product.product_name %} marks an issue or pull request as updated when it is: +{% data variables.product.github %} marks an issue or pull request as updated when it is: * Created * Reopened diff --git a/data/reusables/pull_requests/collect-co-author-commit-git-config-info.md b/data/reusables/pull_requests/collect-co-author-commit-git-config-info.md index 1f6be9b84c44..350f1c289c72 100644 --- a/data/reusables/pull_requests/collect-co-author-commit-git-config-info.md +++ b/data/reusables/pull_requests/collect-co-author-commit-git-config-info.md @@ -1 +1 @@ -1. Collect the name and email address for each co-author.{% ifversion fpt or ghec %} If a person chooses to keep their email address private, you should use their {% data variables.product.product_name %}-provided `no-reply` email to protect their privacy.{% endif %} +1. Collect the name and email address for each co-author.{% ifversion fpt or ghec %} If a person chooses to keep their email address private, you should use their {% data variables.product.github %}-provided `no-reply` email to protect their privacy.{% endif %} diff --git a/data/reusables/pull_requests/merge-queue-merging-method.md b/data/reusables/pull_requests/merge-queue-merging-method.md index 6471d434a6b7..a6d0636761cb 100644 --- a/data/reusables/pull_requests/merge-queue-merging-method.md +++ b/data/reusables/pull_requests/merge-queue-merging-method.md @@ -1 +1 @@ -{% data variables.product.product_name %} merges the pull request according to the merge strategy configured in the branch protection once all required CI checks pass. +{% data variables.product.github %} merges the pull request according to the merge strategy configured in the branch protection once all required CI checks pass. diff --git a/data/reusables/pull_requests/rebase_and_merge_summary.md b/data/reusables/pull_requests/rebase_and_merge_summary.md index 89eed6ed1b81..32e0b7340b4e 100644 --- a/data/reusables/pull_requests/rebase_and_merge_summary.md +++ b/data/reusables/pull_requests/rebase_and_merge_summary.md @@ -1,6 +1,6 @@ When you select the **Rebase and merge** option on a pull request, all commits from the topic branch (or head branch) are added onto the base branch individually without a merge commit. In that way, the rebase and merge behavior resembles a [fast-forward merge](https://git-scm.com/docs/git-merge#_fast_forward_merge) by maintaining a linear project history. However, rebasing achieves this by re-writing the commit history on the base branch with new commits. -The rebase and merge behavior on {% data variables.product.product_name %} deviates slightly from `git rebase`. Rebase and merge on {% data variables.product.prodname_dotcom %} will always update the committer information and create new commit SHAs, whereas `git rebase` outside of {% data variables.product.prodname_dotcom %} does not change the committer information when the rebase happens on top of an ancestor commit. For more information about `git rebase`, see [git-rebase](https://git-scm.com/docs/git-rebase) in the Git documentation. +The rebase and merge behavior on {% data variables.product.github %} deviates slightly from `git rebase`. Rebase and merge on {% data variables.product.prodname_dotcom %} will always update the committer information and create new commit SHAs, whereas `git rebase` outside of {% data variables.product.prodname_dotcom %} does not change the committer information when the rebase happens on top of an ancestor commit. For more information about `git rebase`, see [git-rebase](https://git-scm.com/docs/git-rebase) in the Git documentation. To rebase and merge pull requests, you must have [write permissions](/organizations/managing-user-access-to-your-organizations-repositories/managing-repository-roles/repository-roles-for-an-organization) in the repository, and the repository must [allow rebase merging](/repositories/configuring-branches-and-merges-in-your-repository/configuring-pull-request-merges/configuring-commit-rebasing-for-pull-requests). diff --git a/data/reusables/reminders/scheduled-reminders-limitations.md b/data/reusables/reminders/scheduled-reminders-limitations.md index 40a266984839..6a36803460fb 100644 --- a/data/reusables/reminders/scheduled-reminders-limitations.md +++ b/data/reusables/reminders/scheduled-reminders-limitations.md @@ -1 +1 @@ -{% data variables.product.product_name %} will only trigger reminders for up to five repositories per owner and 20 pull requests per repository. Reminders are not sent when changes are merged from upstream into a fork. +{% data variables.product.github %} will only trigger reminders for up to five repositories per owner and 20 pull requests per repository. Reminders are not sent when changes are merged from upstream into a fork. diff --git a/data/reusables/repositories/blocked-passwords.md b/data/reusables/repositories/blocked-passwords.md index a6d9c7bd35ba..007e4f0b9885 100644 --- a/data/reusables/repositories/blocked-passwords.md +++ b/data/reusables/repositories/blocked-passwords.md @@ -1,5 +1,5 @@ {% ifversion fpt or ghec %} -When you type a password to sign in, create an account, or change your password, {% data variables.product.product_name %} will check if the password you entered is considered weak according to datasets like HaveIBeenPwned. The password may be identified as weak even if you have never used that password before. +When you type a password to sign in, create an account, or change your password, {% data variables.product.github %} will check if the password you entered