From 8f170409224e9becbdfb7da9170350393ebb01d3 Mon Sep 17 00:00:00 2001 From: Ashley Date: Fri, 13 Dec 2024 04:37:40 -0500 Subject: [PATCH 1/2] [Remove Quotes] Removed quotations from content/organizations (#53594) --- .../about-organizations.md | 20 +-- .../about-your-organization-dashboard.md | 4 +- .../best-practices-for-organizations.md | 10 +- ...reating-a-new-organization-from-scratch.md | 10 +- .../customizing-your-organizations-profile.md | 10 +- ...s-for-dependencies-in-your-organization.md | 8 +- .../about-team-discussions.md | 18 +-- .../creating-a-team-discussion.md | 8 +- .../editing-or-deleting-a-team-discussion.md | 6 +- .../pinning-a-team-discussion.md | 6 +- ...-authentication-and-saml-single-sign-on.md | 6 +- ...rvice-accounts-with-saml-single-sign-on.md | 2 +- ...embers-saml-access-to-your-organization.md | 6 +- ...ompliance-reports-for-your-organization.md | 2 +- .../audit-log-events-for-your-organization.md | 2 +- ...-in-the-audit-log-for-your-organization.md | 4 +- ...log-events-performed-by-an-access-token.md | 6 +- ...owed-ip-addresses-for-your-organization.md | 6 +- ...analysis-settings-for-your-organization.md | 38 ++--- ...ail-notifications-for-your-organization.md | 8 +- ...ing-the-audit-log-for-your-organization.md | 56 +++---- ...accounts-with-two-factor-authentication.md | 4 +- ...tor-authentication-in-your-organization.md | 8 +- ...tor-authentication-in-your-organization.md | 28 ++-- ...s-in-your-organization-have-2fa-enabled.md | 4 +- ...-project-board-for-organization-members.md | 8 +- ...access-to-an-organization-project-board.md | 6 +- ...access-to-an-organization-project-board.md | 4 +- ...t-board-permissions-for-an-organization.md | 14 +- .../about-ssh-certificate-authorities.md | 8 +- ...ganizations-ssh-certificate-authorities.md | 6 +- .../adding-people-to-your-organization.md | 2 +- ...-accounts-for-people-in-my-organization.md | 2 +- ...an-invitation-to-join-your-organization.md | 4 +- ...ember-information-for-your-organization.md | 10 +- ...nviting-users-to-join-your-organization.md | 10 +- ...ng-a-former-member-of-your-organization.md | 12 +- ...emoving-a-member-from-your-organization.md | 10 +- .../about-oauth-app-access-restrictions.md | 16 +- ...roving-oauth-apps-for-your-organization.md | 2 +- ...cess-restrictions-for-your-organization.md | 4 +- ...d-compute-products-in-your-organization.md | 2 +- ...e-to-delete-issues-in-your-organization.md | 2 +- ...visibility-changes-in-your-organization.md | 6 +- .../archiving-an-organization.md | 6 +- ...-your-organizations-dependency-insights.md | 2 +- ...hub-hosted-runners-in-your-organization.md | 8 +- ...nouncement-banner-for-your-organization.md | 2 +- ...s-for-repositories-in-your-organization.md | 2 +- .../deleting-an-organization-account.md | 6 +- ...ng-github-actions-for-your-organization.md | 12 +- ...ing-project-boards-in-your-organization.md | 12 +- ...-github-discussions-for-an-organization.md | 6 +- ...e-use-repositories-in-your-organization.md | 4 +- ...ra-with-your-organization-project-board.md | 2 +- .../managing-base-permissions-for-projects.md | 4 +- ...s-for-repositories-in-your-organization.md | 8 +- ...s-for-repositories-in-your-organization.md | 2 +- ...n-for-repositories-in-your-organization.md | 6 +- ...ll-request-reviews-in-your-organization.md | 2 +- ...s-for-repositories-in-your-organization.md | 2 +- ...heduled-reminders-for-your-organization.md | 4 +- ...it-signoff-policy-for-your-organization.md | 2 +- ...e-for-repositories-in-your-organization.md | 6 +- ...ay-of-member-names-in-your-organization.md | 4 +- ...he-forking-policy-for-your-organization.md | 8 +- ...ithub-pages-sites-for-your-organization.md | 6 +- ...rom-accounts-your-organization-sponsors.md | 4 +- .../renaming-an-organization.md | 6 +- ...icting-deploy-keys-in-your-organization.md | 4 +- ...epository-creation-in-your-organization.md | 6 +- ...visibility-changes-in-your-organization.md | 6 +- ...ssions-for-adding-outside-collaborators.md | 2 +- ...r-deleting-or-transferring-repositories.md | 4 +- .../transferring-organization-ownership.md | 4 +- ...rading-to-the-github-customer-agreement.md | 6 +- ...pproving-a-domain-for-your-organization.md | 14 +- .../about-custom-organization-roles.md | 36 ++--- ...-a-billing-manager-to-your-organization.md | 4 +- ...ership-continuity-for-your-organization.md | 2 +- .../managing-custom-organization-roles.md | 6 +- ...anaging-moderators-in-your-organization.md | 10 +- ...-security-managers-in-your-organization.md | 6 +- .../roles-in-an-organization.md | 144 +++++++++--------- .../using-organization-roles.md | 2 +- ...rogrammatic-access-in-your-organization.md | 18 +-- ...onal-access-tokens-in-your-organization.md | 6 +- ...onal-access-tokens-in-your-organization.md | 6 +- ...hub-apps-installed-in-your-organization.md | 4 +- ...cess-token-policy-for-your-organization.md | 8 +- ...ewing-api-insights-in-your-organization.md | 14 +- ...ess-management-with-saml-single-sign-on.md | 26 ++-- .../about-scim-for-organizations.md | 6 +- ...f-your-identity-provider-is-unavailable.md | 2 +- ...saml-single-sign-on-and-scim-using-okta.md | 12 +- ...-identity-provider-to-your-organization.md | 6 +- ...ml-single-sign-on-for-your-organization.md | 4 +- ...ions-saml-single-sign-on-recovery-codes.md | 4 +- ...ml-single-sign-on-for-your-organization.md | 16 +- ...ml-single-sign-on-for-your-organization.md | 12 +- ...m-synchronization-for-your-organization.md | 12 +- ...aml-single-sign-on-in-your-organization.md | 8 +- ...access-management-for-your-organization.md | 14 +- ...rs-to-repositories-in-your-organization.md | 12 +- ...ation-member-to-an-outside-collaborator.md | 8 +- ...-collaborator-to-an-organization-member.md | 2 +- ...llaborators-access-to-your-organization.md | 6 +- ...borator-from-an-organization-repository.md | 4 +- .../about-custom-repository-roles.md | 12 +- ...ls-access-to-an-organization-repository.md | 6 +- ...om-repository-roles-for-an-organization.md | 2 +- ...am-access-to-an-organization-repository.md | 8 +- .../repository-roles-for-an-organization.md | 36 ++--- ...ng-base-permissions-for-an-organization.md | 6 +- ...g-people-with-access-to-your-repository.md | 2 +- ...am-to-improved-organization-permissions.md | 2 +- ...am-to-improved-organization-permissions.md | 4 +- ...ms-to-improved-organization-permissions.md | 2 +- .../about-teams.md | 20 +-- .../adding-organization-members-to-a-team.md | 6 +- ...e-team-maintainer-role-to-a-team-member.md | 2 +- .../creating-a-team.md | 10 +- .../deleting-a-team.md | 2 +- ...-team-discussions-for-your-organization.md | 2 +- ...ging-code-review-settings-for-your-team.md | 6 +- ...aging-scheduled-reminders-for-your-team.md | 6 +- ...-a-team-in-your-organizations-hierarchy.md | 6 +- .../requesting-to-add-a-child-team.md | 8 +- ...questing-to-add-or-change-a-parent-team.md | 8 +- ...-a-team-with-an-identity-provider-group.md | 22 +-- 130 files changed, 589 insertions(+), 589 deletions(-) diff --git a/content/organizations/collaborating-with-groups-in-organizations/about-organizations.md b/content/organizations/collaborating-with-groups-in-organizations/about-organizations.md index 76e0f7e4deec..8fcf9b5f800e 100644 --- a/content/organizations/collaborating-with-groups-in-organizations/about-organizations.md +++ b/content/organizations/collaborating-with-groups-in-organizations/about-organizations.md @@ -15,19 +15,19 @@ topics: ## About organizations -{% data reusables.organizations.about-organizations %} For more information about account types, see "[AUTOTITLE](/get-started/learning-about-github/types-of-github-accounts)." +{% data reusables.organizations.about-organizations %} For more information about account types, see [AUTOTITLE](/get-started/learning-about-github/types-of-github-accounts). -You can invite people to join your organization, then give these organization members a variety of roles that grant different levels of access to the organization and its data. For more information, see "[AUTOTITLE](/organizations/managing-peoples-access-to-your-organization-with-roles/roles-in-an-organization)." If an organization exceeds 100,000 members, some UI experiences and API functionality may be degraded. +You can invite people to join your organization, then give these organization members a variety of roles that grant different levels of access to the organization and its data. For more information, see [AUTOTITLE](/organizations/managing-peoples-access-to-your-organization-with-roles/roles-in-an-organization). If an organization exceeds 100,000 members, some UI experiences and API functionality may be degraded. -In addition to managing access to the organization itself, you can separately manage access to your organization's repositories, projects, and apps. For more information, see "[AUTOTITLE](/organizations/managing-user-access-to-your-organizations-repositories/managing-repository-roles/repository-roles-for-an-organization)", {% ifversion projects-v1 %}"[AUTOTITLE](/organizations/managing-access-to-your-organizations-project-boards/project-board-permissions-for-an-organization)",{% endif %} and "[AUTOTITLE](/organizations/managing-programmatic-access-to-your-organization)." +In addition to managing access to the organization itself, you can separately manage access to your organization's repositories, projects, and apps. For more information, see [AUTOTITLE](/organizations/managing-user-access-to-your-organizations-repositories/managing-repository-roles/repository-roles-for-an-organization), {% ifversion projects-v1 %}[AUTOTITLE](/organizations/managing-access-to-your-organizations-project-boards/project-board-permissions-for-an-organization),{% endif %} and [AUTOTITLE](/organizations/managing-programmatic-access-to-your-organization). -To simplify access management and enhance collaboration, you can create nested teams that reflect your group's structure, with cascading access permissions and mentions. For more information, see "[AUTOTITLE](/organizations/organizing-members-into-teams/about-teams)." +To simplify access management and enhance collaboration, you can create nested teams that reflect your group's structure, with cascading access permissions and mentions. For more information, see [AUTOTITLE](/organizations/organizing-members-into-teams/about-teams). -You can configure the organization to meet the unique needs of your group by managing settings, such as restricting the types of repositories that members can create. For more information, see "[AUTOTITLE](/organizations/managing-organization-settings)." +You can configure the organization to meet the unique needs of your group by managing settings, such as restricting the types of repositories that members can create. For more information, see [AUTOTITLE](/organizations/managing-organization-settings). -To harden your organization's security, you can enforce security requirements and review the organization's audit log. For more information, see "[AUTOTITLE](/organizations/keeping-your-organization-secure)." +To harden your organization's security, you can enforce security requirements and review the organization's audit log. For more information, see [AUTOTITLE](/organizations/keeping-your-organization-secure). -To learn how to use organizations most effectively, see "[AUTOTITLE](/organizations/collaborating-with-groups-in-organizations/best-practices-for-organizations)." +To learn how to use organizations most effectively, see [AUTOTITLE](/organizations/collaborating-with-groups-in-organizations/best-practices-for-organizations). {% ifversion fpt or ghec %} @@ -40,7 +40,7 @@ To learn how to use organizations most effectively, see "[AUTOTITLE](/organizati {% ifversion ghec %} -> [!NOTE] Currently, {% data variables.product.prodname_ghe_cloud %} customers who use a single organization are being automatically upgraded to an enterprise account at no additional cost. For details, see "[AUTOTITLE](/admin/managing-your-enterprise-account/creating-an-enterprise-account#what-will-happen-after-i-upgrade-my-organization)." +> [!NOTE] Currently, {% data variables.product.prodname_ghe_cloud %} customers who use a single organization are being automatically upgraded to an enterprise account at no additional cost. For details, see [AUTOTITLE](/admin/managing-your-enterprise-account/creating-an-enterprise-account#what-will-happen-after-i-upgrade-my-organization). {% endif %} @@ -50,7 +50,7 @@ Enterprise accounts are a feature of {% data variables.product.prodname_ghe_clou {% ifversion ghec %}For organizations that belong to an enterprise account, billing is managed at the enterprise account level, and billing settings are not available at the organization level.{% endif %} Enterprise owners can set policy for all organizations in the enterprise account or allow organization owners to set the policy at the organization level. Organization owners cannot change settings enforced for your organization at the enterprise account level. If you have questions about a policy or setting for your organization, contact the owner of your enterprise account. {% ifversion ghec %} -{% data reusables.enterprise.create-an-enterprise-account %} For more information, see "[AUTOTITLE](/admin/managing-your-enterprise-account/creating-an-enterprise-account)." +{% data reusables.enterprise.create-an-enterprise-account %} For more information, see [AUTOTITLE](/admin/managing-your-enterprise-account/creating-an-enterprise-account). {% data reusables.enterprise-accounts.invite-organization %} @@ -61,6 +61,6 @@ Enterprise accounts are a feature of {% data variables.product.prodname_ghe_clou ## Terms of service and data protection for organizations -An entity, such as a company, non-profit, or group, can agree to the Standard Terms of Service or the {% data variables.product.company_short %} Customer Agreement for their organization. For more information, see "[AUTOTITLE](/organizations/managing-organization-settings/upgrading-to-the-github-customer-agreement)." +An entity, such as a company, non-profit, or group, can agree to the Standard Terms of Service or the {% data variables.product.company_short %} Customer Agreement for their organization. For more information, see [AUTOTITLE](/organizations/managing-organization-settings/upgrading-to-the-github-customer-agreement). {% endif %} diff --git a/content/organizations/collaborating-with-groups-in-organizations/about-your-organization-dashboard.md b/content/organizations/collaborating-with-groups-in-organizations/about-your-organization-dashboard.md index 05aebf89b3bc..b93ae3084011 100644 --- a/content/organizations/collaborating-with-groups-in-organizations/about-your-organization-dashboard.md +++ b/content/organizations/collaborating-with-groups-in-organizations/about-your-organization-dashboard.md @@ -32,7 +32,7 @@ In the left sidebar of your dashboard, you can access your organization's top re In the "All activity" section of your news feed, you can view updates from other teams and repositories in your organization. -The "All activity" section shows all recent activity in the organization, including activity in repositories you're not subscribed to and of people you're not following. For more information, see "[AUTOTITLE](/account-and-profile/managing-subscriptions-and-notifications-on-github/setting-up-notifications/about-notifications)" and "[AUTOTITLE](/get-started/exploring-projects-on-github/following-people)." +The "All activity" section shows all recent activity in the organization, including activity in repositories you're not subscribed to and of people you're not following. For more information, see [AUTOTITLE](/account-and-profile/managing-subscriptions-and-notifications-on-github/setting-up-notifications/about-notifications) and [AUTOTITLE](/get-started/exploring-projects-on-github/following-people). For instance, the organization news feed shows updates when someone in the organization: * Creates a new branch. @@ -45,4 +45,4 @@ For instance, the organization news feed shows updates when someone in the organ ## Further information -* "[AUTOTITLE](/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-personal-account-settings/about-your-personal-dashboard)" +* [AUTOTITLE](/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-personal-account-settings/about-your-personal-dashboard) diff --git a/content/organizations/collaborating-with-groups-in-organizations/best-practices-for-organizations.md b/content/organizations/collaborating-with-groups-in-organizations/best-practices-for-organizations.md index f50df98f3e46..cfae6b63cfd6 100644 --- a/content/organizations/collaborating-with-groups-in-organizations/best-practices-for-organizations.md +++ b/content/organizations/collaborating-with-groups-in-organizations/best-practices-for-organizations.md @@ -13,23 +13,23 @@ topics: ## Assign multiple owners -{% data reusables.organizations.org-ownership-recommendation %} For more information, see "[AUTOTITLE](/organizations/managing-peoples-access-to-your-organization-with-roles/maintaining-ownership-continuity-for-your-organization)." +{% data reusables.organizations.org-ownership-recommendation %} For more information, see [AUTOTITLE](/organizations/managing-peoples-access-to-your-organization-with-roles/maintaining-ownership-continuity-for-your-organization). ## Use teams -We recommend using teams to facilitate collaboration in your organization. For more information, see "[AUTOTITLE](/organizations/organizing-members-into-teams/about-teams)." +We recommend using teams to facilitate collaboration in your organization. For more information, see [AUTOTITLE](/organizations/organizing-members-into-teams/about-teams). {% ifversion ghec %} -We highly recommend managing team membership through your identity provider (IdP). For more information, see "[AUTOTITLE](/organizations/managing-saml-single-sign-on-for-your-organization/managing-team-synchronization-for-your-organization)." +We highly recommend managing team membership through your identity provider (IdP). For more information, see [AUTOTITLE](/organizations/managing-saml-single-sign-on-for-your-organization/managing-team-synchronization-for-your-organization). {% data reusables.enterprise-accounts.emu-scim-note %} {% endif %} -We recommend keeping teams visible whenever possible and reserving secret teams for sensitive situations. For more information, see "[AUTOTITLE](/organizations/organizing-members-into-teams/changing-team-visibility)." +We recommend keeping teams visible whenever possible and reserving secret teams for sensitive situations. For more information, see [AUTOTITLE](/organizations/organizing-members-into-teams/changing-team-visibility). {% ifversion ghec or ghes %} ## Use security overview -{% data reusables.security-overview.about-security-overview %} For more information, see "[AUTOTITLE](/code-security/security-overview/about-security-overview)." +{% data reusables.security-overview.about-security-overview %} For more information, see [AUTOTITLE](/code-security/security-overview/about-security-overview). {% endif %} diff --git a/content/organizations/collaborating-with-groups-in-organizations/creating-a-new-organization-from-scratch.md b/content/organizations/collaborating-with-groups-in-organizations/creating-a-new-organization-from-scratch.md index 47319f9c3f6a..5f47df79d5fe 100644 --- a/content/organizations/collaborating-with-groups-in-organizations/creating-a-new-organization-from-scratch.md +++ b/content/organizations/collaborating-with-groups-in-organizations/creating-a-new-organization-from-scratch.md @@ -15,16 +15,16 @@ topics: shortTitle: Create new organization --- -When you create a new organization from scratch, it doesn't have any repositories associated with it. For more information on adding repositories to your organization, see "[AUTOTITLE](/repositories/creating-and-managing-repositories/creating-a-new-repository)" and "[AUTOTITLE](/repositories/creating-and-managing-repositories/transferring-a-repository)." +When you create a new organization from scratch, it doesn't have any repositories associated with it. For more information on adding repositories to your organization, see [AUTOTITLE](/repositories/creating-and-managing-repositories/creating-a-new-repository) and [AUTOTITLE](/repositories/creating-and-managing-repositories/transferring-a-repository). {% data reusables.user-settings.access_settings %} {% data reusables.user-settings.organizations %} {% data reusables.organizations.new-organization %} -1. Follow the prompts to create your organization. {% ifversion fpt or ghec %}For more information about the plans available for your team, see "[AUTOTITLE](/get-started/learning-about-github/githubs-plans)."{% endif %} +1. Follow the prompts to create your organization. {% ifversion fpt or ghec %}For more information about the plans available for your team, see [AUTOTITLE](/get-started/learning-about-github/githubs-plans).{% endif %} ## Further reading {% ifversion fpt or ghec %} -* "[AUTOTITLE](/billing/managing-your-github-billing-settings/setting-your-billing-email)"{% endif %} -* "[AUTOTITLE](/organizations/collaborating-with-groups-in-organizations/about-organizations)" -* "[AUTOTITLE](/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-your-personal-account/converting-a-user-into-an-organization)" +* [AUTOTITLE](/billing/managing-your-github-billing-settings/setting-your-billing-email){% endif %} +* [AUTOTITLE](/organizations/collaborating-with-groups-in-organizations/about-organizations) +* [AUTOTITLE](/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-your-personal-account/converting-a-user-into-an-organization) diff --git a/content/organizations/collaborating-with-groups-in-organizations/customizing-your-organizations-profile.md b/content/organizations/collaborating-with-groups-in-organizations/customizing-your-organizations-profile.md index 2846da22fd1a..95aa0d3e0781 100644 --- a/content/organizations/collaborating-with-groups-in-organizations/customizing-your-organizations-profile.md +++ b/content/organizations/collaborating-with-groups-in-organizations/customizing-your-organizations-profile.md @@ -28,7 +28,7 @@ Users who are not members of your organization will be shown a `public` view. You can give users easy access to important or frequently used repositories, by choosing up to six repositories for public users and six repositories for members of the organization. Once you pin repositories to your organization profile, the "Pinned" section is shown above the "Repositories" section of the profile page. -Only organization owners can pin repositories. For more information, see "[Pinning repositories to your organization's profile](#pinning-repositories-to-your-organizations-profile)." +Only organization owners can pin repositories. For more information, see [Pinning repositories to your organization's profile](#pinning-repositories-to-your-organizations-profile). ### Organization profile READMEs @@ -41,10 +41,10 @@ You can choose what information to include in your organization profile README. * An "About" section that describes your organization * Guidance for getting help in the organization -You can format text and include emoji, images, and GIFs in your organization profile README by using {% data variables.product.company_short %} Flavored Markdown. For more information, see "[AUTOTITLE](/get-started/writing-on-github/getting-started-with-writing-and-formatting-on-github)." +You can format text and include emoji, images, and GIFs in your organization profile README by using {% data variables.product.company_short %} Flavored Markdown. For more information, see [AUTOTITLE](/get-started/writing-on-github/getting-started-with-writing-and-formatting-on-github). {% ifversion enterprise-readme %} -If you manage multiple organizations with an enterprise account, you can help members learn about the different organizations in the enterprise by creating an enterprise README. For more information, see "[AUTOTITLE](/admin/managing-your-enterprise-account/creating-a-readme-for-an-enterprise)." +If you manage multiple organizations with an enterprise account, you can help members learn about the different organizations in the enterprise by creating an enterprise README. For more information, see [AUTOTITLE](/admin/managing-your-enterprise-account/creating-a-readme-for-an-enterprise). {% endif %} ## Adding a public organization profile README @@ -109,5 +109,5 @@ You can replace the identicon with an image that represents your organization. T ## Further reading -* "[AUTOTITLE](/repositories/managing-your-repositorys-settings-and-features/customizing-your-repository/about-readmes)" -* "[AUTOTITLE](/account-and-profile/setting-up-and-managing-your-github-profile/customizing-your-profile/managing-your-profile-readme)" +* [AUTOTITLE](/repositories/managing-your-repositorys-settings-and-features/customizing-your-repository/about-readmes) +* [AUTOTITLE](/account-and-profile/setting-up-and-managing-your-github-profile/customizing-your-profile/managing-your-profile-readme) diff --git a/content/organizations/collaborating-with-groups-in-organizations/viewing-insights-for-dependencies-in-your-organization.md b/content/organizations/collaborating-with-groups-in-organizations/viewing-insights-for-dependencies-in-your-organization.md index 3916900b74e2..2642fcdb8e80 100644 --- a/content/organizations/collaborating-with-groups-in-organizations/viewing-insights-for-dependencies-in-your-organization.md +++ b/content/organizations/collaborating-with-groups-in-organizations/viewing-insights-for-dependencies-in-your-organization.md @@ -37,7 +37,7 @@ With dependency insights you can view vulnerabilities, licenses, and other impor ## Further reading -* "[AUTOTITLE](/organizations/collaborating-with-groups-in-organizations/about-organizations)" -* "[AUTOTITLE](/code-security/supply-chain-security/understanding-your-software-supply-chain/exploring-the-dependencies-of-a-repository)" -* "[AUTOTITLE](/organizations/managing-organization-settings/changing-the-visibility-of-your-organizations-dependency-insights)" -* "[AUTOTITLE](/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-code-security-and-analysis-for-your-enterprise#enforcing-a-policy-for-visibility-of-dependency-insights)" +* [AUTOTITLE](/organizations/collaborating-with-groups-in-organizations/about-organizations) +* [AUTOTITLE](/code-security/supply-chain-security/understanding-your-software-supply-chain/exploring-the-dependencies-of-a-repository) +* [AUTOTITLE](/organizations/managing-organization-settings/changing-the-visibility-of-your-organizations-dependency-insights) +* [AUTOTITLE](/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-code-security-and-analysis-for-your-enterprise#enforcing-a-policy-for-visibility-of-dependency-insights) diff --git a/content/organizations/collaborating-with-your-team/about-team-discussions.md b/content/organizations/collaborating-with-your-team/about-team-discussions.md index 96220e0f651a..d51578b0ab9e 100644 --- a/content/organizations/collaborating-with-your-team/about-team-discussions.md +++ b/content/organizations/collaborating-with-your-team/about-team-discussions.md @@ -18,34 +18,34 @@ topics: Any organization member can post on your team's page or participate in a public discussion. {% data reusables.organizations.team-discussions-permissions %} -You can link to any team discussion to reference it elsewhere. You can pin important posts to your team's page for quick reference later. For more information, see "[AUTOTITLE](/organizations/collaborating-with-your-team/pinning-a-team-discussion)." +You can link to any team discussion to reference it elsewhere. You can pin important posts to your team's page for quick reference later. For more information, see [AUTOTITLE](/organizations/collaborating-with-your-team/pinning-a-team-discussion). -{% data reusables.organizations.team-discussions-default %} Owners can disable team discussions for the entire organization. For more information, see "[AUTOTITLE](/organizations/organizing-members-into-teams/disabling-team-discussions-for-your-organization)." +{% data reusables.organizations.team-discussions-default %} Owners can disable team discussions for the entire organization. For more information, see [AUTOTITLE](/organizations/organizing-members-into-teams/disabling-team-discussions-for-your-organization). ## Notifications for team discussions When someone posts or replies to a public discussion on a team's page, members of the team and members of any child teams receive email or web notifications. When someone posts or replies to a private discussion on a team's page, only members of the team receive notifications. > [!TIP] -> Depending on your notification settings, you'll receive updates by email, the web notifications page on {% data variables.product.product_name %}, or both. For more information, see "[AUTOTITLE](/account-and-profile/managing-subscriptions-and-notifications-on-github/setting-up-notifications/configuring-notifications)." +> Depending on your notification settings, you'll receive updates by email, the web notifications page on {% data variables.product.product_name %}, or both. For more information, see [AUTOTITLE](/account-and-profile/managing-subscriptions-and-notifications-on-github/setting-up-notifications/configuring-notifications). By default, if your username is mentioned in a team discussion, you'll receive notifications for the post mentioning your username and any replies to that post. Also, by default, if you reply to a post, you will receive notifications for other replies to the post. To turn off notifications for team discussions, you can unsubscribe to a specific discussion post or change your notification settings to unwatch or completely ignore a specific team's discussions. You can subscribe to notifications for a specific discussion post even if you're unwatching that team's discussions. -For more information, see "[AUTOTITLE](/account-and-profile/managing-subscriptions-and-notifications-on-github/managing-subscriptions-for-activity-on-github/viewing-your-subscriptions)" and "[AUTOTITLE](/organizations/organizing-members-into-teams/about-teams#nested-teams)." +For more information, see [AUTOTITLE](/account-and-profile/managing-subscriptions-and-notifications-on-github/managing-subscriptions-for-activity-on-github/viewing-your-subscriptions) and [AUTOTITLE](/organizations/organizing-members-into-teams/about-teams#nested-teams). {% ifversion fpt or ghec %} ## Organization discussions -You can also use organization discussions to facilitate conversations across your organization. For more information, see "[AUTOTITLE](/organizations/managing-organization-settings/enabling-or-disabling-github-discussions-for-an-organization)." +You can also use organization discussions to facilitate conversations across your organization. For more information, see [AUTOTITLE](/organizations/managing-organization-settings/enabling-or-disabling-github-discussions-for-an-organization). {% endif %} ## Further reading -* "[AUTOTITLE](/get-started/using-github/communicating-on-github)" -* "[AUTOTITLE](/organizations/organizing-members-into-teams/about-teams)" -* "[AUTOTITLE](/organizations/collaborating-with-your-team/creating-a-team-discussion)" -* "[AUTOTITLE](/organizations/collaborating-with-your-team/editing-or-deleting-a-team-discussion)" +* [AUTOTITLE](/get-started/using-github/communicating-on-github) +* [AUTOTITLE](/organizations/organizing-members-into-teams/about-teams) +* [AUTOTITLE](/organizations/collaborating-with-your-team/creating-a-team-discussion) +* [AUTOTITLE](/organizations/collaborating-with-your-team/editing-or-deleting-a-team-discussion) diff --git a/content/organizations/collaborating-with-your-team/creating-a-team-discussion.md b/content/organizations/collaborating-with-your-team/creating-a-team-discussion.md index f1246f1ecfa0..0bb24193f69c 100644 --- a/content/organizations/collaborating-with-your-team/creating-a-team-discussion.md +++ b/content/organizations/collaborating-with-your-team/creating-a-team-discussion.md @@ -16,7 +16,7 @@ shortTitle: Create a team discussion {% data reusables.organizations.team-discussions-migration %} {% endif %} -{% data reusables.organizations.team-discussions-permissions %} For more information, see "[AUTOTITLE](/organizations/collaborating-with-your-team/about-team-discussions)." +{% data reusables.organizations.team-discussions-permissions %} For more information, see [AUTOTITLE](/organizations/collaborating-with-your-team/about-team-discussions). {% data reusables.profile.access_org %} {% data reusables.user-settings.access_org %} @@ -28,6 +28,6 @@ shortTitle: Create a team discussion ## Further reading -* "[AUTOTITLE](/organizations/collaborating-with-your-team/about-team-discussions)" -* "[AUTOTITLE](/organizations/collaborating-with-your-team/editing-or-deleting-a-team-discussion)" -* "[AUTOTITLE](/organizations/collaborating-with-your-team/pinning-a-team-discussion)" +* [AUTOTITLE](/organizations/collaborating-with-your-team/about-team-discussions) +* [AUTOTITLE](/organizations/collaborating-with-your-team/editing-or-deleting-a-team-discussion) +* [AUTOTITLE](/organizations/collaborating-with-your-team/pinning-a-team-discussion) diff --git a/content/organizations/collaborating-with-your-team/editing-or-deleting-a-team-discussion.md b/content/organizations/collaborating-with-your-team/editing-or-deleting-a-team-discussion.md index 46dde803bea9..eb95e79a1428 100644 --- a/content/organizations/collaborating-with-your-team/editing-or-deleting-a-team-discussion.md +++ b/content/organizations/collaborating-with-your-team/editing-or-deleting-a-team-discussion.md @@ -27,6 +27,6 @@ shortTitle: Manage a team discussion ## Further reading -* "[AUTOTITLE](/organizations/collaborating-with-your-team/about-team-discussions)" -* "[AUTOTITLE](/organizations/collaborating-with-your-team/creating-a-team-discussion)" -* "[AUTOTITLE](/organizations/collaborating-with-your-team/pinning-a-team-discussion)" +* [AUTOTITLE](/organizations/collaborating-with-your-team/about-team-discussions) +* [AUTOTITLE](/organizations/collaborating-with-your-team/creating-a-team-discussion) +* [AUTOTITLE](/organizations/collaborating-with-your-team/pinning-a-team-discussion) diff --git a/content/organizations/collaborating-with-your-team/pinning-a-team-discussion.md b/content/organizations/collaborating-with-your-team/pinning-a-team-discussion.md index e01b3c260196..ea27163083c6 100644 --- a/content/organizations/collaborating-with-your-team/pinning-a-team-discussion.md +++ b/content/organizations/collaborating-with-your-team/pinning-a-team-discussion.md @@ -23,6 +23,6 @@ topics: ## Further reading -* "[AUTOTITLE](/organizations/collaborating-with-your-team/about-team-discussions)" -* "[AUTOTITLE](/organizations/collaborating-with-your-team/creating-a-team-discussion)" -* "[AUTOTITLE](/organizations/collaborating-with-your-team/editing-or-deleting-a-team-discussion)" +* [AUTOTITLE](/organizations/collaborating-with-your-team/about-team-discussions) +* [AUTOTITLE](/organizations/collaborating-with-your-team/creating-a-team-discussion) +* [AUTOTITLE](/organizations/collaborating-with-your-team/editing-or-deleting-a-team-discussion) diff --git a/content/organizations/granting-access-to-your-organization-with-saml-single-sign-on/about-two-factor-authentication-and-saml-single-sign-on.md b/content/organizations/granting-access-to-your-organization-with-saml-single-sign-on/about-two-factor-authentication-and-saml-single-sign-on.md index 6b845da2c9ee..fb6e64c2430c 100644 --- a/content/organizations/granting-access-to-your-organization-with-saml-single-sign-on/about-two-factor-authentication-and-saml-single-sign-on.md +++ b/content/organizations/granting-access-to-your-organization-with-saml-single-sign-on/about-two-factor-authentication-and-saml-single-sign-on.md @@ -12,9 +12,9 @@ topics: shortTitle: 2FA & SAML single sign-on --- -Two-factor authentication (2FA) provides basic authentication for organization members. By enabling 2FA, organization owners limit the likelihood that a member's account on {% data variables.product.prodname_dotcom %} could be compromised. For more information on 2FA, see "[AUTOTITLE](/authentication/securing-your-account-with-two-factor-authentication-2fa/about-two-factor-authentication)." +Two-factor authentication (2FA) provides basic authentication for organization members. By enabling 2FA, organization owners limit the likelihood that a member's account on {% data variables.product.prodname_dotcom %} could be compromised. For more information on 2FA, see [AUTOTITLE](/authentication/securing-your-account-with-two-factor-authentication-2fa/about-two-factor-authentication). -To add additional authentication measures, organization owners can also [enable SAML single sign-on (SSO)](/organizations/managing-saml-single-sign-on-for-your-organization/enabling-and-testing-saml-single-sign-on-for-your-organization) so that organization members must use single sign-on to access an organization. For more information on SAML SSO, see "[AUTOTITLE](/organizations/managing-saml-single-sign-on-for-your-organization/about-identity-and-access-management-with-saml-single-sign-on)." +To add additional authentication measures, organization owners can also [enable SAML single sign-on (SSO)](/organizations/managing-saml-single-sign-on-for-your-organization/enabling-and-testing-saml-single-sign-on-for-your-organization) so that organization members must use single sign-on to access an organization. For more information on SAML SSO, see [AUTOTITLE](/organizations/managing-saml-single-sign-on-for-your-organization/about-identity-and-access-management-with-saml-single-sign-on). If both 2FA and SAML SSO are enabled, organization members must do the following: * Use 2FA to log in to their account on {% data variables.product.prodname_dotcom %} @@ -23,4 +23,4 @@ If both 2FA and SAML SSO are enabled, organization members must do the following ## Further reading -* "[AUTOTITLE](/organizations/managing-saml-single-sign-on-for-your-organization/enforcing-saml-single-sign-on-for-your-organization)" +* [AUTOTITLE](/organizations/managing-saml-single-sign-on-for-your-organization/enforcing-saml-single-sign-on-for-your-organization) diff --git a/content/organizations/granting-access-to-your-organization-with-saml-single-sign-on/managing-bots-and-service-accounts-with-saml-single-sign-on.md b/content/organizations/granting-access-to-your-organization-with-saml-single-sign-on/managing-bots-and-service-accounts-with-saml-single-sign-on.md index eed77534722f..0319debfb470 100644 --- a/content/organizations/granting-access-to-your-organization-with-saml-single-sign-on/managing-bots-and-service-accounts-with-saml-single-sign-on.md +++ b/content/organizations/granting-access-to-your-organization-with-saml-single-sign-on/managing-bots-and-service-accounts-with-saml-single-sign-on.md @@ -19,4 +19,4 @@ To retain access for bots and service accounts, organization administrators can ## Further reading -* "[AUTOTITLE](/organizations/managing-saml-single-sign-on-for-your-organization/about-identity-and-access-management-with-saml-single-sign-on)" +* [AUTOTITLE](/organizations/managing-saml-single-sign-on-for-your-organization/about-identity-and-access-management-with-saml-single-sign-on) diff --git a/content/organizations/granting-access-to-your-organization-with-saml-single-sign-on/viewing-and-managing-a-members-saml-access-to-your-organization.md b/content/organizations/granting-access-to-your-organization-with-saml-single-sign-on/viewing-and-managing-a-members-saml-access-to-your-organization.md index 74497a6abd5b..c22c8cafcc4e 100644 --- a/content/organizations/granting-access-to-your-organization-with-saml-single-sign-on/viewing-and-managing-a-members-saml-access-to-your-organization.md +++ b/content/organizations/granting-access-to-your-organization-with-saml-single-sign-on/viewing-and-managing-a-members-saml-access-to-your-organization.md @@ -24,7 +24,7 @@ You can view and revoke each member's linked identity, active sessions, and auth {% data reusables.saml.about-linked-identities %} -When available, the entry will include SCIM data. For more information, see "[AUTOTITLE](/organizations/managing-saml-single-sign-on-for-your-organization/about-scim-for-organizations)." +When available, the entry will include SCIM data. For more information, see [AUTOTITLE](/organizations/managing-saml-single-sign-on-for-your-organization/about-scim-for-organizations). > [!WARNING] > For organizations using SCIM: @@ -68,5 +68,5 @@ When available, the entry will include SCIM data. For more information, see "[AU ## Further reading -* "[AUTOTITLE](/organizations/managing-saml-single-sign-on-for-your-organization/about-identity-and-access-management-with-saml-single-sign-on)"{% ifversion ghec %} -* "[AUTOTITLE](/admin/user-management/managing-users-in-your-enterprise/viewing-and-managing-a-users-saml-access-to-your-enterprise)"{% endif %} +* [AUTOTITLE](/organizations/managing-saml-single-sign-on-for-your-organization/about-identity-and-access-management-with-saml-single-sign-on){% ifversion ghec %} +* [AUTOTITLE](/admin/user-management/managing-users-in-your-enterprise/viewing-and-managing-a-users-saml-access-to-your-enterprise){% endif %} diff --git a/content/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/accessing-compliance-reports-for-your-organization.md b/content/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/accessing-compliance-reports-for-your-organization.md index 2fa9c37abaff..a0b016dcc053 100644 --- a/content/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/accessing-compliance-reports-for-your-organization.md +++ b/content/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/accessing-compliance-reports-for-your-organization.md @@ -31,6 +31,6 @@ You can access {% data variables.product.company_short %}'s compliance reports i ## Further reading -* "[AUTOTITLE](/admin/overview/accessing-compliance-reports-for-your-enterprise)" +* [AUTOTITLE](/admin/overview/accessing-compliance-reports-for-your-enterprise) {% endif %} diff --git a/content/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/audit-log-events-for-your-organization.md b/content/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/audit-log-events-for-your-organization.md index 59c4f8aedd51..30dd6b79bedc 100644 --- a/content/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/audit-log-events-for-your-organization.md +++ b/content/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/audit-log-events-for-your-organization.md @@ -16,7 +16,7 @@ autogenerated: audit-logs {% ifversion ghes %} > * This article contains the events available in the latest version of {% data variables.product.prodname_ghe_server %}. Some of the events may not be available in previous versions. {% endif %} -> * This article contains the events that may appear in your organization's audit log. For the events that can appear in a user account's security log{% ifversion ghec or ghes %} or the audit log for an enterprise{% endif %}, see "[AUTOTITLE](/authentication/keeping-your-account-and-data-secure/security-log-events){% ifversion ghec or ghes %}" and "[AUTOTITLE](/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/audit-log-events-for-your-enterprise)."