LDAP
- Update LDAP mapping for a user
- Sync LDAP mapping for a user
- Update LDAP mapping for a team
- Sync LDAP mapping for a team
You can use the LDAP API to update account relationships between a GitHub Enterprise Server user or team and its linked LDAP entry or queue a new synchronization.
With the LDAP mapping endpoints, you're able to update the Distinguished Name (DN) that a user or team maps to. Note that the LDAP endpoints are generally only effective if your GitHub Enterprise Server appliance has LDAP Sync enabled. The Update LDAP mapping for a user can be used when LDAP is enabled, even if LDAP Sync is disabled.
Update LDAP mapping for a user
PATCH /admin/ldap/users/:username/mapping
Parameters
| Name | Type | Description |
|---|---|---|
ldap_dn |
string |
The distinguished name (DN) of the LDAP entry to map to a team. |
Example
{
"ldap_dn": "uid=asdf,ou=users,dc=github,dc=com"
}
Response
Status: 200 OK
{
"ldap_dn": "uid=asdf,ou=users,dc=github,dc=com",
"login": "octocat",
"id": 1,
"node_id": "MDQ6VXNlcjE=",
"avatar_url": "https://github.com/images/error/octocat_happy.gif",
"gravatar_id": "",
"url": "https://api.github.com/users/octocat",
"html_url": "https://github.com/octocat",
"followers_url": "https://api.github.com/users/octocat/followers",
"following_url": "https://api.github.com/users/octocat/following{/other_user}",
"gists_url": "https://api.github.com/users/octocat/gists{/gist_id}",
"starred_url": "https://api.github.com/users/octocat/starred{/owner}{/repo}",
"subscriptions_url": "https://api.github.com/users/octocat/subscriptions",
"organizations_url": "https://api.github.com/users/octocat/orgs",
"repos_url": "https://api.github.com/users/octocat/repos",
"events_url": "https://api.github.com/users/octocat/events{/privacy}",
"received_events_url": "https://api.github.com/users/octocat/received_events",
"type": "User",
"site_admin": false
}
Sync LDAP mapping for a user
Note that this API call does not automatically initiate an LDAP sync. Rather, if a 201 is returned, the sync job is queued successfully, and is performed when the instance is ready.
POST /admin/ldap/users/:username/sync
Response
Status: 201 Created
{
"status": "queued"
}
Update LDAP mapping for a team
Updates the distinguished name (DN) of the LDAP entry to map to a team. LDAP synchronization must be enabled to map LDAP entries to a team. Use the Create team endpoint to create a team with LDAP mapping.
You can also update the LDAP mapping of a child team.
PATCH /admin/ldap/teams/:team_id/mapping
Parameters
| Name | Type | Description |
|---|---|---|
ldap_dn |
string |
The distinguished name (DN) of the LDAP entry to map to a team. |
Example
{
"ldap_dn": "cn=Enterprise Ops,ou=teams,dc=github,dc=com"
}
Response
Status: 200 OK
{
"ldap_dn": "cn=Enterprise Ops,ou=teams,dc=github,dc=com",
"id": 1,
"node_id": "MDQ6VGVhbTE=",
"url": "https://api.github.com/teams/1",
"html_url": "https://api.github.com/teams/justice-league",
"name": "Justice League",
"slug": "justice-league",
"description": "A great team.",
"privacy": "closed",
"permission": "admin",
"members_url": "https://api.github.com/teams/1/members{/member}",
"repositories_url": "https://api.github.com/teams/1/repos",
"parent": null
}
Sync LDAP mapping for a team
Note that this API call does not automatically initiate an LDAP sync. Rather, if a 201 is returned, the sync job is queued successfully, and is performed when the instance is ready.
POST /admin/ldap/teams/:team_id/sync
Response
Status: 201 Created
{
"status": "queued"
}