is considered weak according to datasets like HaveIBeenPwned. The password may be identified as weak even if you have never used that password before. -{% data variables.product.product_name %} only inspects the password at the time you type it, and never stores the password you entered in plaintext. For more information, see [HaveIBeenPwned](https://haveibeenpwned.com/). +{% data variables.product.github %} only inspects the password at the time you type it, and never stores the password you entered in plaintext. For more information, see [HaveIBeenPwned](https://haveibeenpwned.com/). {% endif %} diff --git a/data/reusables/repositories/deploy-keys.md b/data/reusables/repositories/deploy-keys.md index 8ef13d894345..a9029eb3e288 100644 --- a/data/reusables/repositories/deploy-keys.md +++ b/data/reusables/repositories/deploy-keys.md @@ -1 +1 @@ -You can launch projects from a repository on {% data variables.location.product_location %} to your server by using a deploy key, which is an SSH key that grants access to a single repository. {% data variables.product.product_name %} attaches the public part of the key directly to your repository instead of a personal account, and the private part of the key remains on your server. For more information, see [AUTOTITLE](/rest/guides/delivering-deployments). +You can launch projects from a repository on {% data variables.location.product_location %} to your server by using a deploy key, which is an SSH key that grants access to a single repository. {% data variables.product.github %} attaches the public part of the key directly to your repository instead of a personal account, and the private part of the key remains on your server. For more information, see [AUTOTITLE](/rest/guides/delivering-deployments). diff --git a/data/reusables/repositories/relative-links.md b/data/reusables/repositories/relative-links.md index 48dd8b6bd48c..4b4abf082849 100644 --- a/data/reusables/repositories/relative-links.md +++ b/data/reusables/repositories/relative-links.md @@ -6,12 +6,12 @@ A relative link is a link that is relative to the current file. For example, if [Contribution guidelines for this project](docs/CONTRIBUTING.md) ``` -{% data variables.product.product_name %} will automatically transform your relative link or image path based on whatever branch you're currently on, so that the link or path always works. The path of the link will be relative to the current file. Links starting with `/` will be relative to the repository root. You can use all relative link operands, such as `./` and `../`. +{% data variables.product.github %} will automatically transform your relative link or image path based on whatever branch you're currently on, so that the link or path always works. The path of the link will be relative to the current file. Links starting with `/` will be relative to the repository root. You can use all relative link operands, such as `./` and `../`. Your link text should be on a single line. The example below will not work. ```markdown -[Contribution +[Contribution guidelines for this project](docs/CONTRIBUTING.md) ``` diff --git a/data/reusables/repositories/security-advisory-edit-severity.md b/data/reusables/repositories/security-advisory-edit-severity.md index f1277d98a175..3133b7b9bb2d 100644 --- a/data/reusables/repositories/security-advisory-edit-severity.md +++ b/data/reusables/repositories/security-advisory-edit-severity.md @@ -1 +1 @@ -1. Define the severity of the security vulnerability using the **Severity** dropdown menu. If you want to calculate a CVSS score, select **Assess severity using CVSS** and then select the appropriate values in the **Calculator**. The {% data variables.product.product_name %} calculates the score according to the [Common Vulnerability Scoring System Calculator](https://www.first.org/cvss/calculator). +1. Define the severity of the security vulnerability using the **Severity** dropdown menu. If you want to calculate a CVSS score, select **Assess severity using CVSS** and then select the appropriate values in the **Calculator**. {% data variables.product.github %} calculates the score according to the [Common Vulnerability Scoring System Calculator](https://www.first.org/cvss/calculator). diff --git a/data/reusables/rest-api/about-api-versions.md b/data/reusables/rest-api/about-api-versions.md index 68b9ee21f2ee..0875319e0bd9 100644 --- a/data/reusables/rest-api/about-api-versions.md +++ b/data/reusables/rest-api/about-api-versions.md @@ -1,4 +1,4 @@ -The {% data variables.product.product_name %} REST API is versioned. The API version name is based on the date when the API version was released. For example, the API version `{{ initialRestVersioningReleaseDate }}` was released on {{ initialRestVersioningReleaseDateLong }}. +The {% data variables.product.github %} REST API is versioned. The API version name is based on the date when the API version was released. For example, the API version `{{ initialRestVersioningReleaseDate }}` was released on {{ initialRestVersioningReleaseDateLong }}. Any breaking changes will be released in a new API version. Breaking changes are changes that can potentially break an integration. Breaking changes include: diff --git a/data/reusables/saml/about-saml-access-enterprise-account.md b/data/reusables/saml/about-saml-access-enterprise-account.md index ec59317aaa79..d58e23e5f672 100644 --- a/data/reusables/saml/about-saml-access-enterprise-account.md +++ b/data/reusables/saml/about-saml-access-enterprise-account.md @@ -1 +1 @@ -To access each organization's resources on {% data variables.product.product_name %}, the member must have an active SAML session in their browser.