{% else %}."{% endif %} +> * This article contains the events that may appear in your organization's audit log. For the events that can appear in a user account's security log{% ifversion ghec or ghes %} or the audit log for an enterprise{% endif %}, see [AUTOTITLE](/authentication/keeping-your-account-and-data-secure/security-log-events){% ifversion ghec or ghes %} and [AUTOTITLE](/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/audit-log-events-for-your-enterprise).{% else %}.{% endif %} > * {% data reusables.webhooks.webhooks-as-audit-log-alternative %} ## About audit log events for your organization diff --git a/content/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/displaying-ip-addresses-in-the-audit-log-for-your-organization.md b/content/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/displaying-ip-addresses-in-the-audit-log-for-your-organization.md index 07ceea1cc6ed..680edd3d91aa 100644 --- a/content/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/displaying-ip-addresses-in-the-audit-log-for-your-organization.md +++ b/content/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/displaying-ip-addresses-in-the-audit-log-for-your-organization.md @@ -24,13 +24,13 @@ You are responsible for meeting any legal obligations that accompany the viewing {% ifversion enterprise-audit-log-ip-addresses %} -Alternatively, you can configure IP addresses at the enterprise level. For more information, see "[Displaying IP addresses in the audit log for your enterprise](/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/displaying-ip-addresses-in-the-audit-log-for-your-enterprise)." +Alternatively, you can configure IP addresses at the enterprise level. For more information, see [Displaying IP addresses in the audit log for your enterprise](/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/displaying-ip-addresses-in-the-audit-log-for-your-enterprise). {% endif %} {% data reusables.audit_log.users-agree-to-ip-collection %} -After you enable the feature, you can access the audit log to view events that include IP addresses. For more information, see "[AUTOTITLE](/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/reviewing-the-audit-log-for-your-organization)." +After you enable the feature, you can access the audit log to view events that include IP addresses. For more information, see [AUTOTITLE](/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/reviewing-the-audit-log-for-your-organization). ## Events that display IP addresses in the audit log diff --git a/content/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/identifying-audit-log-events-performed-by-an-access-token.md b/content/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/identifying-audit-log-events-performed-by-an-access-token.md index 79c32fc53149..b44bb3010ae6 100644 --- a/content/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/identifying-audit-log-events-performed-by-an-access-token.md +++ b/content/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/identifying-audit-log-events-performed-by-an-access-token.md @@ -49,7 +49,7 @@ curl --header "Accept: application/vnd.github+json" --header "Authorization: Bea ### Identifying Git events -{% data reusables.audit_log.you-can-identify-git-events %} For more information, see "[AUTOTITLE](/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/reviewing-the-audit-log-for-your-organization#exporting-the-audit-log)." +{% data reusables.audit_log.you-can-identify-git-events %} For more information, see [AUTOTITLE](/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/reviewing-the-audit-log-for-your-organization#exporting-the-audit-log). {% data reusables.audit_log.authentication-metadata-git-events-release-phase %} @@ -57,5 +57,5 @@ curl --header "Accept: application/vnd.github+json" --header "Authorization: Bea ## Further reading -* "[AUTOTITLE](/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/using-the-audit-log-api-for-your-enterprise)" -* "[AUTOTITLE](/enterprise-cloud@latest/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/identifying-audit-log-events-performed-by-an-access-token)" +* [AUTOTITLE](/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/using-the-audit-log-api-for-your-enterprise) +* [AUTOTITLE](/enterprise-cloud@latest/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/identifying-audit-log-events-performed-by-an-access-token) diff --git a/content/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-allowed-ip-addresses-for-your-organization.md b/content/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-allowed-ip-addresses-for-your-organization.md index 6da93117d5b7..2f10ee6ba66c 100644 --- a/content/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-allowed-ip-addresses-for-your-organization.md +++ b/content/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-allowed-ip-addresses-for-your-organization.md @@ -33,9 +33,9 @@ By default, authorized users can access your organization's resources from any I {% data reusables.identity-and-permissions.ip-allow-lists-enable %} -If you set up an allow list you can also choose to automatically add to your allow list any IP addresses configured for {% data variables.product.prodname_github_apps %} that you install in your organization. The creator of a {% data variables.product.prodname_github_app %} can configure an allow list for their application, specifying the IP addresses at which the application runs. By inheriting their allow list into yours, you avoid connection requests from the application being refused. For more information, see "[Allowing access by {% data variables.product.prodname_github_apps %}](#allowing-access-by-github-apps)." +If you set up an allow list you can also choose to automatically add to your allow list any IP addresses configured for {% data variables.product.prodname_github_apps %} that you install in your organization. The creator of a {% data variables.product.prodname_github_app %} can configure an allow list for their application, specifying the IP addresses at which the application runs. By inheriting their allow list into yours, you avoid connection requests from the application being refused. For more information, see [Allowing access by {% data variables.product.prodname_github_apps %}](#allowing-access-by-github-apps). -You can also configure allowed IP addresses at the enterprise account level, and the entries in the enterprise account's allow list are inherited by all the organizations owned by the enterprise. {% data reusables.identity-and-permissions.org-enterprise-allow-list-interaction %} For more information, see "[AUTOTITLE](/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-security-settings-in-your-enterprise#managing-allowed-ip-addresses-for-organizations-in-your-enterprise)." +You can also configure allowed IP addresses at the enterprise account level, and the entries in the enterprise account's allow list are inherited by all the organizations owned by the enterprise. {% data reusables.identity-and-permissions.org-enterprise-allow-list-interaction %} For more information, see [AUTOTITLE](/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-security-settings-in-your-enterprise#managing-allowed-ip-addresses-for-organizations-in-your-enterprise). > [!WARNING] > Losing access to the IP addresses in your IP allow list could result in unintended consequences, such as getting locked out of your enterprise or organization. @@ -79,7 +79,7 @@ If you're using an allow list, you can also choose to automatically add to your {% data reusables.apps.ip-allow-list-only-apps %} -For more information about how to create an allow list for a {% data variables.product.prodname_github_app %} you have created, see "[AUTOTITLE](/apps/maintaining-github-apps/managing-allowed-ip-addresses-for-a-github-app)." +For more information about how to create an allow list for a {% data variables.product.prodname_github_app %} you have created, see [AUTOTITLE](/apps/maintaining-github-apps/managing-allowed-ip-addresses-for-a-github-app). {% data reusables.profile.access_org %} {% data reusables.profile.org_settings %} diff --git a/content/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-security-and-analysis-settings-for-your-organization.md b/content/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-security-and-analysis-settings-for-your-organization.md index 5fb308a0ca01..79ee7a2a76aa 100644 --- a/content/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-security-and-analysis-settings-for-your-organization.md +++ b/content/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-security-and-analysis-settings-for-your-organization.md @@ -20,7 +20,7 @@ shortTitle: Manage security & analysis {% data variables.product.prodname_dotcom %} can help you to secure the repositories in your organization. You can manage the security and analysis features for all existing or new repositories that members create in your organization. {% ifversion ghec %}If you have a license for {% data variables.product.prodname_GH_advanced_security %} then you can also manage access to these features. {% data reusables.advanced-security.more-info-ghas %}{% endif %}{% ifversion fpt %}Organizations that use {% data variables.product.prodname_ghe_cloud %} with a license for {% data variables.product.prodname_GH_advanced_security %} can also manage access to these features. For more information, see [the {% data variables.product.prodname_ghe_cloud %} documentation](/enterprise-cloud@latest/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-security-and-analysis-settings-for-your-organization).{% endif %} -{% ifversion ghec or ghes %}If your organization is owned by an enterprise with a license for {% data variables.product.prodname_GH_advanced_security %}, then extra options for managing security and analysis settings may be available. For more information, see "[AUTOTITLE](/admin/code-security/managing-github-advanced-security-for-your-enterprise/managing-github-advanced-security-features-for-your-enterprise)."{% endif %} +{% ifversion ghec or ghes %}If your organization is owned by an enterprise with a license for {% data variables.product.prodname_GH_advanced_security %}, then extra options for managing security and analysis settings may be available. For more information, see [AUTOTITLE](/admin/code-security/managing-github-advanced-security-for-your-enterprise/managing-github-advanced-security-features-for-your-enterprise).{% endif %} {% data reusables.security.some-security-and-analysis-features-are-enabled-by-default %} {% ifversion security-configurations %} @@ -46,22 +46,22 @@ If you have a license for {% data variables.product.prodname_GH_advanced_securit You can enable or disable features for all repositories. {% ifversion code-security-multi-repo-enablement %} -You can use security overview to find a set of repositories and enable or disable security features for them all at the same time. For more information, see "[AUTOTITLE](/code-security/security-overview/enabling-security-features-for-multiple-repositories)." +You can use security overview to find a set of repositories and enable or disable security features for them all at the same time. For more information, see [AUTOTITLE](/code-security/security-overview/enabling-security-features-for-multiple-repositories). {% endif %} {% data reusables.advanced-security.note-org-enable-uses-seats %} > [!NOTE] -> If you encounter an error that reads "GitHub Advanced Security cannot be enabled because of a policy setting for the organization," contact your enterprise admin and ask them to change the GitHub Advanced Security policy for your enterprise. For more information, see "[AUTOTITLE](/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-code-security-and-analysis-for-your-enterprise)." +> If you encounter an error that reads "GitHub Advanced Security cannot be enabled because of a policy setting for the organization," contact your enterprise admin and ask them to change the GitHub Advanced Security policy for your enterprise. For more information, see [AUTOTITLE](/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-code-security-and-analysis-for-your-enterprise). {% ifversion dependabot-alerts-enterprise-enablement %} > [!NOTE] -> When {% data variables.product.prodname_dependabot_alerts %} are enabled or disabled at the enterprise level, it overrides the organization level settings for {% data variables.product.prodname_dependabot_alerts %}. For more information, see "[AUTOTITLE](/code-security/dependabot/dependabot-alerts/configuring-dependabot-alerts#managing-dependabot-alerts-for-your-enterprise)." +> When {% data variables.product.prodname_dependabot_alerts %} are enabled or disabled at the enterprise level, it overrides the organization level settings for {% data variables.product.prodname_dependabot_alerts %}. For more information, see [AUTOTITLE](/code-security/dependabot/dependabot-alerts/configuring-dependabot-alerts#managing-dependabot-alerts-for-your-enterprise). {% endif %} -1. Go to the security and analysis settings for your organization. For more information, see "[Displaying the security and analysis settings](#displaying-the-security-and-analysis-settings)." +1. Go to the security and analysis settings for your organization. For more information, see [Displaying the security and analysis settings](#displaying-the-security-and-analysis-settings). 1. Under "Code security and analysis", to the right of the feature, click **Disable all** or **Enable all** to display a confirmation dialog box. The control for "{% data variables.product.prodname_GH_advanced_security %}" is disabled if you have no available {% ifversion ghas-billing-UI-update %}licenses{% else %}seats{% endif %} for {% data variables.product.prodname_GH_advanced_security %}. 1. Review the information in the dialog box. 1. Optionally, if you are enabling private vulnerability reporting, dependency graph, or {% data variables.product.prodname_dependabot %}, select **Enable by default for new repositories**. @@ -75,24 +75,24 @@ You can use security overview to find a set of repositories and enable or disabl > [!NOTE] > * {% data reusables.code-scanning.limitation-org-enable-all %}{% ifversion bulk-code-scanning-query-suite %} - > * Enabling {% data variables.product.prodname_code_scanning %} for all eligible repositories in an organization will not override existing {% data variables.product.prodname_code_scanning %} configurations. For information on configuring default setup with different settings for specific repositories, see "[AUTOTITLE](/code-security/code-scanning/enabling-code-scanning/configuring-default-setup-for-code-scanning){% ifversion code-security-multi-repo-enablement %}" and "[AUTOTITLE](/code-security/code-scanning/enabling-code-scanning/configuring-default-setup-for-code-scanning-at-scale#configuring-default-setup-for-a-subset-of-repositories-in-an-organization){% endif %}."{% endif %} + > * Enabling {% data variables.product.prodname_code_scanning %} for all eligible repositories in an organization will not override existing {% data variables.product.prodname_code_scanning %} configurations. For information on configuring default setup with different settings for specific repositories, see [AUTOTITLE](/code-security/code-scanning/enabling-code-scanning/configuring-default-setup-for-code-scanning){% ifversion code-security-multi-repo-enablement %} and [AUTOTITLE](/code-security/code-scanning/enabling-code-scanning/configuring-default-setup-for-code-scanning-at-scale#configuring-default-setup-for-a-subset-of-repositories-in-an-organization){% endif %}.{% endif %} {% data reusables.security.displayed-information %} ## Enabling or disabling a feature automatically when new repositories are added -1. Go to the security and analysis settings for your organization. For more information, see "[Displaying the security and analysis settings](#displaying-the-security-and-analysis-settings)." +1. Go to the security and analysis settings for your organization. For more information, see [Displaying the security and analysis settings](#displaying-the-security-and-analysis-settings). 1. Under "Code security and analysis", locate the feature, enable or disable the feature by default for new repositories in your organization. {% endif %} ## Allowing {% data variables.product.prodname_dependabot %} to access private{% ifversion ghec or ghes %} or internal{% endif %} dependencies -{% data variables.product.prodname_dependabot %} can check for outdated dependency references in a project and automatically generate a pull request to update them. To do this, {% data variables.product.prodname_dependabot %} must have access to all of the targeted dependency files. Typically, version updates will fail if one or more dependencies are inaccessible. For more information, see "[AUTOTITLE](/code-security/dependabot/dependabot-version-updates/about-dependabot-version-updates)." +{% data variables.product.prodname_dependabot %} can check for outdated dependency references in a project and automatically generate a pull request to update them. To do this, {% data variables.product.prodname_dependabot %} must have access to all of the targeted dependency files. Typically, version updates will fail if one or more dependencies are inaccessible. For more information, see [AUTOTITLE](/code-security/dependabot/dependabot-version-updates/about-dependabot-version-updates). By default, {% data variables.product.prodname_dependabot %} can't update dependencies that are located in private{% ifversion ghec or ghes %} or internal{% endif %} repositories, or private{% ifversion ghec or ghes %} or internal{% endif %} package registries. However, if a dependency is in a private{% ifversion ghec or ghes %} or internal{% endif %} {% data variables.product.prodname_dotcom %} repository within the same organization as the project that uses that dependency, you can allow {% data variables.product.prodname_dependabot %} to update the version successfully by giving it access to the host repository. -If your code depends on packages in a private{% ifversion ghec or ghes %} or internal{% endif %} registry, you can allow {% data variables.product.prodname_dependabot %} to update the versions of these dependencies by configuring this at the repository level. You do this by adding authentication details to the `dependabot.yml` file for the repository. For more information, see "[AUTOTITLE](/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file#configuration-options-for-private-registries)." +If your code depends on packages in a private{% ifversion ghec or ghes %} or internal{% endif %} registry, you can allow {% data variables.product.prodname_dependabot %} to update the versions of these dependencies by configuring this at the repository level. You do this by adding authentication details to the `dependabot.yml` file for the repository. For more information, see [AUTOTITLE](/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file#configuration-options-for-private-registries). {% ifversion ghec %} @@ -103,13 +103,13 @@ If your code depends on packages in a private{% ifversion ghec or ghes %} or int {% ifversion security-configurations %} - For more information on how to grant {% data variables.product.prodname_dependabot %} access to private{% ifversion ghec or ghes %} or internal{% endif %} dependencies, see "[AUTOTITLE](/code-security/securing-your-organization/enabling-security-features-in-your-organization/configuring-global-security-settings-for-your-organization#granting-dependabot-access-to-private-and-internal-repositories)." + For more information on how to grant {% data variables.product.prodname_dependabot %} access to private{% ifversion ghec or ghes %} or internal{% endif %} dependencies, see [AUTOTITLE](/code-security/securing-your-organization/enabling-security-features-in-your-organization/configuring-global-security-settings-for-your-organization#granting-dependabot-access-to-private-and-internal-repositories). {% else %} To allow {% data variables.product.prodname_dependabot %} to access a private or internal {% data variables.product.prodname_dotcom %} repository: -1. Go to the security and analysis settings for your organization. For more information, see "[Displaying the security and analysis settings](#displaying-the-security-and-analysis-settings)." +1. Go to the security and analysis settings for your organization. For more information, see [Displaying the security and analysis settings](#displaying-the-security-and-analysis-settings). 1. Under "Grant {% data variables.product.prodname_dependabot %} private repository access", click **Add internal and private repositories** to display a repository search field. ![Screenshot of the dropdown that you can use to search for repositories. As you type, repositories whose name matches your search criteria will appear in the list. The search text field is highlighted with a dark orange outline.](/assets/images/help/organizations/dependabot-private-repo-choose.png) @@ -124,16 +124,16 @@ To allow {% data variables.product.prodname_dependabot %} to access a private or {% ifversion security-configurations %} -You can use {% data variables.product.prodname_security_configurations %} to remove access to {% data variables.product.prodname_GH_advanced_security %} from individual repositories in an organization. For more information, see "[AUTOTITLE](/code-security/securing-your-organization/managing-the-security-of-your-organization/managing-your-github-advanced-security-license-usage#turning-off-github-advanced-security-features-on-select-repositories-in-your-organization)." +You can use {% data variables.product.prodname_security_configurations %} to remove access to {% data variables.product.prodname_GH_advanced_security %} from individual repositories in an organization. For more information, see [AUTOTITLE](/code-security/securing-your-organization/managing-the-security-of-your-organization/managing-your-github-advanced-security-license-usage#turning-off-github-advanced-security-features-on-select-repositories-in-your-organization). {% else %} -You can manage access to {% data variables.product.prodname_GH_advanced_security %} features for a repository from its "Settings" tab. For more information, see "[AUTOTITLE](/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-security-and-analysis-settings-for-your-repository)." However, you can also disable {% data variables.product.prodname_GH_advanced_security %} features for a repository from the "Settings" tab for the organization. +You can manage access to {% data variables.product.prodname_GH_advanced_security %} features for a repository from its "Settings" tab. For more information, see [AUTOTITLE](/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-security-and-analysis-settings-for-your-repository). However, you can also disable {% data variables.product.prodname_GH_advanced_security %} features for a repository from the "Settings" tab for the organization. -1. Go to the security and analysis settings for your organization. For more information, see "[Displaying the security and analysis settings](#displaying-the-security-and-analysis-settings)." +1. Go to the security and analysis settings for your organization. For more information, see [Displaying the security and analysis settings](#displaying-the-security-and-analysis-settings). 1. To see a list of all the repositories in your organization with {% data variables.product.prodname_GH_advanced_security %} enabled, scroll to the "{% data variables.product.prodname_GH_advanced_security %} repositories" section. - The table lists the number of unique committers for each repository. This is the number of {% ifversion ghas-billing-UI-update %}licenses{% else %}seats{% endif %} you could free up by removing access to {% data variables.product.prodname_GH_advanced_security %}. For more information, see "[AUTOTITLE](/billing/managing-billing-for-github-advanced-security/about-billing-for-github-advanced-security)." + The table lists the number of unique committers for each repository. This is the number of {% ifversion ghas-billing-UI-update %}licenses{% else %}seats{% endif %} you could free up by removing access to {% data variables.product.prodname_GH_advanced_security %}. For more information, see [AUTOTITLE](/billing/managing-billing-for-github-advanced-security/about-billing-for-github-advanced-security). 1. To remove access to {% data variables.product.prodname_GH_advanced_security %} from a repository and free up {% ifversion ghas-billing-UI-update %}licenses{% else %}seats{% endif %} used by any active committers that are unique to the repository, click the adjacent {% octicon "x" aria-label="X symbol" %}. 1. In the confirmation dialog, click **Remove repository** to remove access to the features of {% data variables.product.prodname_GH_advanced_security %}. @@ -144,7 +144,7 @@ You can manage access to {% data variables.product.prodname_GH_advanced_security ## Further reading -* "[AUTOTITLE](/code-security/getting-started/securing-your-repository)"{% ifversion not fpt %} -* "[AUTOTITLE](/code-security/secret-scanning/introduction/about-secret-scanning)"{% endif %} -* "[AUTOTITLE](/code-security/supply-chain-security/understanding-your-software-supply-chain/about-the-dependency-graph)" -* "[AUTOTITLE](/code-security/supply-chain-security/understanding-your-software-supply-chain/about-supply-chain-security)" +* [AUTOTITLE](/code-security/getting-started/securing-your-repository){% ifversion not fpt %} +* [AUTOTITLE](/code-security/secret-scanning/introduction/about-secret-scanning){% endif %} +* [AUTOTITLE](/code-security/supply-chain-security/understanding-your-software-supply-chain/about-the-dependency-graph) +* [AUTOTITLE](/code-security/supply-chain-security/understanding-your-software-supply-chain/about-supply-chain-security) diff --git a/content/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/restricting-email-notifications-for-your-organization.md b/content/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/restricting-email-notifications-for-your-organization.md index abeb7beb8a54..4781afa4f91a 100644 --- a/content/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/restricting-email-notifications-for-your-organization.md +++ b/content/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/restricting-email-notifications-for-your-organization.md @@ -22,7 +22,7 @@ shortTitle: Restrict email notifications ## About email restrictions -When restricted email notifications are enabled in an organization, members can only use an email address associated with a verified or approved domain to receive email notifications about organization activity. For more information, see "[AUTOTITLE](/organizations/managing-organization-settings/verifying-or-approving-a-domain-for-your-organization)." +When restricted email notifications are enabled in an organization, members can only use an email address associated with a verified or approved domain to receive email notifications about organization activity. For more information, see [AUTOTITLE](/organizations/managing-organization-settings/verifying-or-approving-a-domain-for-your-organization). {% ifversion ghec %} @@ -33,13 +33,13 @@ When restricted email notifications are enabled in an organization, members can {% data reusables.notifications.email-restrictions-verification %} -Outside collaborators are not subject to restrictions on email notifications for verified or approved domains. For more information about outside collaborators, see "[AUTOTITLE](/organizations/managing-peoples-access-to-your-organization-with-roles/roles-in-an-organization#outside-collaborators)." +Outside collaborators are not subject to restrictions on email notifications for verified or approved domains. For more information about outside collaborators, see [AUTOTITLE](/organizations/managing-peoples-access-to-your-organization-with-roles/roles-in-an-organization#outside-collaborators). -If your organization is owned by an enterprise account, organization members will be able to receive notifications from any domains verified or approved for the enterprise account, in addition to any domains verified or approved for the organization. For more information, see "[AUTOTITLE](/admin/configuration/configuring-your-enterprise/verifying-or-approving-a-domain-for-your-enterprise)." +If your organization is owned by an enterprise account, organization members will be able to receive notifications from any domains verified or approved for the enterprise account, in addition to any domains verified or approved for the organization. For more information, see [AUTOTITLE](/admin/configuration/configuring-your-enterprise/verifying-or-approving-a-domain-for-your-enterprise). ## Restricting email notifications -Before you can restrict email notifications for your organization, you must verify or approve at least one domain for the organization, or an enterprise owner must have verified or approved at least one domain for the enterprise account. For more information about verifying and approving domains for an organization, see "[AUTOTITLE](/organizations/managing-organization-settings/verifying-or-approving-a-domain-for-your-organization)." +Before you can restrict email notifications for your organization, you must verify or approve at least one domain for the organization, or an enterprise owner must have verified or approved at least one domain for the enterprise account. For more information about verifying and approving domains for an organization, see [AUTOTITLE](/organizations/managing-organization-settings/verifying-or-approving-a-domain-for-your-organization). Users will not be notified when you enable email restrictions. It is your responsibility to inform users that, in the future, they will only receive email notifications related to your organization if they've added an email address belonging to a verified or approved domain to their account settings. diff --git a/content/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/reviewing-the-audit-log-for-your-organization.md b/content/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/reviewing-the-audit-log-for-your-organization.md index 9a4527e13b08..ab157f28c0b4 100644 --- a/content/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/reviewing-the-audit-log-for-your-organization.md +++ b/content/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/reviewing-the-audit-log-for-your-organization.md @@ -34,15 +34,15 @@ The audit log lists events triggered by activities that affect your organization ### Search based on the action performed -To search for specific events, use the `action` qualifier in your query. Actions listed in the audit log are grouped in different categories. For the full list of events in each category, see "[AUTOTITLE](/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/audit-log-events-for-your-organization)." +To search for specific events, use the `action` qualifier in your query. Actions listed in the audit log are grouped in different categories. For the full list of events in each category, see [AUTOTITLE](/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/audit-log-events-for-your-organization). | Category name | Description |------------------|------------------- | {% ifversion fpt or ghec %} | | `account` | Contains all activities related to your organization account. -| `advisory_credit` | Contains all activities related to crediting a contributor for a security advisory in the {% data variables.product.prodname_advisory_database %}. For more information, see "[AUTOTITLE](/code-security/security-advisories/working-with-repository-security-advisories/about-repository-security-advisories)." +| `advisory_credit` | Contains all activities related to crediting a contributor for a security advisory in the {% data variables.product.prodname_advisory_database %}. For more information, see [AUTOTITLE](/code-security/security-advisories/working-with-repository-security-advisories/about-repository-security-advisories). | {% endif %} | -| `auto_approve_personal_access_token_requests` | Contains activities related to your organization's approval policy for {% data variables.product.pat_v2 %}s. For more information, see "[AUTOTITLE](/organizations/managing-programmatic-access-to-your-organization/setting-a-personal-access-token-policy-for-your-organization)." +| `auto_approve_personal_access_token_requests` | Contains activities related to your organization's approval policy for {% data variables.product.pat_v2 %}s. For more information, see [AUTOTITLE](/organizations/managing-programmatic-access-to-your-organization/setting-a-personal-access-token-policy-for-your-organization). | {% ifversion