SAML SSO helps you maintain control of your identity and contributions, while giving organizations a centralized and secure way of controlling access to their resources on GitHub. When you join an organization that uses SAML SSO, you sign in through the organization's IdP and your existing GitHub account is linked to an external identity that belongs to the organization. This external identity is separate from, but related to, your GitHub account and is used to control access to the organization's resources like repositories, issues, and pull requests.
If you have an active SAML session in your browser, you are automatically authorized when you access a GitHub organization that uses SAML SSO. If you don't have an active SAML session in your browser, you must enter the credentials for your SAML identity provider before you can access the organization.
GitHub supports these identity providers for SAML SSO:
- Azure Active Directory (Azure AD)
- Okta
- OneLogin
- PingOne
- Shibboleth
- Custom applications
https://help.github.com/articles/about-authentication-with-saml-single-sign-on/