{% ifversion ghec %} To access each organization's protected resources using the API and Git, the member must use a {% data variables.product.pat_generic %} or SSH key that the member has authorized for use with the organization.{% endif %} Enterprise owners can view and revoke a member's {% ifversion ghec %}linked identity, active sessions, or authorized credentials{% else %}active SAML sessions{% endif %} at any time. +To access each organization's resources on {% data variables.product.github %}, the member must have an active SAML session in their browser.{% ifversion ghec %} To access each organization's protected resources using the API and Git, the member must use a {% data variables.product.pat_generic %} or SSH key that the member has authorized for use with the organization.{% endif %} Enterprise owners can view and revoke a member's {% ifversion ghec %}linked identity, active sessions, or authorized credentials{% else %}active SAML sessions{% endif %} at any time. diff --git a/data/reusables/saml/create-a-machine-user.md b/data/reusables/saml/create-a-machine-user.md index 824ba759e8aa..95dfe42b4cb0 100644 --- a/data/reusables/saml/create-a-machine-user.md +++ b/data/reusables/saml/create-a-machine-user.md @@ -1 +1 @@ -You must create and use a dedicated machine user account on your IdP to associate with an enterprise owner account on {% data variables.product.product_name %}. Store the credentials for the user account securely in a password manager. For more information, see [AUTOTITLE](/admin/identity-and-access-management/using-saml-for-enterprise-iam/configuring-user-provisioning-with-scim-for-your-enterprise#enabling-user-provisioning-for-your-enterprise). +You must create and use a dedicated machine user account on your IdP to associate with an enterprise owner account on {% data variables.product.github %}. Store the credentials for the user account securely in a password manager. For more information, see [AUTOTITLE](/admin/identity-and-access-management/using-saml-for-enterprise-iam/configuring-user-provisioning-with-scim-for-your-enterprise#enabling-user-provisioning-for-your-enterprise). diff --git a/data/reusables/saml/current-time-earlier-than-notbefore-condition.md b/data/reusables/saml/current-time-earlier-than-notbefore-condition.md index a8e470ba3a0d..55e8d898cb1e 100644 --- a/data/reusables/saml/current-time-earlier-than-notbefore-condition.md +++ b/data/reusables/saml/current-time-earlier-than-notbefore-condition.md @@ -1,6 +1,6 @@ ## Error: "Current time is earlier than NotBefore condition" -This error can occur when there's too large of a time difference between your IdP and {% data variables.product.product_name %}, which commonly occurs with self-hosted IdPs. +This error can occur when there's too large of a time difference between your IdP and {% data variables.product.github %}, which commonly occurs with self-hosted IdPs. {% ifversion ghes %}To prevent this problem, we recommend pointing your appliance to the same Network Time Protocol (NTP) source as your IdP, if possible. {% endif %}If you encounter this error, make sure the time on your {% ifversion ghes %}appliance{% else %}IdP{% endif %} is properly synced with your NTP server. {% ifversion ghes %}You can use the `chronyc` command on the administrative shell to synchronize time immediately. For more information, see [AUTOTITLE](/admin/configuration/configuring-network-settings/configuring-time-synchronization#correcting-a-large-time-drift).{% endif %} diff --git a/data/reusables/saml/dotcom-saml-explanation.md b/data/reusables/saml/dotcom-saml-explanation.md index 1193514f500a..8753760cb5b6 100644 --- a/data/reusables/saml/dotcom-saml-explanation.md +++ b/data/reusables/saml/dotcom-saml-explanation.md @@ -1 +1 @@ -SAML single sign-on (SSO) gives organization owners and enterprise owners using {% data variables.product.product_name %} a way to control and secure access to organization resources like repositories, issues, and pull requests. +SAML single sign-on (SSO) gives organization owners and enterprise owners a way to control and secure access to organization resources like repositories, issues, and pull requests. diff --git a/data/reusables/saml/idp-saml-and-scim-explanation.md b/data/reusables/saml/idp-saml-and-scim-explanation.md index 70d3586b9580..ef32447202b5 100644 --- a/data/reusables/saml/idp-saml-and-scim-explanation.md +++ b/data/reusables/saml/idp-saml-and-scim-explanation.md @@ -1 +1 @@ -When you use {% ifversion ghec %}{% data variables.product.prodname_emus %}{% else %}an IdP for IAM on {% data variables.product.product_name %}{% endif %}, SAML SSO controls and secures access to enterprise resources like repositories, issues, and pull requests. SCIM automatically creates user accounts and manages access to your enterprise when you make changes on your IdP. You can also synchronize teams on {% data variables.product.github %} with groups on your IdP. +When you use {% ifversion ghec %}{% data variables.product.prodname_emus %}{% else %}an IdP for IAM on {% data variables.product.prodname_ghe_server %}{% endif %}, SAML SSO controls and secures access to enterprise resources like repositories, issues, and pull requests. SCIM automatically creates user accounts and manages access to your enterprise when you make changes on your IdP. You can also synchronize teams on {% data variables.product.github %} with groups on your IdP. diff --git a/data/reusables/saml/saml-disabled-linked-identities-removed.md b/data/reusables/saml/saml-disabled-linked-identities-removed.md index 8b081e068850..744a896cf613 100644 --- a/data/reusables/saml/saml-disabled-linked-identities-removed.md +++ b/data/reusables/saml/saml-disabled-linked-identities-removed.md @@ -1 +1 @@ -When SAML SSO is disabled, all linked external identities are removed from {% data variables.product.product_name %}. +When SAML SSO is disabled, all linked external identities are removed from {% data variables.product.github %}. diff --git a/data/reusables/saml/saml-single-logout-not-supported.md b/data/reusables/saml/saml-single-logout-not-supported.md index a9a628ca4556..e1206e8560dd 100644 --- a/data/reusables/saml/saml-single-logout-not-supported.md +++ b/data/reusables/saml/saml-single-logout-not-supported.md @@ -1 +1 @@ -{% data variables.product.product_name %} does not support SAML Single Logout. To terminate an active SAML session, users should log out directly on your SAML IdP. +{% data variables.product.github %} does not support SAML Single Logout. To terminate an active SAML session, users should log out directly on your SAML IdP. diff --git a/data/reusables/saml/saml-supported-idps.md b/data/reusables/saml/saml-supported-idps.md index fa9d7f795605..e8ac638dd35b 100644 --- a/data/reusables/saml/saml-supported-idps.md +++ b/data/reusables/saml/saml-supported-idps.md @@ -1,4 +1,4 @@ -{% data variables.product.product_name %} supports SAML SSO with IdPs that implement the SAML 2.0 standard. For more information, see the [SAML Wiki](https://wiki.oasis-open.org/security) on the OASIS website. +{% data variables.product.github %} supports SAML SSO with IdPs that implement the SAML 2.0 standard. For more information, see the [SAML Wiki](https://wiki.oasis-open.org/security) on the OASIS website. {% data variables.product.company_short %} officially supports and internally tests the following IdPs. diff --git a/data/reusables/scim/after-you-configure-saml.md b/data/reusables/scim/after-you-configure-saml.md index 711d4e80b697..dc23c8bf762a 100644 --- a/data/reusables/scim/after-you-configure-saml.md +++ b/data/reusables/scim/after-you-configure-saml.md @@ -1,3 +1,3 @@ -By default, your IdP does not communicate with {% data variables.product.product_name %} automatically when you assign or unassign the application. {% data variables.product.product_name %} {% ifversion fpt or ghec %}provisions access to your resources on {% else %}creates a user account {% endif %}using SAML Just-in-Time (JIT) provisioning the first time someone navigates to {% ifversion fpt or ghec %}your resources on {% endif %} {% data variables.product.product_name %} and signs in by authenticating through your IdP. You may need to manually notify users when you grant access to {% data variables.product.product_name %}, and you must manually {% ifversion fpt or ghec %}deprovision access {% else %}deactivate the user account on {% endif %}{% data variables.product.product_name %} during offboarding. +By default, your IdP does not communicate with {% data variables.product.github %} automatically when you assign or unassign the application. {% data variables.product.github %} {% ifversion fpt or ghec %}provisions access to your resources on {% else %}creates a user account {% endif %}using SAML Just-in-Time (JIT) provisioning the first time someone navigates to {% ifversion fpt or ghec %}your enterprise's resources on {% data variables.product.github %}{% else %}{% data variables.location.product_location_enterprise %}{% endif %} and signs in by authenticating through your IdP. You may need to manually notify users when you grant access to {% data variables.product.github %}, and you must manually {% ifversion fpt or ghec %}deprovision access {% else %}deactivate the user account on {% endif %}{% data variables.product.github %} during offboarding. -Alternatively, instead of SAML JIT provisioning, you can use SCIM to {% ifversion ghec %}provision or deprovision{% elsif ghes %}create or suspend{% endif %} {% ifversion fpt or ghec %}access to organizations owned by your enterprise on {% data variables.product.prodname_dotcom %} {% else %}user accounts and grant or deny access to {% data variables.location.product_location %} {% endif %}automatically after you assign or unassign the application on your IdP.{% ifversion ghes %} SCIM for {% data variables.product.product_name %} is currently in {% ifversion scim-for-ghes-public-beta %}public{% else %}private{% endif %} {% data variables.release-phases.public_preview %} and is subject to change.{% endif %} +Alternatively, instead of SAML JIT provisioning, you can use SCIM to {% ifversion ghec %}provision or deprovision{% elsif ghes %}create or suspend{% endif %} {% ifversion fpt or ghec %}access to organizations owned by your enterprise on {% data variables.product.prodname_dotcom %} {% else %}user accounts and grant or deny access to {% data variables.location.product_location %} {% endif %}automatically after you assign or unassign the application on your IdP.{% ifversion ghes %} SCIM for {% data variables.product.prodname_ghe_server %} is currently in {% ifversion scim-for-ghes-public-beta %}public{% else %}private{% endif %} {% data variables.release-phases.public_preview %} and is subject to change.