fpt or ghec %} | | `billing` | Contains all activities related to your organization's billing. | `business` | Contains activities related to business settings for an enterprise. | @@ -54,12 +54,12 @@ To search for specific events, use the `action` qualifier in your query. Actions | `codespaces` | Contains all activities related to your organization's codespaces. | | `copilot` | Contains all activities related to your {% data variables.product.prodname_copilot_for_business %} or {% data variables.product.prodname_copilot_enterprise %} subscription. | {% endif %} | -| `dependabot_alerts` | Contains organization-level configuration activities for {% data variables.product.prodname_dependabot_alerts %} in existing repositories. For more information, see "[AUTOTITLE](/code-security/dependabot/dependabot-alerts/about-dependabot-alerts)." +| `dependabot_alerts` | Contains organization-level configuration activities for {% data variables.product.prodname_dependabot_alerts %} in existing repositories. For more information, see [AUTOTITLE](/code-security/dependabot/dependabot-alerts/about-dependabot-alerts). | `dependabot_alerts_new_repos` | Contains organization-level configuration activities for {% data variables.product.prodname_dependabot_alerts %} in new repositories created in the organization. -| `dependabot_security_updates` | Contains organization-level configuration activities for {% data variables.product.prodname_dependabot_security_updates %} in existing repositories. For more information, see "[AUTOTITLE](/code-security/dependabot/dependabot-security-updates/configuring-dependabot-security-updates)." +| `dependabot_security_updates` | Contains organization-level configuration activities for {% data variables.product.prodname_dependabot_security_updates %} in existing repositories. For more information, see [AUTOTITLE](/code-security/dependabot/dependabot-security-updates/configuring-dependabot-security-updates). | `dependabot_security_updates_new_repos` | Contains organization-level configuration activities for {% data variables.product.prodname_dependabot_security_updates %} for new repositories created in the organization. | {% ifversion fpt or ghec %} | -| `dependency_graph` | Contains organization-level configuration activities for dependency graphs for repositories. For more information, see "[AUTOTITLE](/code-security/supply-chain-security/understanding-your-software-supply-chain/about-the-dependency-graph)." +| `dependency_graph` | Contains organization-level configuration activities for dependency graphs for repositories. For more information, see [AUTOTITLE](/code-security/supply-chain-security/understanding-your-software-supply-chain/about-the-dependency-graph). | `dependency_graph_new_repos` | Contains organization-level configuration activities for new repositories created in the organization. | {% endif %} | | `discussion_post` | Contains all activities related to discussions posted to a team page. @@ -77,16 +77,16 @@ To search for specific events, use the `action` qualifier in your query. Actions | `marketplace_agreement_signature` | Contains all activities related to signing the {% data variables.product.prodname_marketplace %} Developer Agreement. | `marketplace_listing` | Contains all activities related to listing apps in {% data variables.product.prodname_marketplace %}. | | {% endif %} | -| `members_can_create_pages` | Contains all activities related to managing the publication of {% data variables.product.prodname_pages %} sites for repositories in the organization. For more information, see "[AUTOTITLE](/organizations/managing-organization-settings/managing-the-publication-of-github-pages-sites-for-your-organization)." | +| `members_can_create_pages` | Contains all activities related to managing the publication of {% data variables.product.prodname_pages %} sites for repositories in the organization. For more information, see [AUTOTITLE](/organizations/managing-organization-settings/managing-the-publication-of-github-pages-sites-for-your-organization). | | `org` | Contains activities related to organization membership. | {% ifversion ghec %} | | `org_credential_authorization` | Contains all activities related to authorizing credentials for use with SAML single sign-on. | | {% endif %} | | {% ifversion secret-scanning-validity-check-audit-log %} | -| `org_secret_scanning_automatic_validity_checks` | Contains organization-level activities related to enabling and disabling automatic validity checks for {% data variables.product.prodname_secret_scanning %}. For more information, see "[AUTOTITLE](/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-security-and-analysis-settings-for-your-organization#allowing-validity-checks-for-partner-patterns-in-an-organization)." +| `org_secret_scanning_automatic_validity_checks` | Contains organization-level activities related to enabling and disabling automatic validity checks for {% data variables.product.prodname_secret_scanning %}. For more information, see [AUTOTITLE](/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-security-and-analysis-settings-for-your-organization#allowing-validity-checks-for-partner-patterns-in-an-organization). | {% endif %} | | {% ifversion secret-scanning-audit-log-custom-patterns %} | -| `org_secret_scanning_custom_pattern` | Contains organization-level activities related to {% data variables.product.prodname_secret_scanning %} custom patterns. For more information, see "[AUTOTITLE](/code-security/secret-scanning/using-advanced-secret-scanning-and-push-protection-features/custom-patterns/defining-custom-patterns-for-secret-scanning)." +| `org_secret_scanning_custom_pattern` | Contains organization-level activities related to {% data variables.product.prodname_secret_scanning %} custom patterns. For more information, see [AUTOTITLE](/code-security/secret-scanning/using-advanced-secret-scanning-and-push-protection-features/custom-patterns/defining-custom-patterns-for-secret-scanning). | {% endif %} | | `organization_default_label` | Contains all activities related to default labels for repositories in your organization. | `oauth_application` | Contains all activities related to {% data variables.product.prodname_oauth_apps %}. @@ -94,30 +94,30 @@ To search for specific events, use the `action` qualifier in your query. Actions | {% ifversion fpt or ghec %} | | `payment_method` | Contains all activities related to how your organization pays for GitHub. | {% endif %} | -| `personal_access_token` | Contains activities related to {% data variables.product.pat_v2 %}s in your organization. For more information, see "[AUTOTITLE](/authentication/keeping-your-account-and-data-secure/creating-a-personal-access-token)." +| `personal_access_token` | Contains activities related to {% data variables.product.pat_v2 %}s in your organization. For more information, see [AUTOTITLE](/authentication/keeping-your-account-and-data-secure/creating-a-personal-access-token). | `profile_picture`| Contains all activities related to your organization's profile picture. | `project` | Contains all activities related to {% data variables.projects.projects_v1_boards %}. | `protected_branch` | Contains all activities related to protected branches. | `repo` | Contains activities related to the repositories owned by your organization. | {% ifversion fpt or ghec %} | -| `repository_advisory` | Contains repository-level activities related to security advisories in the {% data variables.product.prodname_advisory_database %}. For more information, see "[AUTOTITLE](/code-security/security-advisories/working-with-repository-security-advisories/about-repository-security-advisories)." -| `repository_content_analysis` | Contains all activities related to enabling or disabling data use for a private repository. For more information, see "[AUTOTITLE](/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-security-and-analysis-settings-for-your-repository#enabling-or-disabling-security-and-analysis-features-for-private-repositories)." -| `repository_dependency_graph` | Contains repository-level activities related to enabling or disabling the dependency graph for a {% ifversion fpt or ghec %}private {% endif %}repository. For more information, see "[AUTOTITLE](/code-security/supply-chain-security/understanding-your-software-supply-chain/about-the-dependency-graph)." +| `repository_advisory` | Contains repository-level activities related to security advisories in the {% data variables.product.prodname_advisory_database %}. For more information, see [AUTOTITLE](/code-security/security-advisories/working-with-repository-security-advisories/about-repository-security-advisories). +| `repository_content_analysis` | Contains all activities related to enabling or disabling data use for a private repository. For more information, see [AUTOTITLE](/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-security-and-analysis-settings-for-your-repository#enabling-or-disabling-security-and-analysis-features-for-private-repositories). +| `repository_dependency_graph` | Contains repository-level activities related to enabling or disabling the dependency graph for a {% ifversion fpt or ghec %}private {% endif %}repository. For more information, see [AUTOTITLE](/code-security/supply-chain-security/understanding-your-software-supply-chain/about-the-dependency-graph). | {% endif %} | | {% ifversion ghes or ghec %} | -| `repository_secret_scanning` | Contains repository-level activities related to {% data variables.product.prodname_secret_scanning %}. For more information, see "[AUTOTITLE](/code-security/secret-scanning/introduction/about-secret-scanning)." +| `repository_secret_scanning` | Contains repository-level activities related to {% data variables.product.prodname_secret_scanning %}. For more information, see [AUTOTITLE](/code-security/secret-scanning/introduction/about-secret-scanning). | {% endif %} | | {% ifversion secret-scanning-validity-check-audit-log %} | -| `repository_secret_scanning_automatic_validity_checks` | Contains repository-level activities related to enabling and disabling automatic validity checks for {% data variables.product.prodname_secret_scanning %}. For more information, see "[AUTOTITLE](/code-security/secret-scanning/enabling-secret-scanning-features/enabling-secret-scanning-for-your-repository)." +| `repository_secret_scanning_automatic_validity_checks` | Contains repository-level activities related to enabling and disabling automatic validity checks for {% data variables.product.prodname_secret_scanning %}. For more information, see [AUTOTITLE](/code-security/secret-scanning/enabling-secret-scanning-features/enabling-secret-scanning-for-your-repository). | {% endif %} | | {% ifversion secret-scanning-audit-log-custom-patterns %} | -| `repository_secret_scanning_custom_pattern` | Contains repository-level activities related to {% data variables.product.prodname_secret_scanning %} custom patterns. For more information, see "[AUTOTITLE](/code-security/secret-scanning/using-advanced-secret-scanning-and-push-protection-features/custom-patterns/defining-custom-patterns-for-secret-scanning)." | +| `repository_secret_scanning_custom_pattern` | Contains repository-level activities related to {% data variables.product.prodname_secret_scanning %} custom patterns. For more information, see [AUTOTITLE](/code-security/secret-scanning/using-advanced-secret-scanning-and-push-protection-features/custom-patterns/defining-custom-patterns-for-secret-scanning). | | {% endif %} | | {% ifversion secret-scanning-custom-pattern-push-protection-audit %} | -| `repository_secret_scanning_custom_pattern_push_protection`| Contains repository-level activities related to push protection of a custom pattern for {% data variables.product.prodname_secret_scanning %}. For more information, see "[AUTOTITLE](/code-security/secret-scanning/using-advanced-secret-scanning-and-push-protection-features/custom-patterns/defining-custom-patterns-for-secret-scanning#defining-a-custom-pattern-for-a-repository)." +| `repository_secret_scanning_custom_pattern_push_protection`| Contains repository-level activities related to push protection of a custom pattern for {% data variables.product.prodname_secret_scanning %}. For more information, see [AUTOTITLE](/code-security/secret-scanning/using-advanced-secret-scanning-and-push-protection-features/custom-patterns/defining-custom-patterns-for-secret-scanning#defining-a-custom-pattern-for-a-repository). | {% endif %} | | {% ifversion secret-scanning-audit-log-custom-patterns %} | -| `repository_secret_scanning_push_protection` | Contains repository-level activities related to {% data variables.product.prodname_secret_scanning %} push protection. For more information, see "[AUTOTITLE](/code-security/secret-scanning/protecting-pushes-with-secret-scanning)." +| `repository_secret_scanning_push_protection` | Contains repository-level activities related to {% data variables.product.prodname_secret_scanning %} push protection. For more information, see [AUTOTITLE](/code-security/secret-scanning/protecting-pushes-with-secret-scanning). | {% endif %} | | `repository_vulnerability_alert` | Contains all activities related to [{% data variables.product.prodname_dependabot_alerts %}](/code-security/dependabot/dependabot-alerts/about-dependabot-alerts). | {% ifversion fpt or ghec %} | @@ -127,12 +127,12 @@ To search for specific events, use the `action` qualifier in your query. Actions | `role` | Contains all activities related to [custom repository roles](/organizations/managing-user-access-to-your-organizations-repositories/managing-repository-roles/managing-custom-repository-roles-for-an-organization). | {% endif %} | | {% ifversion ghes or ghec %} | -| `secret_scanning` | Contains organization-level configuration activities for {% data variables.product.prodname_secret_scanning %} in existing repositories. For more information, see "[AUTOTITLE](/code-security/secret-scanning/introduction/about-secret-scanning)." +| `secret_scanning` | Contains organization-level configuration activities for {% data variables.product.prodname_secret_scanning %} in existing repositories. For more information, see [AUTOTITLE](/code-security/secret-scanning/introduction/about-secret-scanning). | `secret_scanning_new_repos` | Contains organization-level configuration activities for {% data variables.product.prodname_secret_scanning %} for new repositories created in the organization. | {% endif %} | | {% ifversion fpt or ghec %} | -| `restore_member` | Triggered when an organization owner reinstates a member. For more information, see "[AUTOTITLE](/organizations/managing-membership-in-your-organization/reinstating-a-former-member-of-your-organization)."| -| `sponsors`| Contains all events related to sponsor buttons (see "[AUTOTITLE](/repositories/managing-your-repositorys-settings-and-features/customizing-your-repository/displaying-a-sponsor-button-in-your-repository)") +| `restore_member` | Triggered when an organization owner reinstates a member. For more information, see [AUTOTITLE](/organizations/managing-membership-in-your-organization/reinstating-a-former-member-of-your-organization).| +| `sponsors`| Contains all events related to sponsor buttons (see [AUTOTITLE](/repositories/managing-your-repositorys-settings-and-features/customizing-your-repository/displaying-a-sponsor-button-in-your-repository)) | {% endif %} | | `team` | Contains all activities related to teams in your organization. | {% ifversion team-discussions %} | @@ -178,7 +178,7 @@ Using the qualifier `country`, you can filter events in the audit log based on t ### Search based on access token -You can identify all events that were performed by a specific access token. For more information, see "[AUTOTITLE](/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/identifying-audit-log-events-performed-by-an-access-token)." +You can identify all events that were performed by a specific access token. For more information, see [AUTOTITLE](/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/identifying-audit-log-events-performed-by-an-access-token). {% endif %} @@ -216,18 +216,18 @@ To ensure your intellectual property is secure, and you maintain compliance for {% data reusables.audit_log.audit-log-api-info %} {% ifversion ghec %} -Note that you can't retrieve Git events using the GraphQL API. To retrieve Git events, use the REST API instead. For more information, see "[`git` category actions](/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/audit-log-events-for-your-organization#git)." +Note that you can't retrieve Git events using the GraphQL API. To retrieve Git events, use the REST API instead. For more information, see [`git` category actions](/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/audit-log-events-for-your-organization#git). {% endif %} The GraphQL response can include data for up to 90 to 120 days. -For example, you can make a GraphQL request to see all the new organization members added to your organization. For more information, see the "[AUTOTITLE](/graphql/reference/interfaces#auditentry/)." +For example, you can make a GraphQL request to see all the new organization members added to your organization. For more information, see the [AUTOTITLE](/graphql/reference/interfaces#auditentry/). {% ifversion ghec %} ### Using the REST API -To ensure your intellectual property is secure, and you maintain compliance for your organization, you can use the audit log REST API to keep copies of your audit log data. For more information about the specific events you can access using the REST API, see "[AUTOTITLE](/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/audit-log-events-for-your-organization)." +To ensure your intellectual property is secure, and you maintain compliance for your organization, you can use the audit log REST API to keep copies of your audit log data. For more information about the specific events you can access using the REST API, see [AUTOTITLE](/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/audit-log-events-for-your-organization). {% data reusables.audit_log.audit-log-git-events-retention %} @@ -239,13 +239,13 @@ When you use the REST API to request Git events, events that were initiated via {% endif %} -For more information about the audit log REST API, see "[AUTOTITLE](/rest/orgs#get-the-audit-log-for-an-organization)." +For more information about the audit log REST API, see [AUTOTITLE](/rest/orgs#get-the-audit-log-for-an-organization). {% endif %} {% endif %} # Further reading -* "[AUTOTITLE](/organizations/keeping-your-organization-secure)" +* [AUTOTITLE](/organizations/keeping-your-organization-secure) {%- ifversion fpt or ghec %} -* "[AUTOTITLE](/organizations/managing-membership-in-your-organization/exporting-member-information-for-your-organization)"{% endif %} +* [AUTOTITLE](/organizations/managing-membership-in-your-organization/exporting-member-information-for-your-organization){% endif %} diff --git a/content/organizations/keeping-your-organization-secure/managing-two-factor-authentication-for-your-organization/managing-bots-and-service-accounts-with-two-factor-authentication.md b/content/organizations/keeping-your-organization-secure/managing-two-factor-authentication-for-your-organization/managing-bots-and-service-accounts-with-two-factor-authentication.md index 9f2450873ce0..6673d08c4c4a 100644 --- a/content/organizations/keeping-your-organization-secure/managing-two-factor-authentication-for-your-organization/managing-bots-and-service-accounts-with-two-factor-authentication.md +++ b/content/organizations/keeping-your-organization-secure/managing-two-factor-authentication-for-your-organization/managing-bots-and-service-accounts-with-two-factor-authentication.md @@ -22,8 +22,8 @@ You should ensure that 2FA is enabled for unattended or shared access accounts i {% data variables.product.prodname_dotcom %} recommends the following steps for managing shared access to bots or service accounts with 2FA enabled. The steps ensure that only people who have access to a mailing list (controlled by you) and a centrally stored TOTP secret can sign in to the account. 1. Set up a mailing list for the bot or service account which has all of the account owners as members of the alias. -1. Add the new mailing list address as a verified email address in the settings of the shared account. For more information, see "[AUTOTITLE](/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-email-preferences/adding-an-email-address-to-your-github-account)." -1. If you haven't already done so, configure 2FA for the bot or service account using an authenticator app (TOTP). For more information, see "[AUTOTITLE](/authentication/securing-your-account-with-two-factor-authentication-2fa)." +1. Add the new mailing list address as a verified email address in the settings of the shared account. For more information, see [AUTOTITLE](/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-email-preferences/adding-an-email-address-to-your-github-account). +1. If you haven't already done so, configure 2FA for the bot or service account using an authenticator app (TOTP). For more information, see [AUTOTITLE](/authentication/securing-your-account-with-two-factor-authentication-2fa). 1. Store the TOTP secret that's offered during 2FA setup in the password manager used by your organization. > [!NOTE] diff --git a/content/organizations/keeping-your-organization-secure/managing-two-factor-authentication-for-your-organization/preparing-to-require-two-factor-authentication-in-your-organization.md b/content/organizations/keeping-your-organization-secure/managing-two-factor-authentication-for-your-organization/preparing-to-require-two-factor-authentication-in-your-organization.md index 64243fe145ca..ff6e0cc5b047 100644 --- a/content/organizations/keeping-your-organization-secure/managing-two-factor-authentication-for-your-organization/preparing-to-require-two-factor-authentication-in-your-organization.md +++ b/content/organizations/keeping-your-organization-secure/managing-two-factor-authentication-for-your-organization/preparing-to-require-two-factor-authentication-in-your-organization.md @@ -25,12 +25,12 @@ Members and billing managers will retain membership but not be able to access yo Before requiring 2FA in your organization, we recommend that you: -* Enable 2FA on your personal account{% ifversion fpt or ghec %} with a secure method {% endif %}. For more information, see "[AUTOTITLE](/authentication/securing-your-account-with-two-factor-authentication-2fa)." +* Enable 2FA on your personal account{% ifversion fpt or ghec %} with a secure method {% endif %}. For more information, see [AUTOTITLE](/authentication/securing-your-account-with-two-factor-authentication-2fa). * Ask the people in your organization to set up 2FA for their accounts{% ifversion fpt or ghec %} with secure methods{% endif %}. {% ifversion fpt or ghec %} -* View the 2FA security levels of users in your organization, to judge the impact of adding a 2FA requirement. For more information, see "[AUTOTITLE](/organizations/keeping-your-organization-secure/managing-two-factor-authentication-for-your-organization/viewing-whether-users-in-your-organization-have-2fa-enabled)." +* View the 2FA security levels of users in your organization, to judge the impact of adding a 2FA requirement. For more information, see [AUTOTITLE](/organizations/keeping-your-organization-secure/managing-two-factor-authentication-for-your-organization/viewing-whether-users-in-your-organization-have-2fa-enabled). {% else %} -* See whether users in your organization have 2FA enabled. For more information, see "[AUTOTITLE](/organizations/keeping-your-organization-secure/managing-two-factor-authentication-for-your-organization/viewing-whether-users-in-your-organization-have-2fa-enabled)." +* See whether users in your organization have 2FA enabled. For more information, see [AUTOTITLE](/organizations/keeping-your-organization-secure/managing-two-factor-authentication-for-your-organization/viewing-whether-users-in-your-organization-have-2fa-enabled). {% endif %} -* Enable 2FA for unattended or shared access accounts, such as bots and service accounts. For more information, see "[AUTOTITLE](/organizations/keeping-your-organization-secure/managing-two-factor-authentication-for-your-organization/managing-bots-and-service-accounts-with-two-factor-authentication)." +* Enable 2FA for unattended or shared access accounts, such as bots and service accounts. For more information, see [AUTOTITLE](/organizations/keeping-your-organization-secure/managing-two-factor-authentication-for-your-organization/managing-bots-and-service-accounts-with-two-factor-authentication). * Warn users that once 2FA is enabled, outside collaborators without 2FA are automatically removed from the organization, and members and billing managers will not be able to access your organization resources until they enable 2FA. diff --git a/content/organizations/keeping-your-organization-secure/managing-two-factor-authentication-for-your-organization/requiring-two-factor-authentication-in-your-organization.md b/content/organizations/keeping-your-organization-secure/managing-two-factor-authentication-for-your-organization/requiring-two-factor-authentication-in-your-organization.md index 1fba0bc509af..6bfcf5004cb2 100644 --- a/content/organizations/keeping-your-organization-secure/managing-two-factor-authentication-for-your-organization/requiring-two-factor-authentication-in-your-organization.md +++ b/content/organizations/keeping-your-organization-secure/managing-two-factor-authentication-for-your-organization/requiring-two-factor-authentication-in-your-organization.md @@ -22,27 +22,27 @@ product: 'Requiring two-factor authentication is available to organizations on a ## About two-factor authentication for organizations -{% data reusables.two_fa.about-2fa %} You can require all {% ifversion fpt or ghec %}members, outside collaborators, and billing managers{% else %}members and outside collaborators{% endif %} in your organization to enable two-factor authentication on {% data variables.product.product_name %}. For more information about two-factor authentication, see "[AUTOTITLE](/authentication/securing-your-account-with-two-factor-authentication-2fa)." +{% data reusables.two_fa.about-2fa %} You can require all {% ifversion fpt or ghec %}members, outside collaborators, and billing managers{% else %}members and outside collaborators{% endif %} in your organization to enable two-factor authentication on {% data variables.product.product_name %}. For more information about two-factor authentication, see [AUTOTITLE](/authentication/securing-your-account-with-two-factor-authentication-2fa). {% ifversion fpt or ghec %} -You can also require two-factor authentication for organizations in an enterprise. For more information, see "[AUTOTITLE](/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-security-settings-in-your-enterprise)." +You can also require two-factor authentication for organizations in an enterprise. For more information, see [AUTOTITLE](/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-security-settings-in-your-enterprise). > [!NOTE] > Some of the users in your organization may have been selected for mandatory two-factor authentication enrollment by {% data variables.product.prodname_dotcom %}, but it has no impact on how you enable the 2FA requirement for your organization. If you enable the 2FA requirement in your organization, all users without 2FA currently enabled will be removed from your organization, including those that are required to enable it by {% data variables.product.prodname_dotcom %}. > [!WARNING] > * When you require use of two-factor authentication for your organization, members and billing managers who do not use 2FA will not be able to access your organization's resources until they enable 2FA on their account. They will retain membership even without 2FA, including occupying seats in your organization. -> * When you require use of two-factor authentication for your organization, outside collaborators who do not use 2FA will be removed from the organization and lose access to its repositories. They will also lose access to their forks of the organization's private repositories. You can reinstate their access privileges and settings if they enable 2FA for their personal account within three months of their removal from your organization. For more information, see "[AUTOTITLE](/organizations/managing-membership-in-your-organization/reinstating-a-former-member-of-your-organization)." -> * You will also need to enable two-factor authentication for unattended or shared access accounts that are outside collaborators, such as bots and service accounts. If you do not configure 2FA for these unattended outside collaborator accounts after you've enabled required 2FA, the accounts will be removed from the organization and lose access to their repositories. For more information, see "[AUTOTITLE](/organizations/keeping-your-organization-secure/managing-two-factor-authentication-for-your-organization/managing-bots-and-service-accounts-with-two-factor-authentication)." +> * When you require use of two-factor authentication for your organization, outside collaborators who do not use 2FA will be removed from the organization and lose access to its repositories. They will also lose access to their forks of the organization's private repositories. You can reinstate their access privileges and settings if they enable 2FA for their personal account within three months of their removal from your organization. For more information, see [AUTOTITLE](/organizations/managing-membership-in-your-organization/reinstating-a-former-member-of-your-organization). +> * You will also need to enable two-factor authentication for unattended or shared access accounts that are outside collaborators, such as bots and service accounts. If you do not configure 2FA for these unattended outside collaborator accounts after you've enabled required 2FA, the accounts will be removed from the organization and lose access to their repositories. For more information, see [AUTOTITLE](/organizations/keeping-your-organization-secure/managing-two-factor-authentication-for-your-organization/managing-bots-and-service-accounts-with-two-factor-authentication). > * If an outside collaborator disables two-factor authentication for their personal account after you've enabled required 2FA, they will automatically be removed from the organization. > * If you're the sole owner of an organization that requires two-factor authentication, you won't be able to disable 2FA for your personal account without disabling required 2FA for the organization. {% else %} > [!WARNING] -> * When you require use of two-factor authentication for your organization, members and outside collaborators who do not use 2FA will be removed from the organization and lose access to its repositories. They will also lose access to their forks of the organization's private repositories. You can reinstate their access privileges and settings if they enable two-factor authentication for their personal account within three months of their removal from your organization. For more information, see "[AUTOTITLE](/organizations/managing-membership-in-your-organization/reinstating-a-former-member-of-your-organization)." -> * You will also need to enable 2FA for unattended or shared access accounts, such as bots and service accounts. If you do not configure 2FA for these unattended accounts after you've enabled required two-factor authentication, the accounts will be removed from the organization and lose access to their repositories. For more information, see "[AUTOTITLE](/organizations/keeping-your-organization-secure/managing-two-factor-authentication-for-your-organization/managing-bots-and-service-accounts-with-two-factor-authentication)." +> * When you require use of two-factor authentication for your organization, members and outside collaborators who do not use 2FA will be removed from the organization and lose access to its repositories. They will also lose access to their forks of the organization's private repositories. You can reinstate their access privileges and settings if they enable two-factor authentication for their personal account within three months of their removal from your organization. For more information, see [AUTOTITLE](/organizations/managing-membership-in-your-organization/reinstating-a-former-member-of-your-organization). +> * You will also need to enable 2FA for unattended or shared access accounts, such as bots and service accounts. If you do not configure 2FA for these unattended accounts after you've enabled required two-factor authentication, the accounts will be removed from the organization and lose access to their repositories. For more information, see [AUTOTITLE](/organizations/keeping-your-organization-secure/managing-two-factor-authentication-for-your-organization/managing-bots-and-service-accounts-with-two-factor-authentication). > * If an organization owner, member, or outside collaborator disables 2FA for their personal account after you've enabled required two-factor authentication, they will automatically be removed from the organization. > * If you're the sole owner of an organization that requires two-factor authentication, you won't be able to disable 2FA for your personal account without disabling required two-factor authentication for the organization. @@ -52,9 +52,9 @@ You can also require two-factor authentication for organizations in an enterpris ## Prerequisites -Before you can require {% ifversion fpt or ghec %}organization members, outside collaborators, and billing managers{% else %}organization members and outside collaborators{% endif %} to use two-factor authentication, you must enable 2FA for your account on {% data variables.product.product_name %}. For more information, see "[AUTOTITLE](/authentication/securing-your-account-with-two-factor-authentication-2fa)." +Before you can require {% ifversion fpt or ghec %}organization members, outside collaborators, and billing managers{% else %}organization members and outside collaborators{% endif %} to use two-factor authentication, you must enable 2FA for your account on {% data variables.product.product_name %}. For more information, see [AUTOTITLE](/authentication/securing-your-account-with-two-factor-authentication-2fa). -Before you require use of two-factor authentication, we recommend notifying {% ifversion fpt or ghec %}organization members, outside collaborators, and billing managers{% else %}organization members and outside collaborators{% endif %} and asking them to set up 2FA for their accounts. You can see if members and outside collaborators already use 2FA. For more information, see "[AUTOTITLE](/organizations/keeping-your-organization-secure/managing-two-factor-authentication-for-your-organization/viewing-whether-users-in-your-organization-have-2fa-enabled)." +Before you require use of two-factor authentication, we recommend notifying {% ifversion fpt or ghec %}organization members, outside collaborators, and billing managers{% else %}organization members and outside collaborators{% endif %} and asking them to set up 2FA for their accounts. You can see if members and outside collaborators already use 2FA. For more information, see [AUTOTITLE](/organizations/keeping-your-organization-secure/managing-two-factor-authentication-for-your-organization/viewing-whether-users-in-your-organization-have-2fa-enabled). ## Requiring two-factor authentication in your organization @@ -73,7 +73,7 @@ Before you require use of two-factor authentication, we recommend notifying {% i Alongside requiring two-factor authentication, you can require that organization members, billing managers, and outside collaborators use secure methods of 2FA. Secure two-factor methods are passkeys, security keys, authenticator apps, and the GitHub mobile app. Users who do not have a secure method of 2FA configured, or who have any insecure method configured, will be prevented from accessing organization resources. -Before you require secure methods of two-factor authentication, we recommend notifying organization members, outside collaborators, and billing managers and asking them to set up secure 2FA for their accounts. You can see if members and outside collaborators already use secure methods of 2FA on each organization's People page. For more information, see "[AUTOTITLE](/organizations/keeping-your-organization-secure/managing-two-factor-authentication-for-your-organization/viewing-whether-users-in-your-organization-have-2fa-enabled)." +Before you require secure methods of two-factor authentication, we recommend notifying organization members, outside collaborators, and billing managers and asking them to set up secure 2FA for their accounts. You can see if members and outside collaborators already use secure methods of 2FA on each organization's People page. For more information, see [AUTOTITLE](/organizations/keeping-your-organization-secure/managing-two-factor-authentication-for-your-organization/viewing-whether-users-in-your-organization-have-2fa-enabled). {% data reusables.organizations.secure_two_factor_authentication %} {% data reusables.organizations.secure_two_factor_authentication_confirm %} @@ -83,7 +83,7 @@ Before you require secure methods of two-factor authentication, we recommend not ## Viewing people who were removed from your organization -To view people who were automatically removed from your organization for non-compliance when you required two-factor authentication, you can search your organization's audit log for people removed from your organization. The audit log event will show if a person was removed for 2FA non-compliance. For more information, see "[AUTOTITLE](/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/reviewing-the-audit-log-for-your-organization#accessing-the-audit-log)." +To