LDAP
- Update LDAP mapping for a user
- Sync LDAP mapping for a user
- Update LDAP mapping for a team
- Sync LDAP mapping for a team
You can use the LDAP API to update account relationships between a GitHub Enterprise Server user or team and its linked LDAP entry or queue a new synchronization.
With the LDAP mapping endpoints, you're able to update the Distinguished Name (DN) that a user or team maps to. Note that the LDAP endpoints are generally only effective if your GitHub Enterprise Server appliance has LDAP Sync enabled. The Update LDAP mapping for a user can be used when LDAP is enabled, even if LDAP Sync is disabled.
Update LDAP mapping for a user
PATCH /admin/ldap/users/:username/mapping
Parameters
| Name | Type | Description |
|---|---|---|
ldap_dn |
string |
The distinguished name (DN) of the LDAP entry to map to a team. |
Example
{
"ldap_dn": "uid=asdf,ou=users,dc=github,dc=com"
}
Response
Status: 200 OK
{
"ldap_dn": "uid=asdf,ou=users,dc=github,dc=com",
"login": "octocat",
"id": 1,
"node_id": "MDQ6VXNlcjE=",
"avatar_url": "https://github.com/images/error/octocat_happy.gif",
"gravatar_id": "",
"url": "https://api.github.com/users/octocat",
"html_url": "https://github.com/octocat",
"followers_url": "https://api.github.com/users/octocat/followers",
"following_url": "https://api.github.com/users/octocat/following{/other_user}",
"gists_url": "https://api.github.com/users/octocat/gists{/gist_id}",
"starred_url": "https://api.github.com/users/octocat/starred{/owner}{/repo}",
"subscriptions_url": "https://api.github.com/users/octocat/subscriptions",
"organizations_url": "https://api.github.com/users/octocat/orgs",
"repos_url": "https://api.github.com/users/octocat/repos",
"events_url": "https://api.github.com/users/octocat/events{/privacy}",
"received_events_url": "https://api.github.com/users/octocat/received_events",
"type": "User",
"site_admin": false
}
Sync LDAP mapping for a user
Note that this API call does not automatically initiate an LDAP sync. Rather, if a 201 is returned, the sync job is queued successfully, and is performed when the instance is ready.
POST /admin/ldap/users/:username/sync
Response
Status: 201 Created
{
"status": "queued"
}
Update LDAP mapping for a team
Note: The Nested Teams API is currently available for developers to preview. See the blog post for full details. To access the API, you must provide a custom media type in the Accept header:
application/vnd.github.hellcat-preview+json
Warning: The API may change without advance notice during the preview period. Preview features are not supported for production use. If you experience any issues, contact your GitHub Enterprise site administrator.
Updates the distinguished name (DN) of the LDAP entry to map to a team. LDAP synchronization must be enabled to map LDAP entries to a team. Use the Create team endpoint to create a team with LDAP mapping.
If you pass the hellcat-preview media type, you can also update the LDAP mapping of a child team.
PATCH /admin/ldap/teams/:team_id/mapping
Parameters
| Name | Type | Description |
|---|---|---|
ldap_dn |
string |
The distinguished name (DN) of the LDAP entry to map to a team. |
Example
{
"ldap_dn": "cn=Enterprise Ops,ou=teams,dc=github,dc=com"
}
Response
Status: 200 OK
{
"ldap_dn": "cn=Enterprise Ops,ou=teams,dc=github,dc=com",
"id": 1,
"node_id": "MDQ6VGVhbTE=",
"url": "https://api.github.com/teams/1",
"html_url": "https://api.github.com/teams/justice-league",
"name": "Justice League",
"slug": "justice-league",
"description": "A great team.",
"privacy": "closed",
"permission": "admin",
"members_url": "https://api.github.com/teams/1/members{/member}",
"repositories_url": "https://api.github.com/teams/1/repos",
"parent": null
}
Sync LDAP mapping for a team
Note that this API call does not automatically initiate an LDAP sync. Rather, if a 201 is returned, the sync job is queued successfully, and is performed when the instance is ready.
POST /admin/ldap/teams/:team_id/sync
Response
Status: 201 Created
{
"status": "queued"
}