{% endif %} diff --git a/data/reusables/scim/emu-prerequisite-authentication.md b/data/reusables/scim/emu-prerequisite-authentication.md index d72008ef97a3..31dbc5a42316 100644 --- a/data/reusables/scim/emu-prerequisite-authentication.md +++ b/data/reusables/scim/emu-prerequisite-authentication.md @@ -1 +1 @@ -Before you configure provisioning, you must configure authentication for your users. This configuration requires setup on both your identity management system and {% data variables.product.product_name %}. For more information, see [AUTOTITLE](/admin/identity-and-access-management/configuring-authentication-for-enterprise-managed-users). +Before you configure provisioning, you must configure authentication for your users. This configuration requires setup on both your identity management system and {% data variables.product.github %}. For more information, see [AUTOTITLE](/admin/identity-and-access-management/configuring-authentication-for-enterprise-managed-users). diff --git a/data/reusables/scim/emu-scim-rate-limit-details.md b/data/reusables/scim/emu-scim-rate-limit-details.md index ecc04ae90125..c283b4eb7f94 100644 --- a/data/reusables/scim/emu-scim-rate-limit-details.md +++ b/data/reusables/scim/emu-scim-rate-limit-details.md @@ -1,5 +1,5 @@ {% ifversion ghec %} -To avoid exceeding the rate limit on {% data variables.product.product_name %}, do not assign more than 1,000 users per hour to the SCIM integration on your IdP. If you use groups to assign users to the IdP application, do not add more than 1,000 users to each group per hour. If you exceed these thresholds, attempts to provision users may fail with a "rate limit" error. You can review your IdP logs to confirm if attempted SCIM provisioning or push operations failed due to a rate limit error. The response to a failed provisioning attempt will depend on the IdP. +To avoid exceeding {% data variables.product.github %}'s rate limit, do not assign more than 1,000 users per hour to the SCIM integration on your IdP. If you use groups to assign users to the IdP application, do not add more than 1,000 users to each group per hour. If you exceed these thresholds, attempts to provision users may fail with a "rate limit" error. You can review your IdP logs to confirm if attempted SCIM provisioning or push operations failed due to a rate limit error. The response to a failed provisioning attempt will depend on the IdP. {% elsif ghes %} A site administrator may have enabled API rate limits on your instance. If you exceed these thresholds, attempts to provision users may fail with a "rate limit" error. You can review your IdP logs to confirm if attempted SCIM provisioning or push operations failed due to a rate limit error. The response to a failed provisioning attempt will depend on the IdP. {% endif %} diff --git a/data/reusables/scim/ghes-beta-note.md b/data/reusables/scim/ghes-beta-note.md index 02d0e930baf4..96cf26d4fe65 100644 --- a/data/reusables/scim/ghes-beta-note.md +++ b/data/reusables/scim/ghes-beta-note.md @@ -1,10 +1,10 @@ {% ifversion scim-for-ghes-public-beta %} ->[!NOTE] SCIM for {% data variables.product.product_name %} is currently in {% data variables.release-phases.public_preview %} and subject to change. {% data variables.product.company_short %} recommends testing with a staging instance first. See [AUTOTITLE](/admin/installation/setting-up-a-github-enterprise-server-instance/setting-up-a-staging-instance). +>[!NOTE] SCIM for {% data variables.product.prodname_ghe_server %} is currently in {% data variables.release-phases.public_preview %} and subject to change. {% data variables.product.company_short %} recommends testing with a staging instance first. See [AUTOTITLE](/admin/installation/setting-up-a-github-enterprise-server-instance/setting-up-a-staging-instance). {% elsif ghes < 3.14 %} ->[!NOTE] This is an outdated, {% data variables.release-phases.private_preview %} version of SCIM for {% data variables.product.product_name %}. Customers must upgrade to 3.14 or newer and use the {% data variables.product.product_name %} SCIM {% data variables.release-phases.public_preview %} in order for their SCIM feedback or bug reports to be considered. +>[!NOTE] This is an outdated, {% data variables.release-phases.private_preview %} version of SCIM for {% data variables.product.prodname_ghe_server %}. Customers must upgrade to 3.14 or newer and use the SCIM {% data variables.release-phases.public_preview %} in order for their SCIM feedback or bug reports to be considered. >[!WARNING] The {% data variables.release-phases.public_preview %} is exclusively for testing and feedback, and no support is available. {% data variables.product.company_short %} recommends testing with a staging instance. For more information, see [AUTOTITLE](/admin/installation/setting-up-a-github-enterprise-server-instance/setting-up-a-staging-instance). diff --git a/data/reusables/sponsors/navigate-to-maintainer-profile.md b/data/reusables/sponsors/navigate-to-maintainer-profile.md index 9417632d7fc1..78d90e10d849 100644 --- a/data/reusables/sponsors/navigate-to-maintainer-profile.md +++ b/data/reusables/sponsors/navigate-to-maintainer-profile.md @@ -1 +1 @@ -1. On {% data variables.product.product_name %}, navigate to the profile of the user or organization you want to sponsor. +1. On {% data variables.product.github %}, navigate to the profile of the user or organization you want to sponsor. diff --git a/data/reusables/sponsors/navigate-to-sponsored-account.md b/data/reusables/sponsors/navigate-to-sponsored-account.md index def70f43f162..04b65d9c8999 100644 --- a/data/reusables/sponsors/navigate-to-sponsored-account.md +++ b/data/reusables/sponsors/navigate-to-sponsored-account.md @@ -1 +1 @@ -1. On {% data variables.product.product_name %}, navigate to the sponsored account's profile. +1. On {% data variables.product.github %}, navigate to the sponsored account's profile. diff --git a/data/reusables/support/ask-and-answer-forum.md b/data/reusables/support/ask-and-answer-forum.md index 6058a4a7bc5f..c2c9c5da91b3 100644 --- a/data/reusables/support/ask-and-answer-forum.md +++ b/data/reusables/support/ask-and-answer-forum.md @@ -1 +1 @@ -You can connect with developers around the world to ask and answer questions, learn, and interact directly with {% data variables.product.product_name %} staff. To get the conversation started, see [{% data variables.product.prodname_gcf %}](https://github.com/orgs/community/discussions/). +You can connect with developers around the world to ask and answer questions, learn, and interact directly with {% data variables.product.company_short %} staff. To get the conversation started, see [{% data variables.product.prodname_gcf %}](https://github.com/orgs/community/discussions/). diff --git a/data/reusables/support/enterprise-resolving-and-closing-tickets.md b/data/reusables/support/enterprise-resolving-and-closing-tickets.md index 804ddadc4cca..a087b1dee040 100644 --- a/data/reusables/support/enterprise-resolving-and-closing-tickets.md +++ b/data/reusables/support/enterprise-resolving-and-closing-tickets.md @@ -1,7 +1,7 @@ {% data variables.contact.enterprise_support %} may consider a ticket solved after providing an explanation, recommendation, usage instructions, workaround instructions{% ifversion ghes %}, or by advising you of an available release that addresses the issue{% endif %}. {% ifversion ghes %} -If you have installed additional third-party software on, or made modifications to, {% data variables.product.product_name %} outside of the recommendations of {% data variables.contact.enterprise_support %}, {% data variables.contact.enterprise_support %} may ask you to remove the software and/or modifications while attempting to resolve the issue. If the problem is fixed when the unsupported software or modifications have been removed, {% data variables.contact.enterprise_support %} may consider the ticket solved. +If you have installed additional third-party software on, or made modifications to, {% data variables.product.prodname_ghe_server %} outside of the recommendations of {% data variables.contact.enterprise_support %}, {% data variables.contact.enterprise_support %} may ask you to remove the software and/or modifications while attempting to resolve the issue. If the problem is fixed when the unsupported software or modifications have been removed, {% data variables.contact.enterprise_support %} may consider the ticket solved. {% endif %} {% data variables.contact.enterprise_support %} may close a ticket if the ticket is outside the scope of support or if multiple attempts to contact you have gone unanswered. If {% data variables.contact.enterprise_support %} closes a ticket due to lack of response, you can request that {% data variables.contact.enterprise_support %} reopen the ticket. diff --git a/data/reusables/support/help_resources.md b/data/reusables/support/help_resources.md index 0c584baa1b87..acc5e89f7ad4 100644 --- a/data/reusables/support/help_resources.md +++ b/data/reusables/support/help_resources.md @@ -1,7 +1,7 @@ For questions, bug reports, and discussions about {% data variables.product.prodname_github_apps %}, {% data variables.product.prodname_oauth_apps %}, and API development, explore the {% data reusables.support.prodname_support_forum_with_url %}. The discussions are moderated and maintained by {% data variables.product.company_short %} staff, and answered by the {% data variables.product.company_short %} community. Consider reaching out to [GitHub Support](https://support.github.com/) directly using the contact form for: -* Guaranteed response from {% data variables.product.product_name %} staff +* Guaranteed response from {% data variables.product.company_short %} staff * Support requests involving sensitive data or private concerns * Feature requests -* Feedback about {% data variables.product.product_name %} products +* Feedback about {% data variables.product.github %} products diff --git a/data/reusables/two_fa/about-recovery-codes.md b/data/reusables/two_fa/about-recovery-codes.md index 558307ae3d33..aec28ca50011 100644 --- a/data/reusables/two_fa/about-recovery-codes.md +++ b/data/reusables/two_fa/about-recovery-codes.md @@ -1 +1 @@ -When you configure two-factor authentication, you'll download and save your 2FA recovery codes. If you lose access to your phone, you can authenticate to {% data variables.product.product_name %} using your recovery codes. +When you configure two-factor authentication, you'll download and save your 2FA recovery codes. If you lose access to your phone, you can authenticate to {% data variables.product.github %} using your recovery codes. diff --git a/data/reusables/two_fa/enable-sms-number-method.md b/data/reusables/two_fa/enable-sms-number-method.md index 453af2b88ed3..63484f0c97a1 100644 --- a/data/reusables/two_fa/enable-sms-number-method.md +++ b/data/reusables/two_fa/enable-sms-number-method.md @@ -1,5 +1,5 @@ 1. Complete the CAPTCHA challenge, which helps protect against spam and abuse. 