view people who were automatically removed from your organization for non-compliance when you required two-factor authentication, you can search your organization's audit log for people removed from your organization. The audit log event will show if a person was removed for 2FA non-compliance. For more information, see [AUTOTITLE](/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/reviewing-the-audit-log-for-your-organization#accessing-the-audit-log). {% data reusables.profile.access_org %} {% data reusables.profile.org_settings %} @@ -98,7 +98,7 @@ If any outside collaborators are removed from the organization when you enable r ## Further reading -* "[AUTOTITLE](/organizations/keeping-your-organization-secure/managing-two-factor-authentication-for-your-organization/viewing-whether-users-in-your-organization-have-2fa-enabled)" -* "[AUTOTITLE](/authentication/securing-your-account-with-two-factor-authentication-2fa)" -* "[AUTOTITLE](/organizations/managing-membership-in-your-organization/reinstating-a-former-member-of-your-organization)" -* "[AUTOTITLE](/organizations/managing-user-access-to-your-organizations-repositories/managing-outside-collaborators/reinstating-a-former-outside-collaborators-access-to-your-organization)" +* [AUTOTITLE](/organizations/keeping-your-organization-secure/managing-two-factor-authentication-for-your-organization/viewing-whether-users-in-your-organization-have-2fa-enabled) +* [AUTOTITLE](/authentication/securing-your-account-with-two-factor-authentication-2fa) +* [AUTOTITLE](/organizations/managing-membership-in-your-organization/reinstating-a-former-member-of-your-organization) +* [AUTOTITLE](/organizations/managing-user-access-to-your-organizations-repositories/managing-outside-collaborators/reinstating-a-former-outside-collaborators-access-to-your-organization) diff --git a/content/organizations/keeping-your-organization-secure/managing-two-factor-authentication-for-your-organization/viewing-whether-users-in-your-organization-have-2fa-enabled.md b/content/organizations/keeping-your-organization-secure/managing-two-factor-authentication-for-your-organization/viewing-whether-users-in-your-organization-have-2fa-enabled.md index 621ef0d66688..77b067271c76 100644 --- a/content/organizations/keeping-your-organization-secure/managing-two-factor-authentication-for-your-organization/viewing-whether-users-in-your-organization-have-2fa-enabled.md +++ b/content/organizations/keeping-your-organization-secure/managing-two-factor-authentication-for-your-organization/viewing-whether-users-in-your-organization-have-2fa-enabled.md @@ -16,7 +16,7 @@ shortTitle: View 2FA usage --- > [!NOTE] -> You can require that all members{% ifversion fpt or ghec %}, including, owners, billing managers and{% else %} and{% endif %} outside collaborators in your organization have two-factor authentication enabled{% ifversion fpt or ghec %}, as well as enforcing that they have secure methods configured {% endif %}. For more information, see "[AUTOTITLE](/organizations/keeping-your-organization-secure/managing-two-factor-authentication-for-your-organization/requiring-two-factor-authentication-in-your-organization)." +> You can require that all members{% ifversion fpt or ghec %}, including, owners, billing managers and{% else %} and{% endif %} outside collaborators in your organization have two-factor authentication enabled{% ifversion fpt or ghec %}, as well as enforcing that they have secure methods configured {% endif %}. For more information, see [AUTOTITLE](/organizations/keeping-your-organization-secure/managing-two-factor-authentication-for-your-organization/requiring-two-factor-authentication-in-your-organization). {% data reusables.profile.access_org %} {% data reusables.user-settings.access_org %} @@ -44,4 +44,4 @@ shortTitle: View 2FA usage ## Further reading -* "[AUTOTITLE](/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-your-membership-in-organizations/viewing-peoples-roles-in-an-organization)" +* [AUTOTITLE](/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-your-membership-in-organizations/viewing-peoples-roles-in-an-organization) diff --git a/content/organizations/managing-access-to-your-organizations-project-boards/managing-access-to-a-project-board-for-organization-members.md b/content/organizations/managing-access-to-your-organizations-project-boards/managing-access-to-a-project-board-for-organization-members.md index 1f587866babc..0cf824477ec5 100644 --- a/content/organizations/managing-access-to-your-organizations-project-boards/managing-access-to-a-project-board-for-organization-members.md +++ b/content/organizations/managing-access-to-your-organizations-project-boards/managing-access-to-a-project-board-for-organization-members.md @@ -20,7 +20,7 @@ By default, organization members have write access to their organization's {% da ## Setting a baseline permission level for all organization members > [!TIP] -> You can give an organization member higher permissions to {% data variables.projects.projects_v1_board %}. For more information, see "[AUTOTITLE](/organizations/managing-access-to-your-organizations-project-boards/project-board-permissions-for-an-organization)." +> You can give an organization member higher permissions to {% data variables.projects.projects_v1_board %}. For more information, see [AUTOTITLE](/organizations/managing-access-to-your-organizations-project-boards/project-board-permissions-for-an-organization). {% data reusables.profile.access_org %} {% data reusables.user-settings.access_org %} @@ -34,6 +34,6 @@ By default, organization members have write access to their organization's {% da ## Further reading -* "[AUTOTITLE](/organizations/managing-access-to-your-organizations-project-boards/managing-an-individuals-access-to-an-organization-project-board)" -* "[AUTOTITLE](/organizations/managing-access-to-your-organizations-project-boards/managing-team-access-to-an-organization-project-board)" -* "[AUTOTITLE](/organizations/managing-access-to-your-organizations-project-boards/project-board-permissions-for-an-organization)" +* [AUTOTITLE](/organizations/managing-access-to-your-organizations-project-boards/managing-an-individuals-access-to-an-organization-project-board) +* [AUTOTITLE](/organizations/managing-access-to-your-organizations-project-boards/managing-team-access-to-an-organization-project-board) +* [AUTOTITLE](/organizations/managing-access-to-your-organizations-project-boards/project-board-permissions-for-an-organization) diff --git a/content/organizations/managing-access-to-your-organizations-project-boards/managing-an-individuals-access-to-an-organization-project-board.md b/content/organizations/managing-access-to-your-organizations-project-boards/managing-an-individuals-access-to-an-organization-project-board.md index 8eb70ffff192..365c31604042 100644 --- a/content/organizations/managing-access-to-your-organizations-project-boards/managing-an-individuals-access-to-an-organization-project-board.md +++ b/content/organizations/managing-access-to-your-organizations-project-boards/managing-an-individuals-access-to-an-organization-project-board.md @@ -17,7 +17,7 @@ allowTitleToDifferFromFilename: true {% data reusables.projects.project_boards_old %} > [!NOTE] -> {% data reusables.project-management.cascading-permissions %} For more information, see "[AUTOTITLE](/organizations/managing-access-to-your-organizations-project-boards/project-board-permissions-for-an-organization)." +> {% data reusables.project-management.cascading-permissions %} For more information, see [AUTOTITLE](/organizations/managing-access-to-your-organizations-project-boards/project-board-permissions-for-an-organization). ## Giving an organization member access to a {% data variables.projects.projects_v1_board %} @@ -47,7 +47,7 @@ allowTitleToDifferFromFilename: true ## Removing an organization member's access to a {% data variables.projects.projects_v1_board %} -When you remove a collaborator from a {% data variables.projects.projects_v1_board %}, they may still retain access to the board based on the permissions they have for other roles. To completely remove access to a {% data variables.projects.projects_v1_board %}, you must remove access for each role the person has. For instance, a person may have access to the {% data variables.projects.projects_v1_board %} as an organization member or team member. For more information, see "[AUTOTITLE](/organizations/managing-access-to-your-organizations-project-boards/project-board-permissions-for-an-organization)." +When you remove a collaborator from a {% data variables.projects.projects_v1_board %}, they may still retain access to the board based on the permissions they have for other roles. To completely remove access to a {% data variables.projects.projects_v1_board %}, you must remove access for each role the person has. For instance, a person may have access to the {% data variables.projects.projects_v1_board %} as an organization member or team member. For more information, see [AUTOTITLE](/organizations/managing-access-to-your-organizations-project-boards/project-board-permissions-for-an-organization). {% data reusables.profile.access_org %} {% data reusables.user-settings.access_org %} @@ -61,4 +61,4 @@ When you remove a collaborator from a {% data variables.projects.projects_v1_boa ## Further reading -* "[AUTOTITLE](/organizations/managing-access-to-your-organizations-project-boards/project-board-permissions-for-an-organization)" +* [AUTOTITLE](/organizations/managing-access-to-your-organizations-project-boards/project-board-permissions-for-an-organization) diff --git a/content/organizations/managing-access-to-your-organizations-project-boards/managing-team-access-to-an-organization-project-board.md b/content/organizations/managing-access-to-your-organizations-project-boards/managing-team-access-to-an-organization-project-board.md index f491570279ee..e34bf6b441cb 100644 --- a/content/organizations/managing-access-to-your-organizations-project-boards/managing-team-access-to-an-organization-project-board.md +++ b/content/organizations/managing-access-to-your-organizations-project-boards/managing-team-access-to-an-organization-project-board.md @@ -17,14 +17,14 @@ allowTitleToDifferFromFilename: true > [!WARNING] > * You can change a team's permission level if the team has direct access to a {% data variables.projects.projects_v1_board %}. If the team's access to the {% data variables.projects.projects_v1_board %} is inherited from a parent team, you must change the parent team's access to the {% data variables.projects.projects_v1_board %}. -> * If you add or remove {% data variables.projects.projects_v1_board %} access for a parent team, each of that parent's child teams will also receive or lose access to the {% data variables.projects.projects_v1_board %}. For more information, see "[AUTOTITLE](/organizations/organizing-members-into-teams/about-teams)." +> * If you add or remove {% data variables.projects.projects_v1_board %} access for a parent team, each of that parent's child teams will also receive or lose access to the {% data variables.projects.projects_v1_board %}. For more information, see [AUTOTITLE](/organizations/organizing-members-into-teams/about-teams). ## Giving a team access to a {% data variables.projects.projects_v1_board %} You can give an entire team the same permission level to a {% data variables.projects.projects_v1_board %}. > [!NOTE] -> {% data reusables.project-management.cascading-permissions %} For example, if an organization owner has given a team read permissions to a {% data variables.projects.projects_v1_board %}, and a {% data variables.projects.projects_v1_board %} admin gives one of the team members admin permissions to that board as an individual collaborator, that person would have admin permissions to the {% data variables.projects.projects_v1_board %}. For more information see, "[AUTOTITLE](/organizations/managing-access-to-your-organizations-project-boards/project-board-permissions-for-an-organization)." +> {% data reusables.project-management.cascading-permissions %} For example, if an organization owner has given a team read permissions to a {% data variables.projects.projects_v1_board %}, and a {% data variables.projects.projects_v1_board %} admin gives one of the team members admin permissions to that board as an individual collaborator, that person would have admin permissions to the {% data variables.projects.projects_v1_board %}. For more information see, [AUTOTITLE](/organizations/managing-access-to-your-organizations-project-boards/project-board-permissions-for-an-organization). {% data reusables.profile.access_org %} {% data reusables.user-settings.access_org %} diff --git a/content/organizations/managing-access-to-your-organizations-project-boards/project-board-permissions-for-an-organization.md b/content/organizations/managing-access-to-your-organizations-project-boards/project-board-permissions-for-an-organization.md index 61dc2bcec1f2..dc543857c27c 100644 --- a/content/organizations/managing-access-to-your-organizations-project-boards/project-board-permissions-for-an-organization.md +++ b/content/organizations/managing-access-to-your-organizations-project-boards/project-board-permissions-for-an-organization.md @@ -25,8 +25,8 @@ Organization owners and people with admin permissions can give a person access t Organization owners and people with admin permissions to a {% data variables.projects.projects_v1_board %} can also: * Set default {% data variables.projects.projects_v1_board %} permissions for all organization members. -* Manage access to the {% data variables.projects.projects_v1_board %} for organization members, teams, and outside collaborators. For more information, see "[AUTOTITLE](/organizations/managing-access-to-your-organizations-project-boards/managing-team-access-to-an-organization-project-board)", "[AUTOTITLE](/organizations/managing-access-to-your-organizations-project-boards/managing-an-individuals-access-to-an-organization-project-board)", or "[AUTOTITLE](/organizations/managing-access-to-your-organizations-project-boards/managing-access-to-a-project-board-for-organization-members)." -* Manage {% data variables.projects.projects_v1_board %} visibility. For more information, see "[AUTOTITLE](/organizations/managing-access-to-your-organizations-project-boards/managing-access-to-a-project-board-for-organization-members)." +* Manage access to the {% data variables.projects.projects_v1_board %} for organization members, teams, and outside collaborators. For more information, see [AUTOTITLE](/organizations/managing-access-to-your-organizations-project-boards/managing-team-access-to-an-organization-project-board), [AUTOTITLE](/organizations/managing-access-to-your-organizations-project-boards/managing-an-individuals-access-to-an-organization-project-board), or [AUTOTITLE](/organizations/managing-access-to-your-organizations-project-boards/managing-access-to-a-project-board-for-organization-members). +* Manage {% data variables.projects.projects_v1_board %} visibility. For more information, see [AUTOTITLE](/organizations/managing-access-to-your-organizations-project-boards/managing-access-to-a-project-board-for-organization-members). ## Cascading permissions for {% data variables.projects.projects_v1_boards %} @@ -38,11 +38,11 @@ For example, if an organization owner has given all organization members read pe {% ifversion classic-project-visibility-permissions %}{% data reusables.projects.owners-can-limit-visibility-permissions %}{% endif %} -{% data reusables.project-management.project-board-visibility %} You can change the {% data variables.projects.projects_v1_board %}'s visibility from private to public and back again. For more information, see "[AUTOTITLE](/issues/organizing-your-work-with-project-boards/managing-project-boards/changing-project-board-visibility)." +{% data reusables.project-management.project-board-visibility %} You can change the {% data variables.projects.projects_v1_board %}'s visibility from private to public and back again. For more information, see [AUTOTITLE](/issues/organizing-your-work-with-project-boards/managing-project-boards/changing-project-board-visibility). ## Further reading -* "[AUTOTITLE](/issues/organizing-your-work-with-project-boards/managing-project-boards/changing-project-board-visibility)" -* "[AUTOTITLE](/organizations/managing-access-to-your-organizations-project-boards/managing-an-individuals-access-to-an-organization-project-board)" -* "[AUTOTITLE](/organizations/managing-access-to-your-organizations-project-boards/managing-team-access-to-an-organization-project-board)" -* "[AUTOTITLE](/organizations/managing-access-to-your-organizations-project-boards/managing-access-to-a-project-board-for-organization-members)" +* [AUTOTITLE](/issues/organizing-your-work-with-project-boards/managing-project-boards/changing-project-board-visibility) +* [AUTOTITLE](/organizations/managing-access-to-your-organizations-project-boards/managing-an-individuals-access-to-an-organization-project-board) +* [AUTOTITLE](/organizations/managing-access-to-your-organizations-project-boards/managing-team-access-to-an-organization-project-board) +* [AUTOTITLE](/organizations/managing-access-to-your-organizations-project-boards/managing-access-to-a-project-board-for-organization-members) diff --git a/content/organizations/managing-git-access-to-your-organizations-repositories/about-ssh-certificate-authorities.md b/content/organizations/managing-git-access-to-your-organizations-repositories/about-ssh-certificate-authorities.md index e3c3bbf15bea..ef0e72b4d7c1 100644 --- a/content/organizations/managing-git-access-to-your-organizations-repositories/about-ssh-certificate-authorities.md +++ b/content/organizations/managing-git-access-to-your-organizations-repositories/about-ssh-certificate-authorities.md @@ -21,11 +21,11 @@ An SSH certificate is a mechanism for one SSH key to sign another SSH key. If yo After you add an SSH CA to your organization or enterprise account, you can use the CA to sign client SSH certificates for organization members and outside collaborators. These organization contributors can use the signed certificates to access that organization's repositories. -Certificates added to your enterprise grant access to all organizations owned by your enterprise account. For more information, see "[AUTOTITLE](/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-security-settings-in-your-enterprise#managing-ssh-certificate-authorities-for-your-enterprise)." +Certificates added to your enterprise grant access to all organizations owned by your enterprise account. For more information, see [AUTOTITLE](/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-security-settings-in-your-enterprise#managing-ssh-certificate-authorities-for-your-enterprise). {% data reusables.organizations.can-require-ssh-cert %} -Optionally, you can require that members and outside collaborators use SSH certificates to access organization resources. For more information, see "[AUTOTITLE](/organizations/managing-git-access-to-your-organizations-repositories/managing-your-organizations-ssh-certificate-authorities)" and "[AUTOTITLE](/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-security-settings-in-your-enterprise#managing-ssh-certificate-authorities-for-your-enterprise)." +Optionally, you can require that members and outside collaborators use SSH certificates to access organization resources. For more information, see [AUTOTITLE](/organizations/managing-git-access-to-your-organizations-repositories/managing-your-organizations-ssh-certificate-authorities) and [AUTOTITLE](/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-security-settings-in-your-enterprise#managing-ssh-certificate-authorities-for-your-enterprise). For example, you can build an internal system that issues a new certificate to your developers every morning. Each developer can use their daily certificate to work on your organization's repositories on {% data variables.product.product_name %}. At the end of the day, the certificate can automatically expire, protecting your repositories if the certificate is later compromised. @@ -73,7 +73,7 @@ ssh-keygen -s ./ca-key -V '+1d' -I KEY-IDENTITY -O extension:id@{% data variable For CAs uploaded {% ifversion ghec %}after March 27th, 2024{% elsif ghes %}to {% data variables.product.prodname_ghe_server %} version 3.13 or later{% endif %}, you {% ifversion ghes < 3.13 %}will need to{% else %}must{% endif %} use the `-V` flag to configure a lifetime less than 366 days for the certificate. For CAs uploaded {% ifversion ghec %}before this date{% elsif ghes %}before version 3.13{% endif %}, the `-V` flag is optional, and you can create certificates that are irrevocable and live forever. {% ifversion ssh-ca-expires %} -If you have legacy CAs that are exempt from the expiration requirement, you can upgrade the CA to enforce the requirement. To learn more, see "[AUTOTITLE](/organizations/managing-git-access-to-your-organizations-repositories/managing-your-organizations-ssh-certificate-authorities)" and "[AUTOTITLE](/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-security-settings-in-your-enterprise#managing-ssh-certificate-authorities-for-your-enterprise)." +If you have legacy CAs that are exempt from the expiration requirement, you can upgrade the CA to enforce the requirement. To learn more, see [AUTOTITLE](/organizations/managing-git-access-to-your-organizations-repositories/managing-your-organizations-ssh-certificate-authorities) and [AUTOTITLE](/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-security-settings-in-your-enterprise#managing-ssh-certificate-authorities-for-your-enterprise). If you use a username as the login extension, {% data variables.product.company_short %} validates that the named user has not been renamed since the certificate was issued. This prevents a rename attack, where a certificate issued for a username is valid even if the underlying user account changes. To enforce this, the certificate must include the `valid_after` claim, which tells us when the certificate was issued. This field is often missing if an expiration is not required for the certificate, which is why expirations are now required. {% endif %} @@ -84,7 +84,7 @@ To issue a certificate for someone who uses SSH to access multiple {% data varia ssh-keygen -s ./ca-key -V '+1d' -I KEY-IDENTITY -O extension:login@github.com=USERNAME-1 extension:login@HOSTNAME=USERNAME-2 ./user-key.pub ``` -You can restrict the IP addresses from which an organization member can access your organization's resources by using a `source-address` extension. The extension accepts a specific IP address or a range of IP addresses using CIDR notation. You can specify multiple addresses or ranges by separating the values with commas. For more information, see "[Classless Inter-Domain Routing](https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing#CIDR_notation)" on Wikipedia. +You can restrict the IP addresses from which an organization member can access your organization's resources by using a `source-address` extension. The extension accepts a specific IP address or a range of IP addresses using CIDR notation. You can specify multiple addresses or ranges by separating the values with commas. For more information, see [Classless Inter-Domain Routing](https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing#CIDR_notation) on Wikipedia. ```shell ssh-keygen -s ./ca-key -V '+1d' -I KEY-IDENTITY -O extension:login@{% data variables.product.product_url %}=USERNAME -O source-address=COMMA-SEPARATED-LIST-OF-IP-ADDRESSES-OR-RANGES ./user-key.pub diff --git a/content/organizations/managing-git-access-to-your-organizations-repositories/managing-your-organizations-ssh-certificate-authorities.md b/content/organizations/managing-git-access-to-your-organizations-repositories/managing-your-organizations-ssh-certificate-authorities.md index 9553dabb0290..c6dd6123b481 100644 --- a/content/organizations/managing-git-access-to-your-organizations-repositories/managing-your-organizations-ssh-certificate-authorities.md +++ b/content/organizations/managing-git-access-to-your-organizations-repositories/managing-your-organizations-ssh-certificate-authorities.md @@ -14,7 +14,7 @@ shortTitle: Manage SSH authorities permissions: Organization owners can manage an organization's SSH certificate authorities (CA). --- -You can allow members to access your organization's repositories using SSH certificates you provide by adding an SSH CA to your organization. {% data reusables.organizations.can-require-ssh-cert %} For more information, see "[AUTOTITLE](/organizations/managing-git-access-to-your-organizations-repositories/about-ssh-certificate-authorities)." +You can allow members to access your organization's repositories using SSH certificates you provide by adding an SSH CA to your organization. {% data reusables.organizations.can-require-ssh-cert %} For more information, see [AUTOTITLE](/organizations/managing-git-access-to-your-organizations-repositories/about-ssh-certificate-authorities). {% data reusables.organizations.ssh-ca-ghec-only %} @@ -22,7 +22,7 @@ You can allow members to access your organization's repositories using SSH certi ## Adding an SSH certificate authority -If you require SSH certificates for your enterprise, enterprise members should use a special URL for Git operations over SSH. For more information, see "[AUTOTITLE](/organizations/managing-git-access-to-your-organizations-repositories/about-ssh-certificate-authorities#about-ssh-urls-with-ssh-certificates)." +If you require SSH certificates for your enterprise, enterprise members should use a special URL for Git operations over SSH. For more information, see [AUTOTITLE](/organizations/managing-git-access-to-your-organizations-repositories/about-ssh-certificate-authorities#about-ssh-urls-with-ssh-certificates). {% data reusables.enterprise.certificate-authority-usage %} @@ -42,7 +42,7 @@ If you require SSH certificates for your enterprise, enterprise members should u ## Upgrading an SSH certificate authority -CAs uploaded to your organization {% ifversion ghec %}prior to March 27th, 2024,{% elsif ghes %}before {% data variables.product.prodname_ghe_server %} version 3.13{% endif %} allow the use of non-expiring certificates. To learn more about why expirations are now required for new CAs, see "[AUTOTITLE](/organizations/managing-git-access-to-your-organizations-repositories/about-ssh-certificate-authorities#issuing-certificates)." You can upgrade an existing CA to prevent it from issuing non-expiring certificates. For best security, we strongly recommend upgrading all your CAs once you validate you're not reliant on non-expiring certificates. +CAs uploaded to your organization {% ifversion ghec %}prior to March 27th, 2024,{% elsif ghes %}before {% data variables.product.prodname_ghe_server %} version 3.13{% endif %} allow the use of non-expiring certificates. To learn more about why expirations are now required for new CAs, see [AUTOTITLE](/organizations/managing-git-access-to-your-organizations-repositories/about-ssh-certificate-authorities#issuing-certificates). You can upgrade an existing CA to prevent it from issuing non-expiring certificates. For best security, we strongly recommend upgrading all your CAs once you validate you're not reliant on non-expiring certificates. {% data reusables.profile.access_org %} {% data reusables.profile.org_settings %} diff --git a/content/organizations/managing-membership-in-your-organization/adding-people-to-your-organization.md b/content/organizations/managing-membership-in-your-organization/adding-people-to-your-organization.md index 1c2fbf3939c3..f4a165152afa 100644 --- a/content/organizations/managing-membership-in-your-organization/adding-people-to-your-organization.md +++ b/content/organizations/managing-membership-in-your-organization/adding-people-to-your-organization.md @@ -43,4 +43,4 @@ Invitations expire after 7 days. You can retry or cancel expired invitations, ei ## Further reading -* "[AUTOTITLE](/organizations/organizing-members-into-teams/adding-organization-members-to-a-team)" +* [AUTOTITLE](/organizations/organizing-members-into-teams/adding-organization-members-to-a-team) diff --git a/content/organizations/managing-membership-in-your-organization/can-i-create-accounts-for-people-in-my-organization.md b/content/organizations/managing-membership-in-your-organization/can-i-create-accounts-for-people-in-my-organization.md index ec9d4e8f4649..00bb2cac16b4 100644 --- a/content/organizations/managing-membership-in-your-organization/can-i-create-accounts-for-people-in-my-organization.md +++ b/content/organizations/managing-membership-in-your-organization/can-i-create-accounts-for-people-in-my-organization.md @@ -19,7 +19,7 @@ shortTitle: Create accounts for people Because you access an organization by logging in to a personal account, each of your team members needs to create their own personal account. After you have usernames for each person you'd like to add to your organization, you can add the users to teams. {% ifversion fpt or ghec %} -{% ifversion fpt %}Organizations that use {% data variables.product.prodname_ghe_cloud %}{% else %}You{% endif %} can use SAML single sign-on to centrally manage the access that personal accounts have to the organization's resources through an identity provider (IdP). For more information, see "[AUTOTITLE](/organizations/managing-saml-single-sign-on-for-your-organization/about-identity-and-access-management-with-saml-single-sign-on){% ifversion fpt %}" in the {% data variables.product.prodname_ghe_cloud %} documentation.{% else %}."{% endif %} +{% ifversion fpt %}Organizations that use {% data variables.product.prodname_ghe_cloud %}{% else %}You{% endif %} can use SAML single sign-on to centrally manage the access that personal accounts have to the organization's resources through an identity provider (IdP). For more information, see [AUTOTITLE](/organizations/managing-saml-single-sign-on-for-your-organization/about-identity-and-access-management-with-saml-single-sign-on){% ifversion fpt %}" in the {% data variables.product.prodname_ghe_cloud %} documentation.{% else %}.{% endif %} You can also consider {% data variables.product.prodname_emus %}. {% data reusables.enterprise-accounts.emu-short-summary %} {% endif %} diff --git a/content/organizations/managing-membership-in-your-organization/canceling-or-editing-an-invitation-to-join-your-organization.md b/content/organizations/managing-membership-in-your-organization/canceling-or-editing-an-invitation-to-join-your-organization.md index 1a9894f9ec03..5815505bffb6 100644 --- a/content/organizations/managing-membership-in-your-organization/canceling-or-editing-an-invitation-to-join-your-organization.md +++ b/content/organizations/managing-membership-in-your-organization/canceling-or-editing-an-invitation-to-join-your-organization.md @@ -32,6 +32,6 @@ shortTitle: Cancel or edit invitation ## Further reading {% ifversion fpt or ghec %} -* "[AUTOTITLE](/organizations/managing-membership-in-your-organization/inviting-users-to-join-your-organization)" +* [AUTOTITLE](/organizations/managing-membership-in-your-organization/inviting-users-to-join-your-organization) {% endif %} -* "[AUTOTITLE](/organizations/organizing-members-into-teams/adding-organization-members-to-a-team)" +* [AUTOTITLE](/organizations/organizing-members-into-teams/adding-organization-members-to-a-team) diff --git a/content/organizations/managing-membership-in-your-organization/exporting-member-information-for-your-organization.md b/content/organizations/managing-membership-in-your-organization/exporting-member-information-for-your-organization.md index 097493976bce..8eaaebe39218 100644 --- a/content/organizations/managing-membership-in-your-organization/exporting-member-information-for-your-organization.md +++ b/content/organizations/managing-membership-in-your-organization/exporting-member-information-for-your-organization.md @@ -33,7 +33,7 @@ You can also use {% data variables.product.prodname_dotcom %}'s APIs to retrieve {% ifversion ghec %} -Enterprise owners can also export membership information for an enterprise. For more information, see "[AUTOTITLE](/admin/user-management/managing-users-in-your-enterprise/exporting-membership-information-for-your-enterprise)." +Enterprise owners can also export membership information for an enterprise. For more information, see [AUTOTITLE](/admin/user-management/managing-users-in-your-enterprise/exporting-membership-information-for-your-enterprise). {% endif %} @@ -60,13 +60,13 @@ You may be able to view the email addresses for members of your organization on If SAML SSO is configured for your organization, or if you have verified a domain, you may be able to view the email addresses in one or more of the following ways. -1. On your SAML Identity Provider (IdP), review the email addresses of users with access to {% data variables.product.product_name %}. For more information, see "[AUTOTITLE](/admin/identity-and-access-management/using-saml-for-enterprise-iam/about-saml-for-enterprise-iam)." +1. On your SAML Identity Provider (IdP), review the email addresses of users with access to {% data variables.product.product_name %}. For more information, see [AUTOTITLE](/admin/identity-and-access-management/using-saml-for-enterprise-iam/about-saml-for-enterprise-iam). 1. Export the membership report for your organization. The report may contain the user's email address, stored as the following values. - * `saml_name_id`: The `NameID` from the user's linked SAML identity, which is typically the user's email address (for more information, see "[AUTOTITLE](/organizations/managing-saml-single-sign-on-for-your-organization/about-identity-and-access-management-with-saml-single-sign-on)") - * `GitHub com verified domain emails`: Email addresses for any verified domains (for more information, see "[AUTOTITLE](/organizations/managing-organization-settings/verifying-or-approving-a-domain-for-your-organization)") + * `saml_name_id`: The `NameID` from the user's linked SAML identity, which is typically the user's email address (for more information, see [AUTOTITLE](/organizations/managing-saml-single-sign-on-for-your-organization/about-identity-and-access-management-with-saml-single-sign-on)) + * `GitHub com verified domain emails`: Email addresses for any verified domains (for more information, see [AUTOTITLE](/organizations/managing-organization-settings/verifying-or-approving-a-domain-for-your-organization)) - For more information, see "[Exporting membership information](#exporting-a-membership-information-report)." + For more information, see [Exporting membership information](#exporting-a-membership-information-report). {% data reusables.saml.use-api-to-get-externalidentity %} diff --git a/content/organizations/managing-membership-in-your-organization/inviting-users-to-join-your-organization.md b/content/organizations/managing-membership-in-your-organization/inviting-users-to-join-your-organization.md index 08e9ba35021f..7a2538f0903e 100644 --- a/content/organizations/managing-membership-in-your-organization/inviting-users-to-join-your-organization.md +++ b/content/organizations/managing-membership-in-your-organization/inviting-users-to-join-your-organization.md @@ -24,17 +24,17 @@ shortTitle: Invite users to join You can use a person's {% data variables.product.company_short %} username or email address for the invitation. > [!NOTE] -> If you use an email address for the invitation, the invitee will only be able to accept the invitation if the email address matches with a verified email address associated with the invitee's personal account on {% data variables.product.prodname_dotcom %}. For more information, see "[AUTOTITLE](/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-email-preferences/verifying-your-email-address)." +> If you use an email address for the invitation, the invitee will only be able to accept the invitation if the email address matches with a verified email address associated with the invitee's personal account on {% data variables.product.prodname_dotcom %}. For more information, see [AUTOTITLE](/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-email-preferences/verifying-your-email-address). > > If an invitee's personal account has been flagged, the invitee won't be able to accept any new or pending invitations to join organizations. -If your organization has a paid per-user subscription, an unused license must be available before you can invite a new member to join the organization or reinstate a former organization member. For more information, see "[AUTOTITLE](/billing/managing-the-plan-for-your-github-account/about-per-user-pricing)." +If your organization has a paid per-user subscription, an unused license must be available before you can invite a new member to join the organization or reinstate a former organization member. For more information, see [AUTOTITLE](/billing/managing-the-plan-for-your-github-account/about-per-user-pricing). {% data reusables.organizations.org-invite-scim %} -If your organization requires members to use two-factor authentication, users that you invite must enable two-factor authentication before accepting the invitation. For more information, see "[AUTOTITLE](/organizations/keeping-your-organization-secure/managing-two-factor-authentication-for-your-organization/requiring-two-factor-authentication-in-your-organization)" and "[AUTOTITLE](/authentication/securing-your-account-with-two-factor-authentication-2fa)." +If your organization requires members to use two-factor authentication, users that you invite must enable two-factor authentication before accepting the invitation. For more information, see [AUTOTITLE](/organizations/keeping-your-organization-secure/managing-two-factor-authentication-for-your-organization/requiring-two-factor-authentication-in-your-organization) and [AUTOTITLE](/authentication/securing-your-account-with-two-factor-authentication-2fa). -{% ifversion fpt %}Organizations that use {% data variables.product.prodname_ghe_cloud %}{% else %}You{% endif %} can implement SCIM to add, manage, and remove organization members' access to {% data variables.product.prodname_dotcom %} through an identity provider (IdP). For more information, see "[AUTOTITLE](/enterprise-cloud@latest/organizations/managing-saml-single-sign-on-for-your-organization/about-scim-for-organizations){% ifversion fpt %}" in the {% data variables.product.prodname_ghe_cloud %} documentation.