Skip to content

User Access Management#

Gaining access to GitHub.com is managed by the GitHub Org Owners for each CESI unit. Teams can request to onboard by submitting the GHEC: Onboard a New Team request; a list of group owners is required as a part of the onboarding process. GitHub Org Owners will have access to Grouper to manage both GitHub Org Owners and GitHub Org Members.

Adding Users#

  1. Login to Grouper

  2. Navigate to the ref stem (Root>app>IT Access Catalog>ref), locate your CESI unit, then to GitHub Cloud.

  3. Open either the adhoc - umn-[unit] GitHub Org Members or adhoc - umn-[unit] GitHub Org Owners groups. It is up to each team to determine who will be owners versus members for their team.

  4. To add a member, click the orange +Add Members button in the upper right corner, enter their username and click the orange Add button. No start or end date is required unless your team requires it. Attestation of group members will be required every 180 days.

a. To add multiple members at the same time, click on the import a list of members link.

Removing Users#

Users need to be removed from organizations and access revoked when they leave the University.

Organization Owners are responsible for making sure membership is current and will receive emails once a year to remind them to review it.

Outside collaborators will only lose access to the repositories they are added to when an Owner removes them. It is important that Org Owners limit and track who they have added to repositories as outside collaborators.

Once deprovisioned, UMN account users will no longer have access to non-public repositories they did, unless they retain access as an "Outside Collaborator".

  1. Login to Grouper

  2. Navigate to the ref stem (Root>app>IT Access Catalog>ref), locate your CESI unit, then to GitHub Cloud.

  3. Open either the adhoc - umn-[unit] GitHub Org Members or adhoc - umn-[unit] GitHub Org Owners groups.

  4. To remove members, check the checkbox next to the member's name and click Remove selected members

Default CESI Namespace#

This structure represents the groups associated with a standard CESI unit.

Text Only
app
└── IT Access Catalog
  └── ref
    └── [Unit Short ID]
      └── GitHub Cloud
        └── adhoc - umn-[unit] GitHub Org Members
        └── adhoc - umn-[unit] GitHub Org Owners
  • GitHub Org Owners adhoc - umn-[unit] GitHub Org Owners - These individuals have access to manage the Owners and Members groups in grouper. They are responsible for bi-annual attestation within Grouper and to remove team members who should no longer have access.
  • GitHub Org Members adhoc - umn-[unit] GitHub Org Members - These individuals do not have access to update grouper groups but have access to github.com.