1. Under "Verify account", select your country code and type your mobile phone number, including the area code. When your information is correct, click **Send authentication code**. -1. You'll receive a text message with a security code. On {% data variables.product.product_name %}, type the code into the field under "Verify the code sent to your phone" and click **Continue**. +1. You'll receive a text message with a security code. On {% data variables.product.github %}, type the code into the field under "Verify the code sent to your phone" and click **Continue**. * If you need to edit the phone number you entered, you'll need to complete another CAPTCHA challenge. diff --git a/data/reusables/two_fa/enable-totp-app-method.md b/data/reusables/two_fa/enable-totp-app-method.md index 5e2224f4fa12..9e9bc5b8107b 100644 --- a/data/reusables/two_fa/enable-totp-app-method.md +++ b/data/reusables/two_fa/enable-totp-app-method.md @@ -1,8 +1,8 @@ 1. Under "Scan the QR code", do one of the following: - * Scan the QR code with your mobile device's app. After scanning, the app displays a six-digit code that you can enter on {% data variables.product.product_name %}. + * Scan the QR code with your mobile device's app. After scanning, the app displays a six-digit code that you can enter on {% data variables.product.github %}. * If you can't scan the QR code, click **setup key** to see a code, the TOTP secret, that you can manually enter in your TOTP app instead. ![Screenshot of the "Setup authenticator app" section of the 2FA settings. A link, labeled "setup key", is highlighted in orange.](/assets/images/help/2fa/ghes-3.8-and-higher-2fa-wizard-app-click-code.png) -1. The TOTP application saves your account on {% data variables.location.product_location %} and generates a new authentication code every few seconds. On {% data variables.product.product_name %}, type the code into the field under "Verify the code from the app." +1. The TOTP application saves your account on {% data variables.location.product_location %} and generates a new authentication code every few seconds. On {% data variables.product.github %}, type the code into the field under "Verify the code from the app." diff --git a/data/reusables/two_fa/sms-warning.md b/data/reusables/two_fa/sms-warning.md index ce00d5d52583..52dc7c50dbb5 100644 --- a/data/reusables/two_fa/sms-warning.md +++ b/data/reusables/two_fa/sms-warning.md @@ -1,4 +1,4 @@ Before using this method, be sure that you can receive text messages. Carrier rates may apply. > [!WARNING] -> We **strongly recommend** using a TOTP application for two-factor authentication instead of SMS, and security keys as backup methods instead of SMS. {% data variables.product.product_name %} doesn't support sending SMS messages to phones in every country. Before configuring authentication via text message, review the list of countries where {% data variables.product.product_name %} supports authentication via SMS. For more information, see [AUTOTITLE](/authentication/securing-your-account-with-two-factor-authentication-2fa/countries-where-sms-authentication-is-supported). +> We **strongly recommend** using a TOTP application for two-factor authentication instead of SMS, and security keys as backup methods instead of SMS. {% data variables.product.github %} doesn't support sending SMS messages to phones in every country. Before configuring authentication via text message, review the list of countries where {% data variables.product.github %} supports authentication via SMS. For more information, see [AUTOTITLE](/authentication/securing-your-account-with-two-factor-authentication-2fa/countries-where-sms-authentication-is-supported). diff --git a/data/reusables/two_fa/support-may-not-help.md b/data/reusables/two_fa/support-may-not-help.md index e34ad380670e..d984c705ea41 100644 --- a/data/reusables/two_fa/support-may-not-help.md +++ b/data/reusables/two_fa/support-may-not-help.md @@ -1 +1 @@ -For security reasons, {% data variables.product.product_name %} Support [will not be able to restore access to accounts](/free-pro-team@latest/site-policy/other-site-policies/github-account-recovery-policy) with two-factor authentication enabled if you lose your two-factor authentication credentials or lose access to your account recovery methods. +For security reasons, {% data variables.product.company_short %} Support [will not be able to restore access to accounts](/free-pro-team@latest/site-policy/other-site-policies/github-account-recovery-policy) with two-factor authentication enabled if you lose your two-factor authentication credentials or lose access to your account recovery methods. diff --git a/data/reusables/user-settings/about-commit-email-addresses.md b/data/reusables/user-settings/about-commit-email-addresses.md index d1e02d844052..7c4d085955a1 100644 --- a/data/reusables/user-settings/about-commit-email-addresses.md +++ b/data/reusables/user-settings/about-commit-email-addresses.md @@ -1 +1 @@ -For more information on commit email addresses,{% ifversion fpt or ghec %} including your `noreply` email address for {% data variables.product.product_name %},{% endif %} see [AUTOTITLE](/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-email-preferences/setting-your-commit-email-address). +For more information on commit email addresses,{% ifversion fpt or ghec %} including your `noreply` email address for {% data variables.product.github %},{% endif %} see [AUTOTITLE](/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-email-preferences/setting-your-commit-email-address). diff --git a/data/reusables/user-settings/enabling-fixed-width-fonts.md b/data/reusables/user-settings/enabling-fixed-width-fonts.md index 8d0aed53187b..6f392b032685 