{% else %}."{% endif %} +{% ifversion fpt %}Organizations that use {% data variables.product.prodname_ghe_cloud %}{% else %}You{% endif %} can implement SCIM to add, manage, and remove organization members' access to {% data variables.product.prodname_dotcom %} through an identity provider (IdP). For more information, see [AUTOTITLE](/enterprise-cloud@latest/organizations/managing-saml-single-sign-on-for-your-organization/about-scim-for-organizations){% ifversion fpt %}" in the {% data variables.product.prodname_ghe_cloud %} documentation.{% else %}.{% endif %} To prevent abuse, you can only create 50 organization invitations within a 24-hour period. If your organization is more than one month old or on a paid plan, the limit is 500 invitations per 24 hour period. {% ifversion ghec %} This limit does not apply to invitations created via SCIM provisioning.{% endif %} @@ -65,4 +65,4 @@ Invitations expire after 7 days. You can retry or cancel expired invitations, ei ## Further reading -* "[AUTOTITLE](/organizations/organizing-members-into-teams/adding-organization-members-to-a-team)" +* [AUTOTITLE](/organizations/organizing-members-into-teams/adding-organization-members-to-a-team) diff --git a/content/organizations/managing-membership-in-your-organization/reinstating-a-former-member-of-your-organization.md b/content/organizations/managing-membership-in-your-organization/reinstating-a-former-member-of-your-organization.md index 1c932abd314f..870b50440114 100644 --- a/content/organizations/managing-membership-in-your-organization/reinstating-a-former-member-of-your-organization.md +++ b/content/organizations/managing-membership-in-your-organization/reinstating-a-former-member-of-your-organization.md @@ -19,18 +19,18 @@ shortTitle: Reinstate a member If a user is removed from your organization in one of the following ways, the user's access privileges and settings are saved for three months. -* You manually removed the user from your organization. For more information, see "[AUTOTITLE](/organizations/managing-membership-in-your-organization/removing-a-member-from-your-organization)." +* You manually removed the user from your organization. For more information, see [AUTOTITLE](/organizations/managing-membership-in-your-organization/removing-a-member-from-your-organization). {%- ifversion ghec %} -* The user was removed via SCIM. For more information, see "[AUTOTITLE](/organizations/managing-saml-single-sign-on-for-your-organization/about-scim-for-organizations)." +* The user was removed via SCIM. For more information, see [AUTOTITLE](/organizations/managing-saml-single-sign-on-for-your-organization/about-scim-for-organizations). {%- endif %} -* The user was removed from your organization because you've required members and outside collaborators to enable two-factor authentication (2FA). For more information, see "[AUTOTITLE](/organizations/keeping-your-organization-secure/requiring-two-factor-authentication-in-your-organization)."{% ifversion fpt or ghec %} -* The user was removed from your organization because you enforced SAML single sign-on. For more information, see "[AUTOTITLE](/enterprise-cloud@latest/organizations/managing-saml-single-sign-on-for-your-organization/enforcing-saml-single-sign-on-for-your-organization){% ifversion fpt %}" in the {% data variables.product.prodname_ghe_cloud %} documentation.{% else %}."{% endif %}{% endif %} -* You converted an organization member to an outside collaborator. For more information, see "[AUTOTITLE](/organizations/managing-user-access-to-your-organizations-repositories/managing-outside-collaborators/converting-an-organization-member-to-an-outside-collaborator)." +* The user was removed from your organization because you've required members and outside collaborators to enable two-factor authentication (2FA). For more information, see [AUTOTITLE](/organizations/keeping-your-organization-secure/requiring-two-factor-authentication-in-your-organization).{% ifversion fpt or ghec %} +* The user was removed from your organization because you enforced SAML single sign-on. For more information, see [AUTOTITLE](/enterprise-cloud@latest/organizations/managing-saml-single-sign-on-for-your-organization/enforcing-saml-single-sign-on-for-your-organization){% ifversion fpt %}" in the {% data variables.product.prodname_ghe_cloud %} documentation.{% else %}.{% endif %}{% endif %} +* You converted an organization member to an outside collaborator. For more information, see [AUTOTITLE](/organizations/managing-user-access-to-your-organizations-repositories/managing-outside-collaborators/converting-an-organization-member-to-an-outside-collaborator). You can restore the user's privileges if you {% ifversion fpt or ghec %}invite{% else %}add{% endif %} them back to the organization within that time frame. {% ifversion fpt or ghec %} -If your organization has a paid per-user subscription, an unused license must be available before you can reinstate a former organization member. For more information, see "[AUTOTITLE](/articles/about-per-user-pricing)." +If your organization has a paid per-user subscription, an unused license must be available before you can reinstate a former organization member. For more information, see [AUTOTITLE](/articles/about-per-user-pricing). {% endif %} ## Items that are restored for reinstated members diff --git a/content/organizations/managing-membership-in-your-organization/removing-a-member-from-your-organization.md b/content/organizations/managing-membership-in-your-organization/removing-a-member-from-your-organization.md index e79b53b2ef8a..1b84013b47ac 100644 --- a/content/organizations/managing-membership-in-your-organization/removing-a-member-from-your-organization.md +++ b/content/organizations/managing-membership-in-your-organization/removing-a-member-from-your-organization.md @@ -22,11 +22,11 @@ permissions: Organization owners can remove members from an organization. > [!WARNING] > When you remove members from an organization: -> * The paid license count does not automatically downgrade. To pay for fewer licenses after removing users from your organization, follow the steps in "[AUTOTITLE](/billing/managing-the-plan-for-your-github-account/downgrading-your-accounts-plan)." +> * The paid license count does not automatically downgrade. To pay for fewer licenses after removing users from your organization, follow the steps in [AUTOTITLE](/billing/managing-the-plan-for-your-github-account/downgrading-your-accounts-plan). > * Removed members will lose access to private forks of your organization's private repositories, but they may still have local copies. However, they cannot sync local copies with your organization's repositories. Their private forks can be restored if the user is [reinstated as an organization member](/organizations/managing-membership-in-your-organization/reinstating-a-former-member-of-your-organization) within three months of being removed from the organization. Ultimately, you are responsible for ensuring that people who have lost access to a repository delete any confidential information or intellectual property. > * When private repositories are forked to other organizations, those organizations are able to control access to the fork network. This means users may retain access to the forks even after losing access to the original organization because they will still have explicit access via a fork. {%- ifversion ghec %} -> * Removed members will also lose access to private forks of your organization's internal repositories, if the removed member is not a member of any other organization owned by the same enterprise account. For more information, see "[AUTOTITLE](/admin/overview/about-enterprise-accounts)." +> * Removed members will also lose access to private forks of your organization's internal repositories, if the removed member is not a member of any other organization owned by the same enterprise account. For more information, see [AUTOTITLE](/admin/overview/about-enterprise-accounts). {%- endif %} > * Any organization invitations sent by a removed member, that have not been accepted, are canceled and will not be accessible. @@ -42,7 +42,7 @@ permissions: Organization owners can remove members from an organization. {% ifversion fpt or ghec %} -To help the person you're removing from your organization transition and help ensure they delete confidential information or intellectual property, we recommend sharing a checklist of best practices for leaving your organization. For an example, see "[AUTOTITLE](/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-your-personal-account/best-practices-for-leaving-your-company)." +To help the person you're removing from your organization transition and help ensure they delete confidential information or intellectual property, we recommend sharing a checklist of best practices for leaving your organization. For an example, see [AUTOTITLE](/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-your-personal-account/best-practices-for-leaving-your-company). {% endif %} @@ -63,5 +63,5 @@ To help the person you're removing from your organization transition and help en ## Further reading -* "[AUTOTITLE](/organizations/organizing-members-into-teams/removing-organization-members-from-a-team)"{% ifversion remove-enterprise-members %} -* "[AUTOTITLE](/admin/user-management/managing-users-in-your-enterprise/removing-a-member-from-your-enterprise)"{% endif %} +* [AUTOTITLE](/organizations/organizing-members-into-teams/removing-organization-members-from-a-team){% ifversion remove-enterprise-members %} +* [AUTOTITLE](/admin/user-management/managing-users-in-your-enterprise/removing-a-member-from-your-enterprise){% endif %} diff --git a/content/organizations/managing-oauth-access-to-your-organizations-data/about-oauth-app-access-restrictions.md b/content/organizations/managing-oauth-access-to-your-organizations-data/about-oauth-app-access-restrictions.md index 650092d27556..050825348c59 100644 --- a/content/organizations/managing-oauth-access-to-your-organizations-data/about-oauth-app-access-restrictions.md +++ b/content/organizations/managing-oauth-access-to-your-organizations-data/about-oauth-app-access-restrictions.md @@ -22,7 +22,7 @@ shortTitle: '{% data variables.product.prodname_oauth_app %} restrictions' {% ifversion limit-app-access-requests %} {% data reusables.organizations.restricted-app-access-requests %}{% endif %} -Even if you restrict {% data variables.product.prodname_oauth_apps %} access in your organization, users can still authorize internal {% data variables.product.prodname_oauth_apps %} apps and use them to access data from the organization. For more information, see "[AUTOTITLE](/apps/oauth-apps/using-oauth-apps/internal-oauth-apps)." +Even if you restrict {% data variables.product.prodname_oauth_apps %} access in your organization, users can still authorize internal {% data variables.product.prodname_oauth_apps %} apps and use them to access data from the organization. For more information, see [AUTOTITLE](/apps/oauth-apps/using-oauth-apps/internal-oauth-apps). {% data reusables.organizations.oauth_app_restrictions_default %} @@ -62,10 +62,10 @@ If an organization disables {% data variables.product.prodname_oauth_app %} acce ## Further reading -* "[AUTOTITLE](/organizations/managing-oauth-access-to-your-organizations-data/enabling-oauth-app-access-restrictions-for-your-organization)" -* "[AUTOTITLE](/organizations/managing-oauth-access-to-your-organizations-data/approving-oauth-apps-for-your-organization)" -* "[AUTOTITLE](/organizations/managing-programmatic-access-to-your-organization/reviewing-github-apps-installed-in-your-organization)" -* "[AUTOTITLE](/organizations/managing-oauth-access-to-your-organizations-data/denying-access-to-a-previously-approved-oauth-app-for-your-organization)" -* "[AUTOTITLE](/organizations/managing-oauth-access-to-your-organizations-data/disabling-oauth-app-access-restrictions-for-your-organization)" -* "[AUTOTITLE](/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-your-membership-in-organizations/requesting-organization-approval-for-oauth-apps)" -* "[AUTOTITLE](/apps/oauth-apps/using-oauth-apps/authorizing-oauth-apps)" +* [AUTOTITLE](/organizations/managing-oauth-access-to-your-organizations-data/enabling-oauth-app-access-restrictions-for-your-organization) +* [AUTOTITLE](/organizations/managing-oauth-access-to-your-organizations-data/approving-oauth-apps-for-your-organization) +* [AUTOTITLE](/organizations/managing-programmatic-access-to-your-organization/reviewing-github-apps-installed-in-your-organization) +* [AUTOTITLE](/organizations/managing-oauth-access-to-your-organizations-data/denying-access-to-a-previously-approved-oauth-app-for-your-organization) +* [AUTOTITLE](/organizations/managing-oauth-access-to-your-organizations-data/disabling-oauth-app-access-restrictions-for-your-organization) +* [AUTOTITLE](/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-your-membership-in-organizations/requesting-organization-approval-for-oauth-apps) +* [AUTOTITLE](/apps/oauth-apps/using-oauth-apps/authorizing-oauth-apps) diff --git a/content/organizations/managing-oauth-access-to-your-organizations-data/approving-oauth-apps-for-your-organization.md b/content/organizations/managing-oauth-access-to-your-organizations-data/approving-oauth-apps-for-your-organization.md index cc6378d99e70..b1656a8d5553 100644 --- a/content/organizations/managing-oauth-access-to-your-organizations-data/approving-oauth-apps-for-your-organization.md +++ b/content/organizations/managing-oauth-access-to-your-organizations-data/approving-oauth-apps-for-your-organization.md @@ -27,4 +27,4 @@ When {% data variables.product.prodname_oauth_app %} access restrictions are ena ## Further reading -* "[AUTOTITLE](/organizations/managing-oauth-access-to-your-organizations-data/about-oauth-app-access-restrictions)" +* [AUTOTITLE](/organizations/managing-oauth-access-to-your-organizations-data/about-oauth-app-access-restrictions) diff --git a/content/organizations/managing-oauth-access-to-your-organizations-data/enabling-oauth-app-access-restrictions-for-your-organization.md b/content/organizations/managing-oauth-access-to-your-organizations-data/enabling-oauth-app-access-restrictions-for-your-organization.md index 0a07d438800d..010cbb1b0b7b 100644 --- a/content/organizations/managing-oauth-access-to-your-organizations-data/enabling-oauth-app-access-restrictions-for-your-organization.md +++ b/content/organizations/managing-oauth-access-to-your-organizations-data/enabling-oauth-app-access-restrictions-for-your-organization.md @@ -17,10 +17,10 @@ shortTitle: Restrict {% data variables.product.prodname_oauth_apps %} {% data reusables.organizations.oauth_app_restrictions_default %} -Even if you restrict {% data variables.product.prodname_oauth_apps %} access in your organization, users can still authorize internal {% data variables.product.prodname_oauth_apps %} and use them to access data from the organization. For more information, see "[AUTOTITLE](/apps/oauth-apps/using-oauth-apps/internal-oauth-apps)." +Even if you restrict {% data variables.product.prodname_oauth_apps %} access in your organization, users can still authorize internal {% data variables.product.prodname_oauth_apps %} and use them to access data from the organization. For more information, see [AUTOTITLE](/apps/oauth-apps/using-oauth-apps/internal-oauth-apps). > [!WARNING] -> * Enabling {% data variables.product.prodname_oauth_app %} access restrictions will revoke organization access for all previously authorized {% data variables.product.prodname_oauth_apps %} and SSH keys. For more information, see "[AUTOTITLE](/organizations/managing-oauth-access-to-your-organizations-data/about-oauth-app-access-restrictions)." +> * Enabling {% data variables.product.prodname_oauth_app %} access restrictions will revoke organization access for all previously authorized {% data variables.product.prodname_oauth_apps %} and SSH keys. For more information, see [AUTOTITLE](/organizations/managing-oauth-access-to-your-organizations-data/about-oauth-app-access-restrictions). > * Once you've set up {% data variables.product.prodname_oauth_app %} access restrictions, make sure to reauthorize any {% data variables.product.prodname_oauth_app %} that require access to the organization's private data on an ongoing basis. All organization members will need to create new SSH keys, and the organization will need to create new deploy keys as needed. > * When {% data variables.product.prodname_oauth_app %} access restrictions are enabled, applications can use an OAuth token to access information about {% data variables.product.prodname_marketplace %} transactions. diff --git a/content/organizations/managing-organization-settings/about-networking-for-hosted-compute-products-in-your-organization.md b/content/organizations/managing-organization-settings/about-networking-for-hosted-compute-products-in-your-organization.md index 384c0f2a4808..8cf2a370bd6b 100644 --- a/content/organizations/managing-organization-settings/about-networking-for-hosted-compute-products-in-your-organization.md +++ b/content/organizations/managing-organization-settings/about-networking-for-hosted-compute-products-in-your-organization.md @@ -31,6 +31,6 @@ topics: {% endif %} -For more information about how using an Azure VNET with {% data variables.product.company_short %}-hosted runners works, see "[AUTOTITLE](/organizations/managing-organization-settings/about-azure-private-networking-for-github-hosted-runners-in-your-organization)." +For more information about how using an Azure VNET with {% data variables.product.company_short %}-hosted runners works, see [AUTOTITLE](/organizations/managing-organization-settings/about-azure-private-networking-for-github-hosted-runners-in-your-organization). {% data reusables.actions.azure-vnet-next-steps-links %} diff --git a/content/organizations/managing-organization-settings/allowing-people-to-delete-issues-in-your-organization.md b/content/organizations/managing-organization-settings/allowing-people-to-delete-issues-in-your-organization.md index 1dc3b198a613..bc9ba8af2ae9 100644 --- a/content/organizations/managing-organization-settings/allowing-people-to-delete-issues-in-your-organization.md +++ b/content/organizations/managing-organization-settings/allowing-people-to-delete-issues-in-your-organization.md @@ -16,7 +16,7 @@ shortTitle: Allow issue deletion By default, issues cannot be deleted in an organization's repositories. An organization owner must enable this feature for all of the organization's repositories first. -Once enabled, organization owners and people with admin access in an organization-owned repository can delete issues. People with admin access in a repository include organization members and outside collaborators who were given admin access. For more information, see "[AUTOTITLE](/organizations/managing-user-access-to-your-organizations-repositories/managing-repository-roles/repository-roles-for-an-organization)" and "[AUTOTITLE](/issues/tracking-your-work-with-issues/deleting-an-issue)." +Once enabled, organization owners and people with admin access in an organization-owned repository can delete issues. People with admin access in a repository include organization members and outside collaborators who were given admin access. For more information, see [AUTOTITLE](/organizations/managing-user-access-to-your-organizations-repositories/managing-repository-roles/repository-roles-for-an-organization) and [AUTOTITLE](/issues/tracking-your-work-with-issues/deleting-an-issue). {% data reusables.profile.access_org %} {% data reusables.profile.org_settings %} diff --git a/content/organizations/managing-organization-settings/allowing-project-visibility-changes-in-your-organization.md b/content/organizations/managing-organization-settings/allowing-project-visibility-changes-in-your-organization.md index 0276ec32affd..40c436b01101 100644 --- a/content/organizations/managing-organization-settings/allowing-project-visibility-changes-in-your-organization.md +++ b/content/organizations/managing-organization-settings/allowing-project-visibility-changes-in-your-organization.md @@ -18,7 +18,7 @@ You can restrict who has the ability to change the visibility of {% data variabl You can limit the ability to change {% data variables.projects.project_v2_and_v1 %} visibility to just organization owners, or you can allow anyone granted admin permissions to change the visibility. {% ifversion project-visibility-policy %} -This option may not be available to you if an enterprise owner restricts visibility changes for {% data variables.projects.projects_v2_and_v1 %} at the enterprise level. For more information, see "[AUTOTITLE](/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-projects-in-your-enterprise)." +This option may not be available to you if an enterprise owner restricts visibility changes for {% data variables.projects.projects_v2_and_v1 %} at the enterprise level. For more information, see [AUTOTITLE](/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-projects-in-your-enterprise). {% endif %} ## Allowing members to change project visibilities @@ -32,7 +32,7 @@ This option may not be available to you if an enterprise owner restricts visibil ## Further reading {% ifversion projects-v2 %} -* "[AUTOTITLE](/issues/planning-and-tracking-with-projects/managing-your-project/managing-visibility-of-your-projects)" +* [AUTOTITLE](/issues/planning-and-tracking-with-projects/managing-your-project/managing-visibility-of-your-projects) {%- endif %}{%- ifversion projects-v1 %} -* "[AUTOTITLE](/issues/organizing-your-work-with-project-boards/managing-project-boards/changing-project-board-visibility)" +* [AUTOTITLE](/issues/organizing-your-work-with-project-boards/managing-project-boards/changing-project-board-visibility) {% endif %} diff --git a/content/organizations/managing-organization-settings/archiving-an-organization.md b/content/organizations/managing-organization-settings/archiving-an-organization.md index 1dbe17c7fb42..f5f9006f360d 100644 --- a/content/organizations/managing-organization-settings/archiving-an-organization.md +++ b/content/organizations/managing-organization-settings/archiving-an-organization.md @@ -12,7 +12,7 @@ topics: {% ifversion fpt or ghec %} > [!NOTE] -> You can only archive an organization if it's using {% data variables.product.prodname_free_team %} or if the organization is part of an enterprise. If you want to archive an individually-billed organization, you must downgrade your organization to {% data variables.product.prodname_free_team %} first. For more information, see "[AUTOTITLE](/billing/managing-billing-for-your-github-account/downgrading-your-github-subscription)." +> You can only archive an organization if it's using {% data variables.product.prodname_free_team %} or if the organization is part of an enterprise. If you want to archive an individually-billed organization, you must downgrade your organization to {% data variables.product.prodname_free_team %} first. For more information, see [AUTOTITLE](/billing/managing-billing-for-your-github-account/downgrading-your-github-subscription). {% endif %} @@ -24,11 +24,11 @@ When an organization is archived, visitors to the organization's profile will se The difference between archiving individual repositories and archiving an entire organization is that, in archived organizations, individual repositories may not be unarchived independently. The whole organization is read-only and must be unarchived for any repository to be writeable again. -You can also delete an organization. Deleting your organization account permanently removes all repositories, forks of private repositories, wikis, issues, pull requests, and project or organization pages. For more information, see "[AUTOTITLE](/organizations/managing-organization-settings/deleting-an-organization-account)." +You can also delete an organization. Deleting your organization account permanently removes all repositories, forks of private repositories, wikis, issues, pull requests, and project or organization pages. For more information, see [AUTOTITLE](/organizations/managing-organization-settings/deleting-an-organization-account). ## Archiving your organization -You can archive your organization to make it read-only and indicate that it's no longer actively maintained. Prior to archiving, consider updating your organization's profile and README with context about why it's archived. To add an organization-wide README, see "[AUTOTITLE](/organizations/collaborating-with-groups-in-organizations/customizing-your-organizations-profile)." +You can archive your organization to make it read-only and indicate that it's no longer actively maintained. Prior to archiving, consider updating your organization's profile and README with context about why it's archived. To add an organization-wide README, see [AUTOTITLE](/organizations/collaborating-with-groups-in-organizations/customizing-your-organizations-profile). {% data reusables.profile.access_org %} {% data reusables.profile.org_settings %} diff --git a/content/organizations/managing-organization-settings/changing-the-visibility-of-your-organizations-dependency-insights.md b/content/organizations/managing-organization-settings/changing-the-visibility-of-your-organizations-dependency-insights.md index 02c46596bb60..37bf977f5107 100644 --- a/content/organizations/managing-organization-settings/changing-the-visibility-of-your-organizations-dependency-insights.md +++ b/content/organizations/managing-organization-settings/changing-the-visibility-of-your-organizations-dependency-insights.md @@ -15,7 +15,7 @@ shortTitle: Change insight visibility Organization owners can set limitations for viewing organization dependency insights. All members of an organization can view organization dependency insights by default. {% ifversion ghec %} -Enterprise owners can set limitations for viewing organization dependency insights on all organizations in your enterprise account. For more information, see "[AUTOTITLE](/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-code-security-and-analysis-for-your-enterprise#enforcing-a-policy-for-visibility-of-dependency-insights)." +Enterprise owners can set limitations for viewing organization dependency insights on all organizations in your enterprise account. For more information, see [AUTOTITLE](/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-code-security-and-analysis-for-your-enterprise#enforcing-a-policy-for-visibility-of-dependency-insights). {% endif %} {% data reusables.profile.access_org %} diff --git a/content/organizations/managing-organization-settings/configuring-private-networking-for-github-hosted-runners-in-your-organization.md b/content/organizations/managing-organization-settings/configuring-private-networking-for-github-hosted-runners-in-your-organization.md index 9c6c2e8268dd..a50df4a014f0 100644 --- a/content/organizations/managing-organization-settings/configuring-private-networking-for-github-hosted-runners-in-your-organization.md +++ b/content/organizations/managing-organization-settings/configuring-private-networking-for-github-hosted-runners-in-your-organization.md @@ -34,7 +34,7 @@ topics: ### 1. Obtain the `databaseId` for your organization -You can use the following GraphQL query to retrieve your organization `databaseId`. You will use the organization `databaseId` for the value of the `DATABASE_ID` environment variable in the next step. For more information on working with GraphQL, see "[AUTOTITLE](/graphql/guides/forming-calls-with-graphql)." +You can use the following GraphQL query to retrieve your organization `databaseId`. You will use the organization `databaseId` for the value of the `DATABASE_ID` environment variable in the next step. For more information on working with GraphQL, see [AUTOTITLE](/graphql/guides/forming-calls-with-graphql). | Query variable | Description | |----|----| @@ -89,9 +89,9 @@ https://api.github.com/graphql ### 2. Create a runner group for your organization > [!NOTE] -> For the runner group to be accessible by repositories within your organizations, those repositories must have access to that runner group at the organization level. For more information, see "[AUTOTITLE](/actions/using-github-hosted-runners/controlling-access-to-larger-runners#changing-which-repositories-can-access-a-runner-group)." +> For the runner group to be accessible by repositories within your organizations, those repositories must have access to that runner group at the organization level. For more information, see [AUTOTITLE](/actions/using-github-hosted-runners/controlling-access-to-larger-runners#changing-which-repositories-can-access-a-runner-group). -1. Create a new runner group for your organization. For more information about how to create a runner group, see "[AUTOTITLE](/actions/using-github-hosted-runners/about-larger-runners/controlling-access-to-larger-runners#creating-a-runner-group-for-an-organization)." +1. Create a new runner group for your organization. For more information about how to create a runner group, see [AUTOTITLE](/actions/using-github-hosted-runners/about-larger-runners/controlling-access-to-larger-runners#creating-a-runner-group-for-an-organization). 1. To choose a policy for repository access, select the **Repository access** dropdown menu and click a policy. You can configure a runner group to be accessible to a specific list of repositories, or all repositories in the organization. 1. While configuring your runner group, under "Network configurations," use the dropdown menu to select the network configuration you created for the Azure VNET. 1. To create the group and apply the policy, click **Create group**. @@ -101,7 +101,7 @@ https://api.github.com/graphql > [!NOTE] > When adding your {% data variables.product.company_short %}-hosted runner to a runner group, select the runner group you created in the previous procedures. -1. Add the {% data variables.product.company_short %}-hosted runner to the runner group. For more information, see "[AUTOTITLE](/actions/using-github-hosted-runners/about-larger-runners/managing-larger-runners#adding-a-larger-runner-to-an-organization)." +1. Add the {% data variables.product.company_short %}-hosted runner to the runner group. For more information, see [AUTOTITLE](/actions/using-github-hosted-runners/about-larger-runners/managing-larger-runners#adding-a-larger-runner-to-an-organization). ### 4. Optionally, manage network configurations diff --git a/content/organizations/managing-organization-settings/creating-an-announcement-banner-for-your-organization.md b/content/organizations/managing-organization-settings/creating-an-announcement-banner-for-your-organization.md index 9a3f1323f5c2..3d7111b3f3fe 100644 --- a/content/organizations/managing-organization-settings/creating-an-announcement-banner-for-your-organization.md +++ b/content/organizations/managing-organization-settings/creating-an-announcement-banner-for-your-organization.md @@ -20,7 +20,7 @@ You can create an announcement banner that will be displayed to all organization {% data reusables.enterprise.user-messages-markdown %} -You can also set announcement banners at the enterprise level. For more information, see "[AUTOTITLE](/admin/user-management/managing-users-in-your-enterprise/customizing-user-messages-for-your-enterprise)." +You can also set announcement banners at the enterprise level. For more information, see [AUTOTITLE](/admin/user-management/managing-users-in-your-enterprise/customizing-user-messages-for-your-enterprise). {% data reusables.profile.access_org %} {% data reusables.profile.org_settings %} diff --git a/content/organizations/managing-organization-settings/creating-rulesets-for-repositories-in-your-organization.md b/content/organizations/managing-organization-settings/creating-rulesets-for-repositories-in-your-organization.md index 5b65ffb75060..493b0c1e076e 100644 --- a/content/organizations/managing-organization-settings/creating-rulesets-for-repositories-in-your-organization.md +++ b/content/organizations/managing-organization-settings/creating-rulesets-for-repositories-in-your-organization.md @@ -32,7 +32,7 @@ Forks _do_ inherit push rulesets from their root repository. {% data reusables.r To import one of the prebuilt rulesets by {% data variables.product.prodname_dotcom %}, see [`github/ruleset-recipes`](https://github.com/github/ruleset-recipes). {% ifversion repo-rules-management %} -{% data reusables.repositories.import-a-ruleset-conceptual %} For more information, see "[AUTOTITLE](/organizations/managing-organization-settings/managing-rulesets-for-repositories-in-your-organization#using-ruleset-history)."{% endif %} +{% data reusables.repositories.import-a-ruleset-conceptual %} For more information, see [AUTOTITLE](/organizations/managing-organization-settings/managing-rulesets-for-repositories-in-your-organization#using-ruleset-history).{% endif %} ## Using `fnmatch` syntax diff --git a/content/organizations/managing-organization-settings/deleting-an-organization-account.md b/content/organizations/managing-organization-settings/deleting-an-organization-account.md index 103b27519146..1ea208372038 100644 --- a/content/organizations/managing-organization-settings/deleting-an-organization-account.md +++ b/content/organizations/managing-organization-settings/deleting-an-organization-account.md @@ -26,7 +26,7 @@ shortTitle: Delete organization Deleting your organization account removes all repositories, forks of private repositories, wikis, issues, pull requests, and project or organization pages. {% ifversion fpt or ghec %}Your billing will end and, after 90 days, the organization name becomes available for use on a new user or organization account. > [!TIP] -> If you rename an organization, you can create a new organization with the same name immediately. For more information, see "[AUTOTITLE](/organizations/managing-organization-settings/renaming-an-organization)." +> If you rename an organization, you can create a new organization with the same name immediately. For more information, see [AUTOTITLE](/organizations/managing-organization-settings/renaming-an-organization). {% endif %} @@ -39,7 +39,7 @@ Deleting your organization account removes all repositories, forks of private re {% data reusables.package_registry.delete-account-namespace-retirement %} {% ifversion archive-organizations %} -You can also archive an organization, instead of deleting it. Archiving an organization will make it read-only. For more information, see "[AUTOTITLE](/organizations/managing-organization-settings/archiving-an-organization)." +You can also archive an organization, instead of deleting it. Archiving an organization will make it read-only. For more information, see [AUTOTITLE](/organizations/managing-organization-settings/archiving-an-organization). {% endif %} ## Backing up your organization content @@ -49,7 +49,7 @@ You can also archive an organization, instead of deleting it. Archiving an organ {% ifversion ghes %} > [!NOTE] -> If necessary, a site administrator for {% data variables.location.product_location %} may be able to partially restore a deleted organization. For more information, see "[AUTOTITLE](/admin/managing-accounts-and-repositories/managing-organizations-in-your-enterprise/restoring-a-deleted-organization)." +> If necessary, a site administrator for {% data variables.location.product_location %} may be able to partially restore a deleted organization. For more information, see [AUTOTITLE](/admin/managing-accounts-and-repositories/managing-organizations-in-your-enterprise/restoring-a-deleted-organization). {% endif %} diff --git a/content/organizations/managing-organization-settings/disabling-or-limiting-github-actions-for-your-organization.md b/content/organizations/managing-organization-settings/disabling-or-limiting-github-actions-for-your-organization.md index f4f9465f0792..c2da6e554cf9 100644 --- a/content/organizations/managing-organization-settings/disabling-or-limiting-github-actions-for-your-organization.md +++ b/content/organizations/managing-organization-settings/disabling-or-limiting-github-actions-for-your-organization.md @@ -7,7 +7,7 @@ versions: fpt: '*' ghes: '*' ghec: '*' -permissions: Organization owners{% ifversion custom-org-roles %} and users with the "Manage organization Actions policies" and "Manage runners and runner groups" fine-grained permissions{% endif %} can enable, disable, and limit {% data variables.product.prodname_actions %} for an organization. {% ifversion custom-org-roles %}

For more information, see "[AUTOTITLE](/organizations/managing-peoples-access-to-your-organization-with-roles/about-custom-organization-roles)."{% endif %} +permissions: Organization owners{% ifversion custom-org-roles %} and users with the "Manage organization Actions policies" and "Manage runners and runner groups" fine-grained permissions{% endif %} can enable, disable, and limit {% data variables.product.prodname_actions %} for an organization. {% ifversion custom-org-roles %}

For more information, see [AUTOTITLE](/organizations/managing-peoples-access-to-your-organization-with-roles/about-custom-organization-roles).{% endif %} topics: - Organizations - Teams @@ -18,7 +18,7 @@ shortTitle: Disable or limit actions ## About {% data variables.product.prodname_actions %} permissions for your organization -{% data reusables.actions.disabling-github-actions %} For more information about {% data variables.product.prodname_actions %}, see "[AUTOTITLE](/actions/learn-github-actions)." +{% data reusables.actions.disabling-github-actions %} For more information about {% data variables.product.prodname_actions %}, see [AUTOTITLE](/actions/learn-github-actions). You can enable {% data variables.product.prodname_actions %} for all repositories in your organization. {% data reusables.actions.enabled-actions-description %} You can disable {% data variables.product.prodname_actions %} for all repositories in your organization. {% data reusables.actions.disabled-actions-description %} @@ -29,7 +29,7 @@ Alternatively, you can enable {% data variables.product.prodname_actions %} for You can choose to disable {% data variables.product.prodname_actions %} for all repositories in your organization, or only allow specific repositories. You can also limit the use of public actions{% ifversion actions-workflow-policy %} and reusable workflows{% endif %}, so that people can only use local actions {% ifversion actions-workflow-policy %}and reusable workflows{% endif %} that exist in your {% ifversion ghec or ghes %}enterprise{% else %}organization{% endif %}. > [!NOTE] -> You might not be able to manage these settings if your organization is managed by an enterprise that has overriding policy. For more information, see "[AUTOTITLE](/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-github-actions-in-your-enterprise)." +> You might not be able to manage these settings if your organization is managed by an enterprise that has overriding policy. For more information, see [AUTOTITLE](/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-github-actions-in-your-enterprise). {% data reusables.profile.access_org %} {% data reusables.profile.org_settings %} @@ -54,7 +54,7 @@ You can choose to disable {% data variables.product.prodname_actions %} for all {% ifversion ghec or ghes %} > [!NOTE] -> If your organization belongs to an enterprise, creation of self-hosted runners at the repository level may have been disabled as an enterprise-wide setting. If this has been done, you cannot enable repository-level self-hosted runners in your organization settings. For more information, see "[AUTOTITLE](/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-github-actions-in-your-enterprise)." +> If your organization belongs to an enterprise, creation of self-hosted runners at the repository level may have been disabled as an enterprise-wide setting. If this has been done, you cannot enable repository-level self-hosted runners in your organization settings. For more information, see [AUTOTITLE](/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-github-actions-in-your-enterprise). {% endif %} @@ -98,7 +98,7 @@ You can configure this behavior for an organization using the procedure below. M {% data reusables.actions.workflows.required-workflow-beta %} -You can configure required workflows to run in all or selected repositories in an organization where you are an owner. Required workflows are triggered by {% ifversion actions-required-workflow-improvements %}`pull_request` and `pull_request_target` default events{% else %}pull requests{% endif %} and must pass before a pull request can be merged. For more information, see "[AUTOTITLE](/actions/using-workflows/required-workflows)." +You can configure required workflows to run in all or selected repositories in an organization where you are an owner. Required workflows are triggered by {% ifversion actions-required-workflow-improvements %}`pull_request` and `pull_request_target` default events{% else %}pull requests{% endif %} and must pass before a pull request can be merged. For more information, see [AUTOTITLE](/actions/using-workflows/required-workflows). ### Prerequisites @@ -194,7 +194,7 @@ Organization administrators can view {% ifversion actions-cache-admin-ui %}and m ### Viewing {% data variables.product.prodname_actions %} cache storage by repository -For each repository in your organization, you can see how much cache storage a repository is using, the number of active caches, and if a repository is near the total cache size limit. For more information about the cache usage and eviction process, see "[AUTOTITLE](/actions/using-workflows/caching-dependencies-to-speed-up-workflows#usage-limits-and-eviction-policy)." +For each repository in your organization, you can see how much cache storage a repository is using, the number of active caches, and if a repository is near the total cache size limit. For more information about the cache usage and eviction process, see [AUTOTITLE](/actions/using-workflows/caching-dependencies-to-speed-up-workflows#usage-limits-and-eviction-policy). {% data reusables.profile.access_profile %} {% data reusables.profile.access_org %} diff --git a/content/organizations/managing-organization-settings/disabling-project-boards-in-your-organization.md b/content/organizations/managing-organization-settings/disabling-project-boards-in-your-organization.md index e4adf0cb2689..7cf7f696d5f3 100644 --- a/content/organizations/managing-organization-settings/disabling-project-boards-in-your-organization.md +++ b/content/organizations/managing-organization-settings/disabling-project-boards-in-your-organization.md @@ -40,7 +40,7 @@ If you decide to re-enable {% data variables.projects.projects_v2_and_v1 %}, any ## Managing {% data variables.projects.projects_v1_boards %} in your organization's repositories -You can control whether organization members can create {% data variables.projects.projects_v1_boards %} in repositories in your organization. You can still disable {% data variables.projects.projects_v1_boards %} in individual repositories. For more information, see "[AUTOTITLE](/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/disabling-project-boards-in-a-repository)." +You can control whether organization members can create {% data variables.projects.projects_v1_boards %} in repositories in your organization. You can still disable {% data variables.projects.projects_v1_boards %} in individual repositories. For more information, see [AUTOTITLE](/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/disabling-project-boards-in-a-repository). {% data reusables.profile.access_org %} {% data reusables.profile.org_settings %} @@ -54,8 +54,8 @@ You can control whether organization members can create {% data variables.projec ## Further reading -{% ifversion projects-v2 %}- "[AUTOTITLE](/issues/planning-and-tracking-with-projects/learning-about-projects/about-projects)"{% endif %} -{% ifversion projects-v1 %}* "[AUTOTITLE](/issues/organizing-your-work-with-project-boards/managing-project-boards/about-project-boards)" -* "[AUTOTITLE](/issues/organizing-your-work-with-project-boards/managing-project-boards/closing-a-project-board)" -* "[AUTOTITLE](/issues/organizing-your-work-with-project-boards/managing-project-boards/deleting-a-project-board)"{% endif %} -* "[AUTOTITLE](/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/disabling-project-boards-in-a-repository)" +{% ifversion projects-v2 %}- [AUTOTITLE](/issues/planning-and-tracking-with-projects/learning-about-projects/about-projects){% endif %} +{% ifversion projects-v1 %}* [AUTOTITLE](/issues/organizing-your-work-with-project-boards/managing-project-boards/about-project-boards) +* [AUTOTITLE](/issues/organizing-your-work-with-project-boards/managing-project-boards/closing-a-project-board) +* [AUTOTITLE](/issues/organizing-your-work-with-project-boards/managing-project-boards/deleting-a-project-board){% endif %} +* [AUTOTITLE](/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/disabling-project-boards-in-a-repository) diff --git a/content/organizations/managing-organization-settings/enabling-or-disabling-github-discussions-for-an-organization.md b/content/organizations/managing-organization-settings/enabling-or-disabling-github-discussions-for-an-organization.md index 657f8e68a62e..b9b002d00c24 100644 --- a/content/organizations/managing-organization-settings/enabling-or-disabling-github-discussions-for-an-organization.md +++ b/content/organizations/managing-organization-settings/enabling-or-disabling-github-discussions-for-an-organization.md @@ -13,7 +13,7 @@ shortTitle: Organization discussions {% data reusables.discussions.about-organization-discussions %} -You can also manage repository discussions. For more information, see "[AUTOTITLE](/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/enabling-or-disabling-github-discussions-for-a-repository)" and "[AUTOTITLE](/organizations/managing-organization-settings/managing-discussion-creation-for-repositories-in-your-organization)." +You can also manage repository discussions. For more information, see [AUTOTITLE](/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/enabling-or-disabling-github-discussions-for-a-repository) and [AUTOTITLE](/organizations/managing-organization-settings/managing-discussion-creation-for-repositories-in-your-organization). ## Enabling or disabling {% data variables.product.prodname_discussions %} for your organization @@ -22,5 +22,5 @@ You can also manage repository discussions. For more information, see "[AUTOTITL ## Further reading -* "[AUTOTITLE](/discussions/collaborating-with-your-community-using-discussions/about-discussions)" -* "[AUTOTITLE](/discussions/managing-discussions-for-your-community)" +* [AUTOTITLE](/discussions/collaborating-with-your-community-using-discussions/about-discussions) +* [AUTOTITLE](/discussions/managing-discussions-for-your-community) diff --git a/content/organizations/managing-organization-settings/governing-how-people-use-repositories-in-your-organization.md b/content/organizations/managing-organization-settings/governing-how-people-use-repositories-in-your-organization.md index 7adce7b0992b..cbd2b645398e 100644 --- a/content/organizations/managing-organization-settings/governing-how-people-use-repositories-in-your-organization.md +++ b/content/organizations/managing-organization-settings/governing-how-people-use-repositories-in-your-organization.md @@ -14,7 +14,7 @@ shortTitle: Govern repository usage {% data reusables.enterprise.repo-policy-rules-intro %} ->[!TIP] If you're an **enterprise owner**, you can create a repository policy that applies to multiple organizations. See "[AUTOTITLE](/admin/managing-accounts-and-repositories/managing-repositories-in-your-enterprise/governing-how-people-use-repositories-in-your-enterprise)." +>[!TIP] If you're an **enterprise owner**, you can create a repository policy that applies to multiple organizations. See [AUTOTITLE](/admin/managing-accounts-and-repositories/managing-repositories-in-your-enterprise/governing-how-people-use-repositories-in-your-enterprise). ## Examples @@ -56,7 +56,7 @@ Use something descriptive to communicate the purpose of the policy. For example: Choose which repositories in the organization the policy applies to. You can select all repositories, choose a selection of existing repositories, or create a dynamic rule by name or custom property for current and future repositories. If you set a dynamic list by name, you'll add one or more naming patterns using `fnmatch` syntax. -* For example, the string `*open-source` would match any repository with a name that ends with `open-source`. For syntax details, see "[AUTOTITLE](/repositories/configuring-branches-and-merges-in-your-repository/managing-rulesets/creating-rulesets-for-a-repository#using-fnmatch-syntax)." +* For example, the string `*open-source` would match any repository with a name that ends with `open-source`. For syntax details, see [AUTOTITLE](/repositories/configuring-branches-and-merges-in-your-repository/managing-rulesets/creating-rulesets-for-a-repository#using-fnmatch-syntax). * Optionally, you can prevent anyone outside the allow list from renaming the selected repositories. Alternatively, you can control the format of names in the "Policies" section. ### Policies diff --git a/content/organizations/managing-organization-settings/integrating-jira-with-your-organization-project-board.md b/content/organizations/managing-organization-settings/integrating-jira-with-your-organization-project-board.md index 662268ff25db..f973fceaed34 100644 --- a/content/organizations/managing-organization-settings/integrating-jira-with-your-organization-project-board.md +++ b/content/organizations/managing-organization-settings/integrating-jira-with-your-organization-project-board.md @@ -30,5 +30,5 @@ allowTitleToDifferFromFilename: true ## Further reading -* "[AUTOTITLE](/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-personal-account-settings/integrating-jira-with-your-personal-projects)" +* [AUTOTITLE](/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-personal-account-settings/integrating-jira-with-your-personal-projects) * [Connect Jira Cloud to GitHub](https://confluence.atlassian.com/adminjiracloud/connect-jira-cloud-to-github-814188429.html) in the Atlassian documentation diff --git a/content/organizations/managing-organization-settings/managing-base-permissions-for-projects.md b/content/organizations/managing-organization-settings/managing-base-permissions-for-projects.md index 5a8e6b72947d..40c74d84b6df 100644 --- a/content/organizations/managing-organization-settings/managing-base-permissions-for-projects.md +++ b/content/organizations/managing-organization-settings/managing-base-permissions-for-projects.md @@ -11,7 +11,7 @@ allowTitleToDifferFromFilename: true ## About base permissions for {% data variables.projects.projects_v2 %} -You can set a project's base permission to control the level of access for all members of your organization. You can then specify individual and team permissions for each project in addition to the base permission. For more information on setting permissions for individual projects, see "[AUTOTITLE](/issues/planning-and-tracking-with-projects/managing-your-project/managing-access-to-your-projects)." +You can set a project's base permission to control the level of access for all members of your organization. You can then specify individual and team permissions for each project in addition to the base permission. For more information on setting permissions for individual projects, see [AUTOTITLE](/issues/planning-and-tracking-with-projects/managing-your-project/managing-access-to-your-projects). When you set the base permission for projects in your organization's settings, the base permission will apply to any new projects created by organization members and existing projects that do not currently have a base permission configured in the project's settings. @@ -28,4 +28,4 @@ When you set the base permission for projects in your organization's settings, t ## Further reading -* "[AUTOTITLE](/issues/planning-and-tracking-with-projects/managing-your-project/managing-access-to-your-projects)" +* [AUTOTITLE](/issues/planning-and-tracking-with-projects/managing-your-project/managing-access-to-your-projects) diff --git a/content/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization.md b/content/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization.md index e15349286dc2..1d72bddfb9a2 100644 --- a/content/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization.md +++ b/content/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization.md @@ -16,11 +16,11 @@ Custom properties allow you to decorate your repositories with information such An organization can have up to 100 property definitions. An allowed value list can have up to 200 items. {% ifversion ghec or ghes %} -You can use repository properties to determine which repositories to target with a ruleset. For more information, see "[AUTOTITLE](/organizations/managing-organization-settings/creating-rulesets-for-repositories-in-your-organization#targeting-repositories-by-properties-in-your-organization)." +You can use repository properties to determine which repositories to target with a ruleset. For more information, see [AUTOTITLE](/organizations/managing-organization-settings/creating-rulesets-for-repositories-in-your-organization#targeting-repositories-by-properties-in-your-organization). {% endif %} {% ifversion ghec %} -You can define custom properties at the enterprise level to create a consistent experience across organizations. See "[AUTOTITLE](/admin/managing-accounts-and-repositories/managing-repositories-in-your-enterprise/managing-custom-properties-for-repositories-in-your-enterprise)". +You can define custom properties at the enterprise level to create a consistent experience across organizations. See [AUTOTITLE](/admin/managing-accounts-and-repositories/managing-repositories-in-your-enterprise/managing-custom-properties-for-repositories-in-your-enterprise). {% endif %} ## Allowed characters @@ -31,7 +31,7 @@ You can define custom properties at the enterprise level to create a consistent You can add custom properties to your organization and set values for those properties for repositories in your organization. -{% ifversion ghec %}You can also use the REST API to create and manage custom properties for an organization. For more information, see "[AUTOTITLE](/rest/orgs/custom-properties)."{% endif %} +{% ifversion ghec %}You can also use the REST API to create and manage custom properties for an organization. For more information, see [AUTOTITLE](/rest/orgs/custom-properties).{% endif %} {% data reusables.profile.access_org %} {% data reusables.profile.org_settings %} @@ -63,7 +63,7 @@ You{% ifversion custom-org-roles %}, and any users with the "Edit custom propert People with read permissions to a repository can view the values of custom properties for that repository, but they can't edit those values. -{% ifversion ghec %}You can also use the REST API to list the custom properties assigned to a repository by your organization. For more information, see "[AUTOTITLE](/rest/repos/custom-properties)."{% endif %} +{% ifversion ghec %}You can also use the REST API to list the custom properties assigned to a repository by your organization. For more information, see [AUTOTITLE](/rest/repos/custom-properties).{% endif %} {% data reusables.repositories.navigate-to-repo %} {% data reusables.repositories.sidebar-settings %} diff --git a/content/organizations/managing-organization-settings/managing-default-labels-for-repositories-in-your-organization.md b/content/organizations/managing-organization-settings/managing-default-labels-for-repositories-in-your-organization.md index 5ca558c1c9a6..33a8afab447a 100644 --- a/content/organizations/managing-organization-settings/managing-default-labels-for-repositories-in-your-organization.md +++ b/content/organizations/managing-organization-settings/managing-default-labels-for-repositories-in-your-organization.md @@ -52,4 +52,4 @@ Default labels are included in every new repository in your organization, but an ## Further reading -* "[AUTOTITLE](/issues/using-labels-and-milestones-to-track-work/managing-labels)" +* [AUTOTITLE](/issues/using-labels-and-milestones-to-track-work/managing-labels) diff --git a/content/organizations/managing-organization-settings/managing-discussion-creation-for-repositories-in-your-organization.md b/content/organizations/managing-organization-settings/managing-discussion-creation-for-repositories-in-your-organization.md index 96e98648af8c..e51bdadacc55 100644 --- a/content/organizations/managing-organization-settings/managing-discussion-creation-for-repositories-in-your-organization.md +++ b/content/organizations/managing-organization-settings/managing-discussion-creation-for-repositories-in-your-organization.md @@ -25,6 +25,6 @@ By default, organization members with read access can create discussions if a re ## Further reading -* "[AUTOTITLE](/discussions/collaborating-with-your-community-using-discussions/about-discussions)" -* "[AUTOTITLE](/discussions/managing-discussions-for-your-community)" -* "[AUTOTITLE](/organizations/managing-organization-settings/enabling-or-disabling-github-discussions-for-an-organization)" +* [AUTOTITLE](/discussions/collaborating-with-your-community-using-discussions/about-discussions) +* [AUTOTITLE](/discussions/managing-discussions-for-your-community) +* [AUTOTITLE](/organizations/managing-organization-settings/enabling-or-disabling-github-discussions-for-an-organization) diff --git a/content/organizations/managing-organization-settings/managing-pull-request-reviews-in-your-organization.md b/content/organizations/managing-organization-settings/managing-pull-request-reviews-in-your-organization.md index 43d183355c5b..a3403acc2ce9 100644 --- a/content/organizations/managing-organization-settings/managing-pull-request-reviews-in-your-organization.md +++ b/content/organizations/managing-organization-settings/managing-pull-request-reviews-in-your-organization.md @@ -16,7 +16,7 @@ By default, in public repositories, any user can submit reviews that approve or You can limit who is able to approve or request changes to pull requests in public repositories owned by your organization. After you enable code review limits, anyone can comment on pull requests in your public repositories, but only people with explicit access to a repository can approve a pull request or request changes. -You can also enable code review limits for individual repositories. If you enable or limits for your organization, you will override any limits for individual repositories owned by the organization. For more information, see "[AUTOTITLE](/repositories/managing-your-repositorys-settings-and-features/managing-repository-settings/managing-pull-request-reviews-in-your-repository)." +You can also enable code review limits for individual repositories. If you enable or limits for your organization, you will override any limits for individual repositories owned by the organization. For more information, see [AUTOTITLE](/repositories/managing-your-repositorys-settings-and-features/managing-repository-settings/managing-pull-request-reviews-in-your-repository). ## Managing code review limits diff --git a/content/organizations/managing-organization-settings/managing-rulesets-for-repositories-in-your-organization.md b/content/organizations/managing-organization-settings/managing-rulesets-for-repositories-in-your-organization.md index 4aee2a6deb2d..bb2c1b284816 100644 --- a/content/organizations/managing-organization-settings/managing-rulesets-for-repositories-in-your-organization.md +++ b/content/organizations/managing-organization-settings/managing-rulesets-for-repositories-in-your-organization.md @@ -19,7 +19,7 @@ After creating a ruleset at the organization level, you can make changes to the {% endif %} -You can use the REST and GraphQL APIs to manage rulesets. For more information, see "[AUTOTITLE](/rest/orgs/rules)" and "[AUTOTITLE](/graphql/reference/mutations#createrepositoryruleset)." +You can use the REST and GraphQL APIs to manage rulesets. For more information, see [AUTOTITLE](/rest/orgs/rules) and [AUTOTITLE](/graphql/reference/mutations#createrepositoryruleset). {% data reusables.repositories.rulesets-anyone-can-view %} diff --git a/content/organizations/managing-organization-settings/managing-scheduled-reminders-for-your-organization.md b/content/organizations/managing-organization-settings/managing-scheduled-reminders-for-your-organization.md index 29c9c84e5184..ec8a15e42a9e 100644 --- a/content/organizations/managing-organization-settings/managing-scheduled-reminders-for-your-organization.md +++ b/content/organizations/managing-organization-settings/managing-scheduled-reminders-for-your-organization.md @@ -64,5 +64,5 @@ Organization owners can schedule a reminder for one or more teams in their organ ## Further reading * [Getting started](https://github.com/integrations/slack?tab=readme-ov-file#getting-started) in the Slack integrations documentation -* "[AUTOTITLE](/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-your-membership-in-organizations/managing-your-scheduled-reminders)" -* "[AUTOTITLE](/organizations/organizing-members-into-teams/managing-scheduled-reminders-for-your-team)" +* [AUTOTITLE](/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-your-membership-in-organizations/managing-your-scheduled-reminders) +* [AUTOTITLE](/organizations/organizing-members-into-teams/managing-scheduled-reminders-for-your-team) diff --git a/content/organizations/managing-organization-settings/managing-the-commit-signoff-policy-for-your-organization.md b/content/organizations/managing-organization-settings/managing-the-commit-signoff-policy-for-your-organization.md index de85aeb2f06e..a77bbd9dd15c 100644 --- a/content/organizations/managing-organization-settings/managing-the-commit-signoff-policy-for-your-organization.md +++ b/content/organizations/managing-organization-settings/managing-the-commit-signoff-policy-for-your-organization.md @@ -13,7 +13,7 @@ shortTitle: Manage the commit signoff policy To affirm that a commit complies with the rules and licensing governing a repository, many organizations require developers to sign off on every commit. If your organization requires commit signoffs, you can make signing off a seamless part of the commit process by enabling compulsory commit signoffs for users committing through {% data variables.product.product_name %}'s web interface. After you enable compulsory commit signoffs for an organization, every commit made to repositories in that organization through {% data variables.product.product_name %}'s web interface will automatically be signed off on by the commit author. -People with admin access to a repository can also enable compulsory commit signoffs at the repository level. For more information, see "[AUTOTITLE](/repositories/managing-your-repositorys-settings-and-features/managing-repository-settings/managing-the-commit-signoff-policy-for-your-repository)." +People with admin access to a repository can also enable compulsory commit signoffs at the repository level. For more information, see [AUTOTITLE](/repositories/managing-your-repositorys-settings-and-features/managing-repository-settings/managing-the-commit-signoff-policy-for-your-repository). {% data reusables.repositories.commit-signoffs %} diff --git a/content/organizations/managing-organization-settings/managing-the-default-branch-name-for-repositories-in-your-organization.md b/content/organizations/managing-organization-settings/managing-the-default-branch-name-for-repositories-in-your-organization.md index 3ef548a149cc..db2b1a00d643 100644 --- a/content/organizations/managing-organization-settings/managing-the-default-branch-name-for-repositories-in-your-organization.md +++ b/content/organizations/managing-organization-settings/managing-the-default-branch-name-for-repositories-in-your-organization.md @@ -16,11 +16,11 @@ shortTitle: Manage default branch name ## About management of the default branch name -When a member of your organization creates a new repository in your organization, the repository contains one branch, which is the default branch. You can change the name that {% data variables.product.product_name %} uses for the default branch in new repositories that members of your organization create. For more information about the default branch, see "[AUTOTITLE](/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/about-branches#about-the-default-branch)." +When a member of your organization creates a new repository in your organization, the repository contains one branch, which is the default branch. You can change the name that {% data variables.product.product_name %} uses for the default branch in new repositories that members of your organization create. For more information about the default branch, see [AUTOTITLE](/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/about-branches#about-the-default-branch). {% data reusables.branches.change-default-branch %} -If an enterprise owner has enforced a policy for the default branch name for your enterprise, you cannot set a default branch name for your organization. Instead, you can change the default branch for individual repositories. For more information, see {% ifversion fpt %}"[AUTOTITLE](/enterprise-cloud@latest/admin/policies/enforcing-policies-for-your-enterprise/enforcing-repository-management-policies-in-your-enterprise#enforcing-a-policy-for-the-default-branch-name)"{% else %}"[AUTOTITLE](/admin/policies/enforcing-policies-for-your-enterprise/enforcing-repository-management-policies-in-your-enterprise#enforcing-a-policy-for-the-default-branch-name)"{% endif %} and "[AUTOTITLE](/repositories/configuring-branches-and-merges-in-your-repository/managing-branches-in-your-repository/changing-the-default-branch)." +If an enterprise owner has enforced a policy for the default branch name for your enterprise, you cannot set a default branch name for your organization. Instead, you can change the default branch for individual repositories. For more information, see {% ifversion fpt %}[AUTOTITLE](/enterprise-cloud@latest/admin/policies/enforcing-policies-for-your-enterprise/enforcing-repository-management-policies-in-your-enterprise#enforcing-a-policy-for-the-default-branch-name){% else %}[AUTOTITLE](/admin/policies/enforcing-policies-for-your-enterprise/enforcing-repository-management-policies-in-your-enterprise#enforcing-a-policy-for-the-default-branch-name){% endif %} and [AUTOTITLE](/repositories/configuring-branches-and-merges-in-your-repository/managing-branches-in-your-repository/changing-the-default-branch). ## Setting the default branch name @@ -33,4 +33,4 @@ If an enterprise owner has enforced a policy for the default branch name for you ## Further reading -* "[AUTOTITLE](/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-personal-account-settings/managing-the-default-branch-name-for-your-repositories)" +* [AUTOTITLE](/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-personal-account-settings/managing-the-default-branch-name-for-your-repositories) diff --git a/content/organizations/managing-organization-settings/managing-the-display-of-member-names-in-your-organization.md b/content/organizations/managing-organization-settings/managing-the-display-of-member-names-in-your-organization.md index a9b062debcab..e942f3bf2751 100644 --- a/content/organizations/managing-organization-settings/managing-the-display-of-member-names-in-your-organization.md +++ b/content/organizations/managing-organization-settings/managing-the-display-of-member-names-in-your-organization.md @@ -19,10 +19,10 @@ Organization owners can manage the display of member names in an organization. ![Screenshot of an issue comment. The header says "ashtom (Thomas Dohmke) commented 1 minute ago," with "(Thomas Dohmke)" outlined in dark orange.](/assets/images/help/issues/commenter-full-name.png) -Changes to the display of usernames within an organization will affect the display of other people's usernames, not your own. Each organization member chooses their own profile name in their settings. For more information, see "[AUTOTITLE](/account-and-profile/setting-up-and-managing-your-github-profile/customizing-your-profile/personalizing-your-profile#changing-your-profile-name)." +Changes to the display of usernames within an organization will affect the display of other people's usernames, not your own. Each organization member chooses their own profile name in their settings. For more information, see [AUTOTITLE](/account-and-profile/setting-up-and-managing-your-github-profile/customizing-your-profile/personalizing-your-profile#changing-your-profile-name). {% ifversion profile-name-enterprise-setting %} -You may not be able to configure this setting for your organization, if an enterprise owner has set a policy at the enterprise level. For more information, see "[AUTOTITLE](/admin/policies/enforcing-policies-for-your-enterprise/enforcing-repository-management-policies-in-your-enterprise#enforcing-a-policy-for-inviting-outside-collaborators-to-repositories)."{% endif %} +You may not be able to configure this setting for your organization, if an enterprise owner has set a policy at the enterprise level. For more information, see [AUTOTITLE](/admin/policies/enforcing-policies-for-your-enterprise/enforcing-repository-management-policies-in-your-enterprise#enforcing-a-policy-for-inviting-outside-collaborators-to-repositories).{% endif %} {% data reusables.profile.access_org %} {% data reusables.profile.org_settings %} diff --git a/content/organizations/managing-organization-settings/managing-the-forking-policy-for-your-organization.md b/content/organizations/managing-organization-settings/managing-the-forking-policy-for-your-organization.md index 197ab744e77c..9ba9e2cb374f 100644 --- a/content/organizations/managing-organization-settings/managing-the-forking-policy-for-your-organization.md +++ b/content/organizations/managing-organization-settings/managing-the-forking-policy-for-your-organization.md @@ -18,10 +18,10 @@ shortTitle: Manage forking policy By default, new organizations are configured to disallow the forking of private{% ifversion ghes or ghec %} and internal{% endif %} repositories. -If you allow forking of private{% ifversion ghes or ghec %} and internal{% endif %} repositories at the organization level, you can also configure the ability to fork a specific private{% ifversion ghes or ghec %} or internal{% endif %} repository. For more information, see "[AUTOTITLE](/repositories/managing-your-repositorys-settings-and-features/managing-repository-settings/managing-the-forking-policy-for-your-repository)." +If you allow forking of private{% ifversion ghes or ghec %} and internal{% endif %} repositories at the organization level, you can also configure the ability to fork a specific private{% ifversion ghes or ghec %} or internal{% endif %} repository. For more information, see [AUTOTITLE](/repositories/managing-your-repositorys-settings-and-features/managing-repository-settings/managing-the-forking-policy-for-your-repository). {% ifversion org-owners-limit-forks-creation %} -{% ifversion ghec %}If your organization is owned by an enterprise account, you{% else %}You{% endif %} may not be able to configure this setting for your organization, if an enterprise owner has set a policy at the enterprise level. For more information, see "[AUTOTITLE](/admin/policies/enforcing-policies-for-your-enterprise/enforcing-repository-management-policies-in-your-enterprise#enforcing-a-policy-for-forking-private-or-internal-repositories)."{% endif %} +{% ifversion ghec %}If your organization is owned by an enterprise account, you{% else %}You{% endif %} may not be able to configure this setting for your organization, if an enterprise owner has set a policy at the enterprise level. For more information, see [AUTOTITLE](/admin/policies/enforcing-policies-for-your-enterprise/enforcing-repository-management-policies-in-your-enterprise#enforcing-a-policy-for-forking-private-or-internal-repositories).