100644 --- a/data/reusables/user-settings/enabling-fixed-width-fonts.md +++ b/data/reusables/user-settings/enabling-fixed-width-fonts.md @@ -1 +1 @@ -If you are frequently editing code snippets and tables, you may benefit from enabling a fixed-width font in all comment fields on {% data variables.product.product_name %}. For more information, see [AUTOTITLE](/get-started/writing-on-github/getting-started-with-writing-and-formatting-on-github/about-writing-and-formatting-on-github#enabling-fixed-width-fonts-in-the-editor). +If you are frequently editing code snippets and tables, you may benefit from enabling a fixed-width font in all comment fields on {% data variables.product.github %}. For more information, see [AUTOTITLE](/get-started/writing-on-github/getting-started-with-writing-and-formatting-on-github/about-writing-and-formatting-on-github#enabling-fixed-width-fonts-in-the-editor). diff --git a/data/reusables/user-settings/export-data.md b/data/reusables/user-settings/export-data.md index 6a449a86fffa..ecee0d90f29f 100644 --- a/data/reusables/user-settings/export-data.md +++ b/data/reusables/user-settings/export-data.md @@ -1,3 +1,3 @@ {% ifversion fpt or ghec %} -You can export and review the metadata that {% data variables.product.product_name %} stores about your personal account. +You can export and review the metadata that {% data variables.product.github %} stores about your personal account. {% endif %} diff --git a/data/reusables/user-settings/link_email_with_your_account.md b/data/reusables/user-settings/link_email_with_your_account.md index cf3ee0d5cb02..1be8d1fa6a62 100644 --- a/data/reusables/user-settings/link_email_with_your_account.md +++ b/data/reusables/user-settings/link_email_with_your_account.md @@ -1 +1 @@ -Add the email address to your account on {% data variables.product.product_name %}, so that your commits are attributed to you and appear in your contributions graph. For more information, see [AUTOTITLE](/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-email-preferences/adding-an-email-address-to-your-github-account). +Add the email address to your account on {% data variables.product.github %}, so that your commits are attributed to you and appear in your contributions graph. For more information, see [AUTOTITLE](/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-email-preferences/adding-an-email-address-to-your-github-account). diff --git a/data/reusables/user-settings/set_your_email_address_in_git.md b/data/reusables/user-settings/set_your_email_address_in_git.md index e0d750f7d704..efce3a8a9a37 100644 --- a/data/reusables/user-settings/set_your_email_address_in_git.md +++ b/data/reusables/user-settings/set_your_email_address_in_git.md @@ -1 +1 @@ -Set an email address in Git. You can use {% ifversion fpt or ghec %}your [{% data variables.product.product_name %}-provided `noreply` email address](/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-email-preferences/setting-your-commit-email-address#about-no-reply-email) or {% endif %}any email address. +Set an email address in Git. You can use {% ifversion fpt or ghec %}your [{% data variables.product.github %}-provided `noreply` email address](/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-email-preferences/setting-your-commit-email-address#about-no-reply-email) or {% endif %}any email address. diff --git a/data/reusables/user-settings/sudo-mode-popup.md b/data/reusables/user-settings/sudo-mode-popup.md index da6beaba005d..902c6df8b4c7 100644 --- a/data/reusables/user-settings/sudo-mode-popup.md +++ b/data/reusables/user-settings/sudo-mode-popup.md @@ -1 +1 @@ -1. If prompted, confirm access to your account on {% data variables.product.product_name %}. For more information, see [AUTOTITLE](/authentication/keeping-your-account-and-data-secure/sudo-mode). +1. If prompted, confirm access to your account on {% data variables.product.github %}. For more information, see [AUTOTITLE](/authentication/keeping-your-account-and-data-secure/sudo-mode). diff --git a/data/reusables/webhooks/public_short_desc.md b/data/reusables/webhooks/public_short_desc.md index f665fd28c0f0..edc1941c31e6 100644 --- a/data/reusables/webhooks/public_short_desc.md +++ b/data/reusables/webhooks/public_short_desc.md @@ -1 +1 @@ -When a private repository is made public. Without a doubt: the best {% data variables.product.product_name %} event. +When a private repository is made public. diff --git a/data/reusables/webhooks/secret.md b/data/reusables/webhooks/secret.md index 6edd53e6f5bb..4854e5ff04c0 100644 --- a/data/reusables/webhooks/secret.md +++ b/data/reusables/webhooks/secret.md @@ -1 +1 @@ -Setting a webhook secret allows you to ensure that `POST` requests sent to the payload URL are from {% data variables.product.product_name %}. When you set a secret, you'll receive the `X-Hub-Signature` and `X-Hub-Signature-256` headers in the webhook `POST` request. For more information on how to use a secret with a signature header to secure your webhook payloads, see [AUTOTITLE](/webhooks-and-events/webhooks/securing-your-webhooks). +Setting a webhook secret allows you to ensure that `POST` requests sent to the payload URL are from {% data variables.product.github %}. When you set a secret, you'll receive the `X-Hub-Signature` and `X-Hub-Signature-256` headers in the webhook `POST` request. For more information on how to use a secret with a signature header to secure your webhook payloads, see [AUTOTITLE](/webhooks-and-events/webhooks/securing-your-webhooks).