{% endif %} {% data reusables.profile.access_org %} {% data reusables.profile.org_settings %} @@ -36,5 +36,5 @@ If you allow forking of private{% ifversion ghes or ghec %} and internal{% endif ## Further reading -* "[AUTOTITLE](/pull-requests/collaborating-with-pull-requests/working-with-forks/about-forks)" -* "[AUTOTITLE](/organizations/managing-user-access-to-your-organizations-repositories/managing-repository-roles/repository-roles-for-an-organization)" +* [AUTOTITLE](/pull-requests/collaborating-with-pull-requests/working-with-forks/about-forks) +* [AUTOTITLE](/organizations/managing-user-access-to-your-organizations-repositories/managing-repository-roles/repository-roles-for-an-organization) diff --git a/content/organizations/managing-organization-settings/managing-the-publication-of-github-pages-sites-for-your-organization.md b/content/organizations/managing-organization-settings/managing-the-publication-of-github-pages-sites-for-your-organization.md index 6eafa40a1f74..a29111108c40 100644 --- a/content/organizations/managing-organization-settings/managing-the-publication-of-github-pages-sites-for-your-organization.md +++ b/content/organizations/managing-organization-settings/managing-the-publication-of-github-pages-sites-for-your-organization.md @@ -19,10 +19,10 @@ shortTitle: Manage Pages site publication {% ifversion fpt %} You can choose to allow or disallow organization members from publishing {% data variables.product.prodname_pages %} sites. Organizations that use {% data variables.product.prodname_ghe_cloud %} can also choose to allow publicly published sites, privately published sites, both, or neither. For more information, see [the {% data variables.product.prodname_ghe_cloud %} documentation](/enterprise-cloud@latest/organizations/managing-organization-settings/managing-the-publication-of-github-pages-sites-for-your-organization). {% elsif ghec %} -You can choose to allow organization members to create publicly published sites, privately published sites, both, or neither. For more information about access control for {% data variables.product.prodname_pages %} sites, see "[AUTOTITLE](/pages/getting-started-with-github-pages/changing-the-visibility-of-your-github-pages-site)." +You can choose to allow organization members to create publicly published sites, privately published sites, both, or neither. For more information about access control for {% data variables.product.prodname_pages %} sites, see [AUTOTITLE](/pages/getting-started-with-github-pages/changing-the-visibility-of-your-github-pages-site). {% endif %} -If you disallow publication of {% data variables.product.prodname_pages %} sites, any sites that are already published will remain published. You can manually unpublish the site. For more information, see "[AUTOTITLE](/pages/getting-started-with-github-pages/unpublishing-a-github-pages-site)." +If you disallow publication of {% data variables.product.prodname_pages %} sites, any sites that are already published will remain published. You can manually unpublish the site. For more information, see [AUTOTITLE](/pages/getting-started-with-github-pages/unpublishing-a-github-pages-site). {% data reusables.profile.access_org %} {% data reusables.profile.org_settings %} @@ -42,4 +42,4 @@ If you disallow publication of {% data variables.product.prodname_pages %} sites ## Further reading -* "[AUTOTITLE](/pages/getting-started-with-github-pages/about-github-pages)" +* [AUTOTITLE](/pages/getting-started-with-github-pages/about-github-pages) diff --git a/content/organizations/managing-organization-settings/managing-updates-from-accounts-your-organization-sponsors.md b/content/organizations/managing-organization-settings/managing-updates-from-accounts-your-organization-sponsors.md index 374d6d16892c..ecebf4cd4955 100644 --- a/content/organizations/managing-organization-settings/managing-updates-from-accounts-your-organization-sponsors.md +++ b/content/organizations/managing-organization-settings/managing-updates-from-accounts-your-organization-sponsors.md @@ -15,7 +15,7 @@ shortTitle: Manage sponsorship updates The developers and organizations that your organization sponsors can send you updates about their work. You can manage the email address that receives these updates. -You can also disable updates from accounts your organization sponsors. For more information, see "[AUTOTITLE](/sponsors/sponsoring-open-source-contributors/managing-your-sponsorship#managing-email-updates-for-your-sponsorship)." +You can also disable updates from accounts your organization sponsors. For more information, see [AUTOTITLE](/sponsors/sponsoring-open-source-contributors/managing-your-sponsorship#managing-email-updates-for-your-sponsorship). {% data reusables.profile.access_org %} {% data reusables.profile.org_settings %} @@ -24,4 +24,4 @@ You can also disable updates from accounts your organization sponsors. For more ## Further reading -* "[AUTOTITLE](/sponsors)" +* [AUTOTITLE](/sponsors) diff --git a/content/organizations/managing-organization-settings/renaming-an-organization.md b/content/organizations/managing-organization-settings/renaming-an-organization.md index 832b442d2507..959a2468a912 100644 --- a/content/organizations/managing-organization-settings/renaming-an-organization.md +++ b/content/organizations/managing-organization-settings/renaming-an-organization.md @@ -24,7 +24,7 @@ After changing your organization's name, your old organization name becomes avai ### Changes that occur automatically * {% data variables.product.prodname_dotcom %} automatically redirects references to your repositories. Web links to your organization's existing **repositories** will continue to work. This can take a few minutes to complete after you initiate the change. -* You can continue pushing your local repositories to the old remote tracking URL without updating it. However, we recommend you update all existing remote repository URLs after changing your organization name. Because your old organization name is available for use by anyone else after you change it, the new organization owner can create repositories that override the redirect entries to your repository. For more information, see "[AUTOTITLE](/get-started/getting-started-with-git/managing-remote-repositories)." +* You can continue pushing your local repositories to the old remote tracking URL without updating it. However, we recommend you update all existing remote repository URLs after changing your organization name. Because your old organization name is available for use by anyone else after you change it, the new organization owner can create repositories that override the redirect entries to your repository. For more information, see [AUTOTITLE](/get-started/getting-started-with-git/managing-remote-repositories). * Previous Git commits will also be correctly attributed to users within your organization.{% ifversion fpt or ghec %} * {% data reusables.accounts.rename-account-repo-namespace-retirement %}{% endif %} * {% data reusables.package_registry.rename-account-namespace-retirement %} @@ -35,7 +35,7 @@ After changing your organization's name: * Links to your previous organization profile page, such as `https://{% data variables.product.product_url %}/previousorgname`, will return a 404 error. We recommend you update links to your organization from other sites{% ifversion fpt or ghec %}, such as your LinkedIn or Twitter profiles{% endif %}. * API requests that use the old organization's name will return a 404 error. We recommend you update the old organization name in your API requests. * There are no automatic [@mention](/get-started/writing-on-github/getting-started-with-writing-and-formatting-on-github/basic-writing-and-formatting-syntax#mentioning-people-and-teams) redirects for teams that use the old organization's name.{% ifversion ghec %} -* If SAML single sign-on (SSO) and/or is enabled for the organization, you must update the organization name in the application for {% data variables.product.prodname_ghe_cloud %} on your identity provider (IdP). If you don't update the organization name on your IdP, members of the organization will no longer be able to authenticate with your IdP to access the organization's resources. For more information, see "[AUTOTITLE](/organizations/managing-saml-single-sign-on-for-your-organization/connecting-your-identity-provider-to-your-organization)." +* If SAML single sign-on (SSO) and/or is enabled for the organization, you must update the organization name in the application for {% data variables.product.prodname_ghe_cloud %} on your identity provider (IdP). If you don't update the organization name on your IdP, members of the organization will no longer be able to authenticate with your IdP to access the organization's resources. For more information, see [AUTOTITLE](/organizations/managing-saml-single-sign-on-for-your-organization/connecting-your-identity-provider-to-your-organization). * If SCIM is enabled for the organization, you must update the organization name in the application for {% data variables.product.prodname_ghe_cloud %} on your identity provider (IdP). If you don't update the organization name within the SCIM settings on your IdP, you will not be able to provision or deprovision users.{% endif %} ## Changing your organization's name @@ -48,4 +48,4 @@ After changing your organization's name: ## Further reading -* "[AUTOTITLE](/pull-requests/committing-changes-to-your-project/troubleshooting-commits/why-are-my-commits-linked-to-the-wrong-user)" +* [AUTOTITLE](/pull-requests/committing-changes-to-your-project/troubleshooting-commits/why-are-my-commits-linked-to-the-wrong-user) diff --git a/content/organizations/managing-organization-settings/restricting-deploy-keys-in-your-organization.md b/content/organizations/managing-organization-settings/restricting-deploy-keys-in-your-organization.md index f8088314f074..5044d97386e1 100644 --- a/content/organizations/managing-organization-settings/restricting-deploy-keys-in-your-organization.md +++ b/content/organizations/managing-organization-settings/restricting-deploy-keys-in-your-organization.md @@ -14,9 +14,9 @@ You can choose whether members can create deploy keys for repositories in your o By default, new organizations are configured to disallow the creation of deploy keys in repositories. -Organization owners can restrict the creation of deploy keys to help prevent sensitive information from being exposed. For more information, see "[AUTOTITLE](/code-security/getting-started/best-practices-for-preventing-data-leaks-in-your-organization)" and "[AUTOTITLE](/authentication/connecting-to-github-with-ssh/managing-deploy-keys#deploy-keys)." If you want more fine-grained control over permissions, consider using a {% data variables.product.prodname_github_app %} instead. See "[AUTOTITLE](/apps/overview)." +Organization owners can restrict the creation of deploy keys to help prevent sensitive information from being exposed. For more information, see [AUTOTITLE](/code-security/getting-started/best-practices-for-preventing-data-leaks-in-your-organization) and [AUTOTITLE](/authentication/connecting-to-github-with-ssh/managing-deploy-keys#deploy-keys). If you want more fine-grained control over permissions, consider using a {% data variables.product.prodname_github_app %} instead. See [AUTOTITLE](/apps/overview). -If your organization is owned by an enterprise account, you may not be able to configure this setting for your organization, if an enterprise owner has set a policy at the enterprise level. For more information, see "[AUTOTITLE](/admin/policies/enforcing-policies-for-your-enterprise/enforcing-repository-management-policies-in-your-enterprise#enforcing-a-policy-for-deploy-keys)." +If your organization is owned by an enterprise account, you may not be able to configure this setting for your organization, if an enterprise owner has set a policy at the enterprise level. For more information, see [AUTOTITLE](/admin/policies/enforcing-policies-for-your-enterprise/enforcing-repository-management-policies-in-your-enterprise#enforcing-a-policy-for-deploy-keys). > [!WARNING] > Changing this setting to disabled will result in **existing deploy keys being disabled** in all repositories in the organization. Scripts, apps, or workflows that create, use, or delete deploy keys will no longer work. diff --git a/content/organizations/managing-organization-settings/restricting-repository-creation-in-your-organization.md b/content/organizations/managing-organization-settings/restricting-repository-creation-in-your-organization.md index 955d34123bc9..88dfbc148e48 100644 --- a/content/organizations/managing-organization-settings/restricting-repository-creation-in-your-organization.md +++ b/content/organizations/managing-organization-settings/restricting-repository-creation-in-your-organization.md @@ -27,13 +27,13 @@ Organizations using {% data variables.product.prodname_ghe_cloud %} can also res {% endif %} {% ifversion ghec or ghes %} -Enterprise owners can restrict the options you have available for your organization's repository creation policy. For more information, see "[AUTOTITLE](/admin/policies/enforcing-policies-for-your-enterprise/enforcing-repository-management-policies-in-your-enterprise#enforcing-a-policy-for-repository-creation)." +Enterprise owners can restrict the options you have available for your organization's repository creation policy. For more information, see [AUTOTITLE](/admin/policies/enforcing-policies-for-your-enterprise/enforcing-repository-management-policies-in-your-enterprise#enforcing-a-policy-for-repository-creation). {% endif %} -Organization owners can restrict the type of repositories members can create to private {% ifversion ghec or ghes %}or internal{% endif %} to help prevent sensitive information from being exposed. For more information, see "[AUTOTITLE](/code-security/getting-started/best-practices-for-preventing-data-leaks-in-your-organization)." +Organization owners can restrict the type of repositories members can create to private {% ifversion ghec or ghes %}or internal{% endif %} to help prevent sensitive information from being exposed. For more information, see [AUTOTITLE](/code-security/getting-started/best-practices-for-preventing-data-leaks-in-your-organization). > [!WARNING] -> This setting restricts the visibility options available when repositories are _created_, but does not prevent changing the visibility of _existing_ repositories. For more information about restricting changes to existing repositories' visibilities, see "[AUTOTITLE](/organizations/managing-organization-settings/restricting-repository-visibility-changes-in-your-organization)." +> This setting restricts the visibility options available when repositories are _created_, but does not prevent changing the visibility of _existing_ repositories. For more information about restricting changes to existing repositories' visibilities, see [AUTOTITLE](/organizations/managing-organization-settings/restricting-repository-visibility-changes-in-your-organization). {% data reusables.profile.access_org %} {% data reusables.profile.org_settings %} diff --git a/content/organizations/managing-organization-settings/restricting-repository-visibility-changes-in-your-organization.md b/content/organizations/managing-organization-settings/restricting-repository-visibility-changes-in-your-organization.md index b0a2b38889be..f9119ae7c169 100644 --- a/content/organizations/managing-organization-settings/restricting-repository-visibility-changes-in-your-organization.md +++ b/content/organizations/managing-organization-settings/restricting-repository-visibility-changes-in-your-organization.md @@ -15,9 +15,9 @@ shortTitle: Set visibility changes policy permissions: Organization owners can restrict repository visibility changes for an organization. --- -You can restrict who has the ability to change the visibility of repositories in your organization, such as changing a repository from private to public. For more information about repository visibility, see "[AUTOTITLE](/repositories/creating-and-managing-repositories/about-repositories#about-repository-visibility)." +You can restrict who has the ability to change the visibility of repositories in your organization, such as changing a repository from private to public. For more information about repository visibility, see [AUTOTITLE](/repositories/creating-and-managing-repositories/about-repositories#about-repository-visibility). -Restricting who has the ability to change the visibility of repositories in your organization helps prevent sensitive information from being exposed. For more information, see "[AUTOTITLE](/code-security/getting-started/best-practices-for-preventing-data-leaks-in-your-organization)." +Restricting who has the ability to change the visibility of repositories in your organization helps prevent sensitive information from being exposed. For more information, see [AUTOTITLE](/code-security/getting-started/best-practices-for-preventing-data-leaks-in-your-organization). {% ifversion repo-policy-rules %} @@ -28,7 +28,7 @@ Restricting who has the ability to change the visibility of repositories in your You can restrict the ability to change repository visibility to organization owners only, or you can allow anyone with admin access to a repository to change visibility. > [!WARNING] -> If this setting is enabled, individuals or {% data variables.product.prodname_github_apps %} with admin access can _modify_ the visibility of an existing repository even if the ability to _create_ a repository with that specific visibility has been disabled. For more information about restricting the visibility of repositories during creation, see "[AUTOTITLE](/organizations/managing-organization-settings/restricting-repository-creation-in-your-organization)." +> If this setting is enabled, individuals or {% data variables.product.prodname_github_apps %} with admin access can _modify_ the visibility of an existing repository even if the ability to _create_ a repository with that specific visibility has been disabled. For more information about restricting the visibility of repositories during creation, see [AUTOTITLE](/organizations/managing-organization-settings/restricting-repository-creation-in-your-organization). {% data reusables.profile.access_org %} {% data reusables.profile.org_settings %} diff --git a/content/organizations/managing-organization-settings/setting-permissions-for-adding-outside-collaborators.md b/content/organizations/managing-organization-settings/setting-permissions-for-adding-outside-collaborators.md index 9f30a5f908f1..181d0ccb738f 100644 --- a/content/organizations/managing-organization-settings/setting-permissions-for-adding-outside-collaborators.md +++ b/content/organizations/managing-organization-settings/setting-permissions-for-adding-outside-collaborators.md @@ -16,7 +16,7 @@ shortTitle: Set collaborator policy {% data reusables.enterprise-managed.repo-collaborators-note %} -{% data reusables.organizations.about-outside-collaborators %} For more information, see "[AUTOTITLE](/organizations/managing-user-access-to-your-organizations-repositories/managing-outside-collaborators/adding-outside-collaborators-to-repositories-in-your-organization)." +{% data reusables.organizations.about-outside-collaborators %} For more information, see [AUTOTITLE](/organizations/managing-user-access-to-your-organizations-repositories/managing-outside-collaborators/adding-outside-collaborators-to-repositories-in-your-organization). By default, anyone with admin access to a repository can invite outside collaborators to work on the repository. You can choose to restrict the ability to add outside collaborators to organization owners only. diff --git a/content/organizations/managing-organization-settings/setting-permissions-for-deleting-or-transferring-repositories.md b/content/organizations/managing-organization-settings/setting-permissions-for-deleting-or-transferring-repositories.md index 1a6967f9e869..d85f8aeac414 100644 --- a/content/organizations/managing-organization-settings/setting-permissions-for-deleting-or-transferring-repositories.md +++ b/content/organizations/managing-organization-settings/setting-permissions-for-deleting-or-transferring-repositories.md @@ -17,7 +17,7 @@ shortTitle: Set repo management policy Owners can set permissions for deleting or transferring repositories in an organization. -Limiting the ability to delete or transfer repositories helps prevent sensitive information from being exposed. For more information, see "[AUTOTITLE](/code-security/getting-started/best-practices-for-preventing-data-leaks-in-your-organization)." +Limiting the ability to delete or transfer repositories helps prevent sensitive information from being exposed. For more information, see [AUTOTITLE](/code-security/getting-started/best-practices-for-preventing-data-leaks-in-your-organization). {% ifversion repo-policy-rules %} @@ -35,6 +35,6 @@ Limiting the ability to delete or transfer repositories helps prevent sensitive ## Setting a more flexible policy ({% data variables.release-phases.public_preview %}) -You can create a repository policy to govern who can delete or transfer repositories in your organization. Compared to "member privilege" policies, repository policies give you more flexibility over which users the policies apply to and which repositories are targeted. See "[AUTOTITLE](/organizations/managing-organization-settings/governing-how-people-use-repositories-in-your-organization)." +You can create a repository policy to govern who can delete or transfer repositories in your organization. Compared to "member privilege" policies, repository policies give you more flexibility over which users the policies apply to and which repositories are targeted. See [AUTOTITLE](/organizations/managing-organization-settings/governing-how-people-use-repositories-in-your-organization). {% endif %} diff --git a/content/organizations/managing-organization-settings/transferring-organization-ownership.md b/content/organizations/managing-organization-settings/transferring-organization-ownership.md index 8195108d6b6e..16e607974e21 100644 --- a/content/organizations/managing-organization-settings/transferring-organization-ownership.md +++ b/content/organizations/managing-organization-settings/transferring-organization-ownership.md @@ -21,10 +21,10 @@ shortTitle: Transfer ownership {% endif %} -1. If you're the only member with _owner_ privileges, give another organization member the owner role. For more information, see "[AUTOTITLE](/organizations/managing-peoples-access-to-your-organization-with-roles/maintaining-ownership-continuity-for-your-organization#appointing-an-organization-owner)." +1. If you're the only member with _owner_ privileges, give another organization member the owner role. For more information, see [AUTOTITLE](/organizations/managing-peoples-access-to-your-organization-with-roles/maintaining-ownership-continuity-for-your-organization#appointing-an-organization-owner). 1. Contact the new owner and make sure they are able to [access the organization's settings](/organizations/collaborating-with-groups-in-organizations/accessing-your-organizations-settings). {% ifversion fpt or ghec %} -1. If you are currently responsible for paying for GitHub in your organization, you'll also need to have the new owner or a [billing manager](/organizations/managing-peoples-access-to-your-organization-with-roles/adding-a-billing-manager-to-your-organization) update the organization's payment information. For more information, see "[AUTOTITLE](/billing/managing-your-github-billing-settings/adding-or-editing-a-payment-method)." +1. If you are currently responsible for paying for GitHub in your organization, you'll also need to have the new owner or a [billing manager](/organizations/managing-peoples-access-to-your-organization-with-roles/adding-a-billing-manager-to-your-organization) update the organization's payment information. For more information, see [AUTOTITLE](/billing/managing-your-github-billing-settings/adding-or-editing-a-payment-method). > [!WARNING] > Removing yourself from the organization **does not** update the billing information on file for the organization account. The new owner or a billing manager must update the billing information on file to remove your credit card or PayPal information. diff --git a/content/organizations/managing-organization-settings/upgrading-to-the-github-customer-agreement.md b/content/organizations/managing-organization-settings/upgrading-to-the-github-customer-agreement.md index 3c0c2ec98065..76de8bef9817 100644 --- a/content/organizations/managing-organization-settings/upgrading-to-the-github-customer-agreement.md +++ b/content/organizations/managing-organization-settings/upgrading-to-the-github-customer-agreement.md @@ -16,7 +16,7 @@ shortTitle: Upgrade to Corporate ToS The Standard Terms of Service is an agreement between {% data variables.product.prodname_dotcom %} and you as an individual. To enter into an agreement with {% data variables.product.prodname_dotcom %} on behalf of an entity, such as a company, non-profit, or group, organization owners can upgrade to the {% data variables.product.company_short %} Customer Agreement. -You can upgrade to the {% data variables.product.company_short %} Customer Agreement instead of using the Standard Terms of Service to help prevent sensitive information from being exposed. For more information see "[AUTOTITLE](/code-security/getting-started/best-practices-for-preventing-data-leaks-in-your-organization)." +You can upgrade to the {% data variables.product.company_short %} Customer Agreement instead of using the Standard Terms of Service to help prevent sensitive information from being exposed. For more information see [AUTOTITLE](/code-security/getting-started/best-practices-for-preventing-data-leaks-in-your-organization). 1. Navigate to your organization's settings and scroll to the "Terms of Service" section. 1. Click **Read the {% data variables.product.company_short %} Customer Agreement**. @@ -27,6 +27,6 @@ You can upgrade to the {% data variables.product.company_short %} Customer Agree ## Further reading -* "[AUTOTITLE](/free-pro-team@latest/site-policy/github-terms/github-terms-of-service)" +* [AUTOTITLE](/free-pro-team@latest/site-policy/github-terms/github-terms-of-service) * The [GitHub Customer Terms](https://github.com/customer-terms) -* "[AUTOTITLE](/free-pro-team@latest/site-policy/github-terms/github-corporate-terms-of-service)" +* [AUTOTITLE](/free-pro-team@latest/site-policy/github-terms/github-corporate-terms-of-service) diff --git a/content/organizations/managing-organization-settings/verifying-or-approving-a-domain-for-your-organization.md b/content/organizations/managing-organization-settings/verifying-or-approving-a-domain-for-your-organization.md index 522c8aa76012..2ec6592d852b 100644 --- a/content/organizations/managing-organization-settings/verifying-or-approving-a-domain-for-your-organization.md +++ b/content/organizations/managing-organization-settings/verifying-or-approving-a-domain-for-your-organization.md @@ -22,16 +22,16 @@ shortTitle: Verify or approve a domain ## About domain verification -After verifying ownership of your organization's domains, a "Verified" badge will display on the organization's profile. {% ifversion ghec %}If your organization has agreed to the {% data variables.product.company_short %} Customer Agreement, organization owners will be able to verify the identity of organization members by viewing each member's email address within the verified domain. For more information, see "[AUTOTITLE](/account-and-profile/setting-up-and-managing-your-github-profile/customizing-your-profile/about-your-organizations-profile)" and "[AUTOTITLE](/organizations/managing-organization-settings/upgrading-to-the-github-customer-agreement)."{% endif %} +After verifying ownership of your organization's domains, a "Verified" badge will display on the organization's profile. {% ifversion ghec %}If your organization has agreed to the {% data variables.product.company_short %} Customer Agreement, organization owners will be able to verify the identity of organization members by viewing each member's email address within the verified domain. For more information, see [AUTOTITLE](/account-and-profile/setting-up-and-managing-your-github-profile/customizing-your-profile/about-your-organizations-profile) and [AUTOTITLE](/organizations/managing-organization-settings/upgrading-to-the-github-customer-agreement).{% endif %} {% ifversion ghec or ghes %} -{% ifversion ghec %}If your organization is owned by an enterprise account, a{% else %}A{% endif %} "Verified" badge will display on your organization's profile for any domains verified for the enterprise account, in addition to any domains verified for the organization. Organization owners can view any domains that an enterprise owner has verified or approved, and edit the domains if the organization owner is also an enterprise owner. For more information, see "[AUTOTITLE](/admin/configuration/configuring-your-enterprise/verifying-or-approving-a-domain-for-your-enterprise)." +{% ifversion ghec %}If your organization is owned by an enterprise account, a{% else %}A{% endif %} "Verified" badge will display on your organization's profile for any domains verified for the enterprise account, in addition to any domains verified for the organization. Organization owners can view any domains that an enterprise owner has verified or approved, and edit the domains if the organization owner is also an enterprise owner. For more information, see [AUTOTITLE](/admin/configuration/configuring-your-enterprise/verifying-or-approving-a-domain-for-your-enterprise). {% endif %} {% data reusables.organizations.verified-domains-details %} {% ifversion ghec or ghes %} -After verifying ownership of your organization's domain, you can restrict email notifications for the organization to that domain. For more information, see "[AUTOTITLE](/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/restricting-email-notifications-for-your-organization)." +After verifying ownership of your organization's domain, you can restrict email notifications for the organization to that domain. For more information, see [AUTOTITLE](/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/restricting-email-notifications-for-your-organization). {% endif %} {% ifversion ghec %} @@ -41,9 +41,9 @@ After verifying ownership of your organization's domain, you can restrict email {% endif %} -{% ifversion ghec %}You can also verify custom domains used for {% data variables.product.prodname_pages %} to prevent domain takeovers when a custom domain remains configured but your {% data variables.product.prodname_pages %} site is either disabled or no longer uses the domain. For more information, see "[AUTOTITLE](/pages/configuring-a-custom-domain-for-your-github-pages-site/verifying-your-custom-domain-for-github-pages)."{% endif %} +{% ifversion ghec %}You can also verify custom domains used for {% data variables.product.prodname_pages %} to prevent domain takeovers when a custom domain remains configured but your {% data variables.product.prodname_pages %} site is either disabled or no longer uses the domain. For more information, see [AUTOTITLE](/pages/configuring-a-custom-domain-for-your-github-pages-site/verifying-your-custom-domain-for-github-pages).{% endif %} -If you confirm your organization’s identity by verifying your domain and restricting email notifications to only verified email domains, you can help prevent sensitive information from being exposed. For more information see "[AUTOTITLE](/code-security/getting-started/best-practices-for-preventing-data-leaks-in-your-organization)." +If you confirm your organization’s identity by verifying your domain and restricting email notifications to only verified email domains, you can help prevent sensitive information from being exposed. For more information see [AUTOTITLE](/code-security/getting-started/best-practices-for-preventing-data-leaks-in-your-organization). {% ifversion ghec or ghes %} @@ -53,11 +53,11 @@ If you confirm your organization’s identity by verifying your domain and restr {% data reusables.enterprise-accounts.approved-domains-about %} -After you approve domains for your organization, you can restrict email notifications for activity within the organization to users with verified email addresses within verified or approved domains. For more information, see "[AUTOTITLE](/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/restricting-email-notifications-for-your-organization)." +After you approve domains for your organization, you can restrict email notifications for activity within the organization to users with verified email addresses within verified or approved domains. For more information, see [AUTOTITLE](/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/restricting-email-notifications-for-your-organization). Enterprise owners cannot see which organization members or email addresses receive notifications within approved domains. -Enterprise owners can also approve additional domains for organizations owned by the enterprise. {% ifversion ghec %}For more information, see "[AUTOTITLE](/enterprise-cloud@latest/admin/configuration/configuring-your-enterprise/verifying-or-approving-a-domain-for-your-enterprise)."{% endif %}{% ifversion ghes %}For more information, see "[AUTOTITLE](/admin/configuration/configuring-your-enterprise/verifying-or-approving-a-domain-for-your-enterprise)."{% endif %} +Enterprise owners can also approve additional domains for organizations owned by the enterprise. {% ifversion ghec %}For more information, see [AUTOTITLE](/enterprise-cloud@latest/admin/configuration/configuring-your-enterprise/verifying-or-approving-a-domain-for-your-enterprise).{% endif %}{% ifversion ghes %}For more information, see [AUTOTITLE](/admin/configuration/configuring-your-enterprise/verifying-or-approving-a-domain-for-your-enterprise).{% endif %} {% endif %} ## Verifying a domain for your organization diff --git a/content/organizations/managing-peoples-access-to-your-organization-with-roles/about-custom-organization-roles.md b/content/organizations/managing-peoples-access-to-your-organization-with-roles/about-custom-organization-roles.md index d30c6c94b06a..a544ecfbeb38 100644 --- a/content/organizations/managing-peoples-access-to-your-organization-with-roles/about-custom-organization-roles.md +++ b/content/organizations/managing-peoples-access-to-your-organization-with-roles/about-custom-organization-roles.md @@ -12,7 +12,7 @@ product: 'Organizations on {% data variables.product.prodname_ghe_cloud %}{% ifv {% data reusables.organizations.custom-org-roles-intro %} -You can create and assign custom organization roles in your organization's settings. You can also manage custom roles using the REST API. See "[AUTOTITLE](/organizations/managing-peoples-access-to-your-organization-with-roles/managing-custom-organization-roles)." +You can create and assign custom organization roles in your organization's settings. You can also manage custom roles using the REST API. See [AUTOTITLE](/organizations/managing-peoples-access-to-your-organization-with-roles/managing-custom-organization-roles). {% ifversion org-custom-role-with-repo-permissions %} @@ -29,7 +29,7 @@ Without repository permissions or a base repository role, the organization role {% endif %} -To grant access to **specific** repositories in your organization, you can create a custom repository role. See "[AUTOTITLE](/organizations/managing-user-access-to-your-organizations-repositories/managing-repository-roles/about-custom-repository-roles)." +To grant access to **specific** repositories in your organization, you can create a custom repository role. See [AUTOTITLE](/organizations/managing-user-access-to-your-organizations-repositories/managing-repository-roles/about-custom-repository-roles). ## Permissions for organization access @@ -41,31 +41,31 @@ Organization permissions do not grant read, write, or administrator access to an | Permission | Description | More information | | ------------ | -------------|-------------------- | -| Manage custom organization roles | Access to create, view, update, and delete custom organization roles within the organization. This permission does not allow a user to assign custom roles. | "[AUTOTITLE](/organizations/managing-peoples-access-to-your-organization-with-roles/managing-custom-organization-roles)" | -| View organization roles | Access to view the organization's custom organization roles. | "[AUTOTITLE](/organizations/managing-peoples-access-to-your-organization-with-roles/managing-custom-organization-roles)" | -| Manage custom repository roles | Access to create, view, update, and delete the organization's custom repository roles. |"[AUTOTITLE](/organizations/managing-peoples-access-to-your-organization-with-roles/managing-custom-repository-roles-for-an-organization)" | -| View custom repository roles | Access to view the organization's custom repository roles. | "[AUTOTITLE](/organizations/managing-peoples-access-to-your-organization-with-roles/managing-custom-repository-roles-for-an-organization)" | -| Manage organization webhooks | Access to register and manage webhooks for the organization. Users with this permission will be able to view webhook payloads, which may contain metadata for repositories in the organization. | "[AUTOTITLE](/rest/orgs/webhooks#about-organization-webhooks)" | +| Manage custom organization roles | Access to create, view, update, and delete custom organization roles within the organization. This permission does not allow a user to assign custom roles. | [AUTOTITLE](/organizations/managing-peoples-access-to-your-organization-with-roles/managing-custom-organization-roles) | +| View organization roles | Access to view the organization's custom organization roles. | [AUTOTITLE](/organizations/managing-peoples-access-to-your-organization-with-roles/managing-custom-organization-roles) | +| Manage custom repository roles | Access to create, view, update, and delete the organization's custom repository roles. |[AUTOTITLE](/organizations/managing-peoples-access-to-your-organization-with-roles/managing-custom-repository-roles-for-an-organization) | +| View custom repository roles | Access to view the organization's custom repository roles. | [AUTOTITLE](/organizations/managing-peoples-access-to-your-organization-with-roles/managing-custom-repository-roles-for-an-organization) | +| Manage organization webhooks | Access to register and manage webhooks for the organization. Users with this permission will be able to view webhook payloads, which may contain metadata for repositories in the organization. | [AUTOTITLE](/rest/orgs/webhooks#about-organization-webhooks) | | {% ifversion ghec %} | -Manage organization OAuth app policies | Access to the "OAuth app policy" settings for the organization. | "[AUTOTITLE](/organizations/managing-oauth-access-to-your-organizations-data/about-oauth-app-access-restrictions)" | +Manage organization OAuth app policies | Access to the "OAuth app policy" settings for the organization. | [AUTOTITLE](/organizations/managing-oauth-access-to-your-organizations-data/about-oauth-app-access-restrictions) | | {% endif %} | | {% ifversion repository-properties %} | -| Edit custom properties values at the organization level | Access to set custom property values on all repositories in the organization. | "[AUTOTITLE](/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization)" | -| Manage the organization's custom properties definitions | Access to create and edit custom property definitions for the organization. | "[AUTOTITLE](/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization)" | +| Edit custom properties values at the organization level | Access to set custom property values on all repositories in the organization. | [AUTOTITLE](/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization) | +| Manage the organization's custom properties definitions | Access to create and edit custom property definitions for the organization. | [AUTOTITLE](/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization) | | {% endif %} | | {% ifversion repo-rules-enterprise %} | -| Manage organization ref update rules and rulesets | Access to manage rulesets and view ruleset insights at the organization level. | "[AUTOTITLE](/organizations/managing-organization-settings/managing-rulesets-for-repositories-in-your-organization)" | +| Manage organization ref update rules and rulesets | Access to manage rulesets and view ruleset insights at the organization level. | [AUTOTITLE](/organizations/managing-organization-settings/managing-rulesets-for-repositories-in-your-organization) | | {% endif %} | -| View organization audit log | Access to the audit log for the organization. The audit log may contain metadata for repositories in the organization. | "[AUTOTITLE](/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/reviewing-the-audit-log-for-your-organization)" | -| Manage organization Actions policies | Access to manage all settings on the "Actions General" settings page, except for self-hosted runners settings. | "[AUTOTITLE](/organizations/managing-organization-settings/disabling-or-limiting-github-actions-for-your-organization)" | -| Manage organization runners and runner groups | Access to create and manage GitHub-hosted runners, self-hosted runners, and runner groups, and control where self-hosted runners can be created. | "[AUTOTITLE](/actions/using-github-hosted-runners/about-github-hosted-runners/about-github-hosted-runners#overview-of-github-hosted-runners)"

"[AUTOTITLE](/actions/hosting-your-own-runners/managing-self-hosted-runners/about-self-hosted-runners)" | -| Manage organization Actions secrets | Access to create and manage Actions organization secrets. | "[AUTOTITLE](/actions/security-guides/using-secrets-in-github-actions#creating-secrets-for-an-organization)" | -| Manage organization Actions variables | Access to create and manage Actions organization variables. | "[AUTOTITLE](/actions/learn-github-actions/variables#creating-configuration-variables-for-an-organization)" | +| View organization audit log | Access to the audit log for the organization. The audit log may contain metadata for repositories in the organization. | [AUTOTITLE](/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/reviewing-the-audit-log-for-your-organization) | +| Manage organization Actions policies | Access to manage all settings on the "Actions General" settings page, except for self-hosted runners settings. | [AUTOTITLE](/organizations/managing-organization-settings/disabling-or-limiting-github-actions-for-your-organization) | +| Manage organization runners and runner groups | Access to create and manage GitHub-hosted runners, self-hosted runners, and runner groups, and control where self-hosted runners can be created. | [AUTOTITLE](/actions/using-github-hosted-runners/about-github-hosted-runners/about-github-hosted-runners#overview-of-github-hosted-runners)

[AUTOTITLE](/actions/hosting-your-own-runners/managing-self-hosted-runners/about-self-hosted-runners) | +| Manage organization Actions secrets | Access to create and manage Actions organization secrets. | [AUTOTITLE](/actions/security-guides/using-secrets-in-github-actions#creating-secrets-for-an-organization) | +| Manage organization Actions variables | Access to create and manage Actions organization variables. | [AUTOTITLE](/actions/learn-github-actions/variables#creating-configuration-variables-for-an-organization) | | {% ifversion actions-metrics %} | -| View organization Actions metrics | View {% data variables.product.prodname_actions %} metrics for your organization. | "[AUTOTITLE](/organizations/collaborating-with-groups-in-organizations/viewing-usage-metrics-for-github-actions)" | +| View organization Actions metrics | View {% data variables.product.prodname_actions %} metrics for your organization. | [AUTOTITLE](/organizations/collaborating-with-groups-in-organizations/viewing-usage-metrics-for-github-actions) | | {% endif %} | | {% ifversion push-protection-bypass-fine-grained-permissions %} | -| Review and manage {% data variables.product.prodname_secret_scanning %} bypass requests | Review and manage {% data variables.product.prodname_secret_scanning %} bypass requests for your organization. | "[AUTOTITLE](/code-security/secret-scanning/using-advanced-secret-scanning-and-push-protection-features/delegated-bypass-for-push-protection)" | +| Review and manage {% data variables.product.prodname_secret_scanning %} bypass requests | Review and manage {% data variables.product.prodname_secret_scanning %} bypass requests for your organization. | [AUTOTITLE](/code-security/secret-scanning/using-advanced-secret-scanning-and-push-protection-features/delegated-bypass-for-push-protection) | | {% endif %} | {% endrowheaders %} diff --git a/content/organizations/managing-peoples-access-to-your-organization-with-roles/adding-a-billing-manager-to-your-organization.md b/content/organizations/managing-peoples-access-to-your-organization-with-roles/adding-a-billing-manager-to-your-organization.md index 0ff5a365018e..0e47184d4a3b 100644 --- a/content/organizations/managing-peoples-access-to-your-organization-with-roles/adding-a-billing-manager-to-your-organization.md +++ b/content/organizations/managing-peoples-access-to-your-organization-with-roles/adding-a-billing-manager-to-your-organization.md @@ -49,7 +49,7 @@ Billing managers **are not** able to: {% ifversion ghec %} > [!NOTE] -> If your organization is owned by an enterprise account, you cannot invite billing managers at the organization level. For more information, see "[AUTOTITLE](/admin/overview/about-enterprise-accounts)." +> If your organization is owned by an enterprise account, you cannot invite billing managers at the organization level. For more information, see [AUTOTITLE](/admin/overview/about-enterprise-accounts). {% endif %} @@ -61,4 +61,4 @@ The invited person will receive an invitation email asking them to become a bill ## Further reading -* "[AUTOTITLE](/enterprise-cloud@latest/admin/user-management/managing-users-in-your-enterprise/inviting-people-to-manage-your-enterprise)"{% ifversion fpt %} in the {% data variables.product.prodname_ghe_cloud %} documentation{% endif %} +* [AUTOTITLE](/enterprise-cloud@latest/admin/user-management/managing-users-in-your-enterprise/inviting-people-to-manage-your-enterprise){% ifversion fpt %} in the {% data variables.product.prodname_ghe_cloud %} documentation{% endif %} diff --git a/content/organizations/managing-peoples-access-to-your-organization-with-roles/maintaining-ownership-continuity-for-your-organization.md b/content/organizations/managing-peoples-access-to-your-organization-with-roles/maintaining-ownership-continuity-for-your-organization.md index 389fe17af9f2..82bae3825578 100644 --- a/content/organizations/managing-peoples-access-to-your-organization-with-roles/maintaining-ownership-continuity-for-your-organization.md +++ b/content/organizations/managing-peoples-access-to-your-organization-with-roles/maintaining-ownership-continuity-for-your-organization.md @@ -28,7 +28,7 @@ Organization owners have full administrative access to the organization. {% data > As an organization owner, you can change the role of other organization members and owners. You can't change your own role. {% ifversion enterprise-owner-join-org %} -If your organization is owned by an enterprise account, any enterprise owner can make themselves an owner of your organization. For more information, see "[AUTOTITLE](/admin/user-management/managing-organizations-in-your-enterprise/managing-your-role-in-an-organization-owned-by-your-enterprise)." +If your organization is owned by an enterprise account, any enterprise owner can make themselves an owner of your organization. For more information, see [AUTOTITLE](/admin/user-management/managing-organizations-in-your-enterprise/managing-your-role-in-an-organization-owned-by-your-enterprise). {% endif %} ## Appointing an organization owner diff --git a/content/organizations/managing-peoples-access-to-your-organization-with-roles/managing-custom-organization-roles.md b/content/organizations/managing-peoples-access-to-your-organization-with-roles/managing-custom-organization-roles.md index ba4714e3c75c..df08ad71099b 100644 --- a/content/organizations/managing-peoples-access-to-your-organization-with-roles/managing-custom-organization-roles.md +++ b/content/organizations/managing-peoples-access-to-your-organization-with-roles/managing-custom-organization-roles.md @@ -12,11 +12,11 @@ product: 'Organizations on {% data variables.product.prodname_ghe_cloud %}{% ifv ## About custom organization roles -{% data reusables.organizations.custom-org-roles-intro %} For more information, see "[AUTOTITLE](/organizations/managing-peoples-access-to-your-organization-with-roles/about-custom-organization-roles)." +{% data reusables.organizations.custom-org-roles-intro %} For more information, see [AUTOTITLE](/organizations/managing-peoples-access-to-your-organization-with-roles/about-custom-organization-roles). -If you are an organization owner or have a custom role with the "View organization roles" or "Manage custom organization roles" permissions, you can view custom roles for the organization. To find the "Custom roles" page, you can follow the first steps in "[Creating a custom role](#creating-a-custom-role)." The exact steps will vary depending on which other settings page you have access to. +If you are an organization owner or have a custom role with the "View organization roles" or "Manage custom organization roles" permissions, you can view custom roles for the organization. To find the "Custom roles" page, you can follow the first steps in [Creating a custom role](#creating-a-custom-role). The exact steps will vary depending on which other settings page you have access to. -To{% ifversion org-pre-defined-roles %} view organization role permissions and{% endif %} manage organization role assignments, see "[AUTOTITLE](/organizations/managing-peoples-access-to-your-organization-with-roles/using-organization-roles)" +To{% ifversion org-pre-defined-roles %} view organization role permissions and{% endif %} manage organization role assignments, see [AUTOTITLE](/organizations/managing-peoples-access-to-your-organization-with-roles/using-organization-roles) ## Creating a custom role diff --git a/content/organizations/managing-peoples-access-to-your-organization-with-roles/managing-moderators-in-your-organization.md b/content/organizations/managing-peoples-access-to-your-organization-with-roles/managing-moderators-in-your-organization.md index 0fa911971126..efb1d43c9075 100644 --- a/content/organizations/managing-peoples-access-to-your-organization-with-roles/managing-moderators-in-your-organization.md +++ b/content/organizations/managing-peoples-access-to-your-organization-with-roles/managing-moderators-in-your-organization.md @@ -17,14 +17,14 @@ shortTitle: Managing moderators Sometimes it's necessary to block a contributor, or to set up interaction limits for your organization, or for individual repositories. As an organization owner, you can perform these tasks, but you may want to delegate these tasks to other members of your organization. You can do this by assigning an organization member, or a team, to the moderator role. Organization moderators can: -* Block and unblock users from the organization. For more information, see "[AUTOTITLE](/communities/maintaining-your-safety-on-github/blocking-a-user-from-your-organization)." -* Manage organization interaction limits. For more information, see "[AUTOTITLE](/communities/moderating-comments-and-conversations/limiting-interactions-in-your-organization)." -* Manage repository interaction limits. For more information, see "[AUTOTITLE](/communities/moderating-comments-and-conversations/limiting-interactions-in-your-repository)." -* Hide comments in all public repositories owned by the organization. For more information, see "[AUTOTITLE](/communities/moderating-comments-and-conversations/managing-disruptive-comments)." +* Block and unblock users from the organization. For more information, see [AUTOTITLE](/communities/maintaining-your-safety-on-github/blocking-a-user-from-your-organization). +* Manage organization interaction limits. For more information, see [AUTOTITLE](/communities/moderating-comments-and-conversations/limiting-interactions-in-your-organization). +* Manage repository interaction limits. For more information, see [AUTOTITLE](/communities/moderating-comments-and-conversations/limiting-interactions-in-your-repository). +* Hide comments in all public repositories owned by the organization. For more information, see [AUTOTITLE](/communities/moderating-comments-and-conversations/managing-disruptive-comments). Making someone an organization moderator does not give them additional abilities other than those listed above. For example, someone who only has read access to a repository will not gain write access by being made a moderator. -You can add up to 10 individual people, or teams, as moderators. If you've already assigned 10 individuals and/or teams as users and you want to add more, you can group people in a moderators team and then use this to replace one or more of the existing assignments. For more information, see "[AUTOTITLE](/organizations/organizing-members-into-teams/creating-a-team)." +You can add up to 10 individual people, or teams, as moderators. If you've already assigned 10 individuals and/or teams as users and you want to add more, you can group people in a moderators team and then use this to replace one or more of the existing assignments. For more information, see [AUTOTITLE](/organizations/organizing-members-into-teams/creating-a-team). ## Adding an organization moderator diff --git a/content/organizations/managing-peoples-access-to-your-organization-with-roles/managing-security-managers-in-your-organization.md b/content/organizations/managing-peoples-access-to-your-organization-with-roles/managing-security-managers-in-your-organization.md index a2d600e2ef3b..e059f9d3d840 100644 --- a/content/organizations/managing-peoples-access-to-your-organization-with-roles/managing-security-managers-in-your-organization.md +++ b/content/organizations/managing-peoples-access-to-your-organization-with-roles/managing-security-managers-in-your-organization.md @@ -30,7 +30,7 @@ Organization members {% ifversion org-sec-manager-update %} and members of teams Additional functionality, including a security overview for the organization, is available in organizations that use {% data variables.product.prodname_ghe_cloud %}. For more information, see the [{% data variables.product.prodname_ghe_cloud %} documentation](/enterprise-cloud@latest/organizations/managing-peoples-access-to-your-organization-with-roles/managing-security-managers-in-your-organization). {% endif %} -If a team has the security manager role, people with admin access to the team and a specific repository can change the team's level of access to that repository but cannot remove the access. For more information, see "[AUTOTITLE](/organizations/managing-user-access-to-your-organizations-repositories/managing-repository-roles/managing-team-access-to-an-organization-repository)" and "[AUTOTITLE](/repositories/managing-your-repositorys-settings-and-features/managing-repository-settings/managing-teams-and-people-with-access-to-your-repository)." +If a team has the security manager role, people with admin access to the team and a specific repository can change the team's level of access to that repository but cannot remove the access. For more information, see [AUTOTITLE](/organizations/managing-user-access-to-your-organizations-repositories/managing-repository-roles/managing-team-access-to-an-organization-repository) and [AUTOTITLE](/repositories/managing-your-repositorys-settings-and-features/managing-repository-settings/managing-teams-and-people-with-access-to-your-repository). {% ifversion org-sec-manager-update %} @@ -38,11 +38,11 @@ If a team has the security manager role, people with admin access to the team an You can assign the pre-defined security manager role to either an organization team or directly to an organization member. Larger organizations may want to create a dedicated team for security management. This approach is especially useful if you want to assign additional permissions to your security experts. -For information about assigning roles to users and teams, see "[AUTOTITLE](/organizations/managing-peoples-access-to-your-organization-with-roles/using-organization-roles)." +For information about assigning roles to users and teams, see [AUTOTITLE](/organizations/managing-peoples-access-to-your-organization-with-roles/using-organization-roles). ## Creating a custom security role -You can create custom security roles for your organization with reduced or increased access, as needed. For example, you might create a security role limited to managing secret scanning results and bypass requests, or you might create a combined security and audit log role. For more information, see "[AUTOTITLE](/organizations/managing-peoples-access-to-your-organization-with-roles/managing-custom-organization-roles)." +You can create custom security roles for your organization with reduced or increased access, as needed. For example, you might create a security role limited to managing secret scanning results and bypass requests, or you might create a combined security and audit log role. For more information, see [AUTOTITLE](/organizations/managing-peoples-access-to-your-organization-with-roles/managing-custom-organization-roles). {% else %} diff --git a/content/organizations/managing-peoples-access-to-your-organization-with-roles/roles-in-an-organization.md b/content/organizations/managing-peoples-access-to-your-organization-with-roles/roles-in-an-organization.md index 45e853db33d8..f44c8a866ca9 100644 --- a/content/organizations/managing-peoples-access-to-your-organization-with-roles/roles-in-an-organization.md +++ b/content/organizations/managing-peoples-access-to-your-organization-with-roles/roles-in-an-organization.md @@ -20,11 +20,11 @@ shortTitle: Roles in an organization {% data reusables.organizations.about-roles %} -Repository-level roles give organization members, outside collaborators and teams of people varying levels of access to repositories. For more information, see "[AUTOTITLE](/organizations/managing-user-access-to-your-organizations-repositories/managing-repository-roles/repository-roles-for-an-organization)." +Repository-level roles give organization members, outside collaborators and teams of people varying levels of access to repositories. For more information, see [AUTOTITLE](/organizations/managing-user-access-to-your-organizations-repositories/managing-repository-roles/repository-roles-for-an-organization). -Team-level roles are roles that give permissions to manage a team. You can give any individual member of a team the team maintainer role, which gives the member a number of administrative permissions over a team. For more information, see "[AUTOTITLE](/organizations/organizing-members-into-teams/assigning-the-team-maintainer-role-to-a-team-member)." +Team-level roles are roles that give permissions to manage a team. You can give any individual member of a team the team maintainer role, which gives the member a number of administrative permissions over a team. For more information, see [AUTOTITLE](/organizations/organizing-members-into-teams/assigning-the-team-maintainer-role-to-a-team-member). -Organization-level roles are sets of permissions that can be assigned to individuals or teams to manage an organization and the organization's repositories, teams, and settings. For more information about all the roles available at the organization level, see "[About organization roles](#about-organization-roles)." +Organization-level roles are sets of permissions that can be assigned to individuals or teams to manage an organization and the organization's repositories, teams, and settings. For more information about all the roles available at the organization level, see [About organization roles](#about-organization-roles). {% ifversion org-pre-defined-roles %} @@ -32,25 +32,25 @@ Organization-level roles are sets of permissions that can be assigned to individ {% data reusables.organizations.pre-defined-organization-roles %} -For more information, see "[AUTOTITLE](/organizations/managing-peoples-access-to-your-organization-with-roles/using-organization-roles)." +For more information, see [AUTOTITLE](/organizations/managing-peoples-access-to-your-organization-with-roles/using-organization-roles). {% endif %} ## About organization roles -You can assign people to a variety of organization-level roles to control your members' access to your organization and its resources. For more details about the individual permissions included in each role, see "[Permissions for organization roles](#permissions-for-organization-roles)." +You can assign people to a variety of organization-level roles to control your members' access to your organization and its resources. For more details about the individual permissions included in each role, see [Permissions for organization roles](#permissions-for-organization-roles). {% ifversion custom-org-roles %} -For more granular control of access to your organization's settings, you can create a custom organization role. For more information, see "[AUTOTITLE](/organizations/managing-peoples-access-to-your-organization-with-roles/about-custom-organization-roles)." +For more granular control of access to your organization's settings, you can create a custom organization role. For more information, see [AUTOTITLE](/organizations/managing-peoples-access-to-your-organization-with-roles/about-custom-organization-roles). {% endif %} {% ifversion enterprise-owner-join-org %} -If your organization is owned by an enterprise account, enterprise owners can choose to join your organization with any role. For more information, see "[AUTOTITLE](/admin/user-management/managing-organizations-in-your-enterprise/managing-your-role-in-an-organization-owned-by-your-enterprise)." +If your organization is owned by an enterprise account, enterprise owners can choose to join your organization with any role. For more information, see [AUTOTITLE](/admin/user-management/managing-organizations-in-your-enterprise/managing-your-role-in-an-organization-owned-by-your-enterprise). {% endif %} ### Organization owners -Organization owners have complete administrative access to your organization. This role should be limited, but to no less than two people, in your organization. For more information, see "[AUTOTITLE](/organizations/managing-peoples-access-to-your-organization-with-roles/maintaining-ownership-continuity-for-your-organization)." +Organization owners have complete administrative access to your organization. This role should be limited, but to no less than two people, in your organization. For more information, see [AUTOTITLE](/organizations/managing-peoples-access-to-your-organization-with-roles/maintaining-ownership-continuity-for-your-organization). ### Organization members @@ -60,11 +60,11 @@ The default, non-administrative role for people in an organization is the organi ### Organization moderators -Moderators are organization members who, in addition to their permissions as members, are allowed to block and unblock non-member contributors, set interaction limits, and hide comments in public repositories owned by the organization. For more information, see "[AUTOTITLE](/organizations/managing-peoples-access-to-your-organization-with-roles/managing-moderators-in-your-organization)." +Moderators are organization members who, in addition to their permissions as members, are allowed to block and unblock non-member contributors, set interaction limits, and hide comments in public repositories owned by the organization. For more information, see [AUTOTITLE](/organizations/managing-peoples-access-to-your-organization-with-roles/managing-moderators-in-your-organization). ### Billing managers -Billing managers are users who can manage the billing settings for your organization, such as payment information. This is a useful option if members of your organization don't usually have access to billing resources. For more information, see "[AUTOTITLE](/organizations/managing-peoples-access-to-your-organization-with-roles/adding-a-billing-manager-to-your-organization)." +Billing managers are users who can manage the billing settings for your organization, such as payment information. This is a useful option if members of your organization don't usually have access to billing resources. For more information, see [AUTOTITLE](/organizations/managing-peoples-access-to-your-organization-with-roles/adding-a-billing-manager-to-your-organization). {% endif %} @@ -74,20 +74,20 @@ Billing managers are users who can manage the billing settings for your organiza {% data reusables.organizations.about-security-managers %} -If your organization has a security team, you can use the security manager role to give members of the team the least access they need to the organization. For more information, see "[AUTOTITLE](/organizations/managing-peoples-access-to-your-organization-with-roles/managing-security-managers-in-your-organization)." +If your organization has a security team, you can use the security manager role to give members of the team the least access they need to the organization. For more information, see [AUTOTITLE](/organizations/managing-peoples-access-to-your-organization-with-roles/managing-security-managers-in-your-organization). ### {% data variables.product.prodname_github_app %} managers By default, only organization owners can manage the settings of {% data variables.product.prodname_github_app %} registrations owned by an organization. To allow additional users to manage {% data variables.product.prodname_github_app %} registrations owned by an organization, an owner can grant them {% data variables.product.prodname_github_app %} manager permissions. -When you designate a user as a {% data variables.product.prodname_github_app %} manager in your organization, you can grant them access to manage the settings of some or all {% data variables.product.prodname_github_app %} registrations owned by the organization. The {% data variables.product.prodname_github_app %} manager role does not grant users access to install and uninstall {% data variables.product.prodname_github_apps %} on an organization. For more information, see "[AUTOTITLE](/organizations/managing-programmatic-access-to-your-organization/adding-and-removing-github-app-managers-in-your-organization)." +When you designate a user as a {% data variables.product.prodname_github_app %} manager in your organization, you can grant them access to manage the settings of some or all {% data variables.product.prodname_github_app %} registrations owned by the organization. The {% data variables.product.prodname_github_app %} manager role does not grant users access to install and uninstall {% data variables.product.prodname_github_apps %} on an organization. For more information, see [AUTOTITLE](/organizations/managing-programmatic-access-to-your-organization/adding-and-removing-github-app-managers-in-your-organization). ### Outside collaborators{% ifversion repository-collaborators %} or repository collaborators{% endif %} To keep your organization's data secure while allowing access to repositories, you can add outside collaborators. An outside collaborator is a person who has access to one or more organization repositories but is not explicitly a member of the organization, such as a consultant or temporary employee. {% ifversion repository-collaborators %} -If your enterprise uses {% data variables.enterprise.prodname_managed_users %}, the outside collaborator role is called "repository collaborator." A repository collaborator must be part of your enterprise, with a {% data variables.enterprise.prodname_managed_user %} provisioned from your identity provider. If the user does not already consume a license, the user will consume a license after you grant access to a repository. For more information, see "[AUTOTITLE](/billing/managing-the-plan-for-your-github-account/about-per-user-pricing#about-changes-to-your-subscription)." +If your enterprise uses {% data variables.enterprise.prodname_managed_users %}, the outside collaborator role is called "repository collaborator." A repository collaborator must be part of your enterprise, with a {% data variables.enterprise.prodname_managed_user %} provisioned from your identity provider. If the user does not already consume a license, the user will consume a license after you grant access to a repository. For more information, see [AUTOTITLE](/billing/managing-the-plan-for-your-github-account/about-per-user-pricing#about-changes-to-your-subscription). Generally, the outside collaborator and repository collaborator roles are equivalent, and the documentation for outside collaborators also applies to repository collaborators. However, the following distinctions apply: * You cannot enforce two-factor authentication (2FA) for repository collaborators, because this feature is not available with {% data variables.product.prodname_emus %}. @@ -102,15 +102,15 @@ Generally, the outside collaborator and repository collaborator roles are equiva To manage access to repositories for outside collaborators{% ifversion repository-collaborators %} or repository collaborators{% endif %}, see: -* "[AUTOTITLE](/organizations/managing-user-access-to-your-organizations-repositories/adding-outside-collaborators-to-repositories-in-your-organization)" -* "[AUTOTITLE](/organizations/managing-user-access-to-your-organizations-repositories/converting-an-organization-member-to-an-outside-collaborator)" -* "[AUTOTITLE](/organizations/managing-user-access-to-your-organizations-repositories/removing-an-outside-collaborator-from-an-organization-repository)" +* [AUTOTITLE](/organizations/managing-user-access-to-your-organizations-repositories/adding-outside-collaborators-to-repositories-in-your-organization) +* [AUTOTITLE](/organizations/managing-user-access-to-your-organizations-repositories/converting-an-organization-member-to-an-outside-collaborator) +* [AUTOTITLE](/organizations/managing-user-access-to-your-organizations-repositories/removing-an-outside-collaborator-from-an-organization-repository) {% ifversion ghec or ghes %} To control who can add outside collaborators{% ifversion repository-collaborators %} or repository collaborators{% endif %} to repositories, see: -* "[AUTOTITLE](/organizations/managing-organization-settings/setting-permissions-for-adding-outside-collaborators)" -* "[AUTOTITLE](/admin/policies/enforcing-policies-for-your-enterprise/enforcing-repository-management-policies-in-your-enterprise#enforcing-a-policy-for-inviting-outside-collaborators-to-repositories)" +* [AUTOTITLE](/organizations/managing-organization-settings/setting-permissions-for-adding-outside-collaborators) +* [AUTOTITLE](/admin/policies/enforcing-policies-for-your-enterprise/enforcing-repository-management-policies-in-your-enterprise#enforcing-a-policy-for-inviting-outside-collaborators-to-repositories) {% endif %} ## Permissions for organization roles @@ -126,7 +126,7 @@ Some of the features listed below are limited to organizations using {% data var | Organization permission | Owners | Members | Moderators | Billing managers | Security managers | |:------------------------|:------:|:-------:|:----------:|:----------------:|:-----------------:| -| Create repositories (see "[AUTOTITLE](/organizations/managing-organization-settings/restricting-repository-creation-in-your-organization)") | {% octicon "check" aria-label="Yes" %} | {% octicon "check" aria-label="Yes" %} | {% octicon "check" aria-label="Yes" %} | {% octicon "x" aria-label="No" %} | {% octicon "check" aria-label="Yes" %} | +| Create repositories (see [AUTOTITLE](/organizations/managing-organization-settings/restricting-repository-creation-in-your-organization)) | {% octicon "check" aria-label="Yes" %} | {% octicon "check" aria-label="Yes" %} | {% octicon "check" aria-label="Yes" %} | {% octicon "x" aria-label="No" %} | {% octicon "check" aria-label="Yes" %} | | View and edit billing information | {% octicon "check" aria-label="Yes" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "check" aria-label="Yes" %} | {% octicon "x" aria-label="No" %} | | Invite people to join the organization | {% octicon "check" aria-label="Yes" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | | Edit and cancel invitations to join the organization | {% octicon "check" aria-label="Yes" %} | {% octicon "x" aria-label="No" %} |{% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | @@ -134,58 +134,58 @@ Some of the features listed below are limited to organizations using {% data var | Reinstate former members to the organization | {% octicon "check" aria-label="Yes" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | | Add and remove people from **all teams** | {% octicon "check" aria-label="Yes" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | | Promote organization members to _team maintainer_ | {% octicon "check" aria-label="Yes" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | -| Configure code review assignments (see "[AUTOTITLE](/organizations/organizing-members-into-teams/managing-code-review-settings-for-your-team)") | {% octicon "check" aria-label="Yes" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | -| Set scheduled reminders (see "[AUTOTITLE](/organizations/organizing-members-into-teams/managing-scheduled-reminders-for-your-team)") | {% octicon "check" aria-label="Yes" %} |{% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | +| Configure code review assignments (see [AUTOTITLE](/organizations/organizing-members-into-teams/managing-code-review-settings-for-your-team)) | {% octicon "check" aria-label="Yes" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | +| Set scheduled reminders (see [AUTOTITLE](/organizations/organizing-members-into-teams/managing-scheduled-reminders-for-your-team)) | {% octicon "check" aria-label="Yes" %} |{% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | | Add collaborators to **all repositories** | {% octicon "check" aria-label="Yes" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | | Access the organization audit log | {% octicon "check" aria-label="Yes" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | -| Edit the organization's profile page (see "[AUTOTITLE](/account-and-profile/setting-up-and-managing-your-github-profile/customizing-your-profile/about-your-organizations-profile)") | {% octicon "check" aria-label="Yes" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | +| Edit the organization's profile page (see [AUTOTITLE](/account-and-profile/setting-up-and-managing-your-github-profile/customizing-your-profile/about-your-organizations-profile)) | {% octicon "check" aria-label="Yes" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | | {% ifversion ghec %} | -| Verify the organization's domains (see "[AUTOTITLE](/organizations/managing-organization-settings/verifying-or-approving-a-domain-for-your-organization)") | {% octicon "check" aria-label="Yes" %} | {% octicon "x" aria-label="No" %} |{% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | -| Restrict email notifications to verified or approved domains (see "[AUTOTITLE](/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/restricting-email-notifications-for-your-organization)") | {% octicon "check" aria-label="Yes" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | +| Verify the organization's domains (see [AUTOTITLE](/organizations/managing-organization-settings/verifying-or-approving-a-domain-for-your-organization)) | {% octicon "check" aria-label="Yes" %} | {% octicon "x" aria-label="No" %} |{% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | +| Restrict email notifications to verified or approved domains (see [AUTOTITLE](/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/restricting-email-notifications-for-your-organization)) | {% octicon "check" aria-label="Yes" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | | {% endif %} | | Delete **all teams** | {% octicon "check" aria-label="Yes" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | | Delete the organization account, including all repositories | {% octicon "check" aria-label="Yes" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | -| Create teams (see "[AUTOTITLE](/organizations/managing-organization-settings/setting-team-creation-permissions-in-your-organization)") | {% octicon "check" aria-label="Yes" %} | {% octicon "check" aria-label="Yes" %} | {% octicon "check" aria-label="Yes" %} | {% octicon "x" aria-label="No" %} | {% octicon "check" aria-label="Yes" %} | +| Create teams (see [AUTOTITLE](/organizations/managing-organization-settings/setting-team-creation-permissions-in-your-organization)) | {% octicon "check" aria-label="Yes" %} | {% octicon "check" aria-label="Yes" %} | {% octicon "check" aria-label="Yes" %} | {% octicon "x" aria-label="No" %} | {% octicon "check" aria-label="Yes" %} | | [Move teams in an organization's hierarchy](/organizations/organizing-members-into-teams/moving-a-team-in-your-organizations-hierarchy) | {% octicon "check" aria-label="Yes" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | | {% ifversion projects-v1 %} | -| Create projects (see "[AUTOTITLE](/organizations/managing-access-to-your-organizations-project-boards/project-board-permissions-for-an-organization)") | {% octicon "check" aria-label="Yes" %} | {% octicon "check" aria-label="Yes" %} | {% octicon "check" aria-label="Yes" %} | {% octicon "x" aria-label="No" %} | {% octicon "check" aria-label="Yes" %} | +| Create projects (see [AUTOTITLE](/organizations/managing-access-to-your-organizations-project-boards/project-board-permissions-for-an-organization)) | {% octicon "check" aria-label="Yes" %} | {% octicon "check" aria-label="Yes" %} | {% octicon "check" aria-label="Yes" %} | {% octicon "x" aria-label="No" %} | {% octicon "check" aria-label="Yes" %} | | {% endif %} | | See all organization members and teams | {% octicon "check" aria-label="Yes" %} | {% octicon "check" aria-label="Yes" %} | {% octicon "check" aria-label="Yes" %} | {% octicon "x" aria-label="No" %} | {% octicon "check" aria-label="Yes" %} | | @mention any visible team | {% octicon "check" aria-label="Yes" %} | {% octicon "check" aria-label="Yes" %} | {% octicon "check" aria-label="Yes" %} | {% octicon "x" aria-label="No" %} | {% octicon "check" aria-label="Yes" %} | | Can be made a _team maintainer_ | {% octicon "check" aria-label="Yes" %} | {% octicon "check" aria-label="Yes" %} | {% octicon "check" aria-label="Yes" %} | {% octicon "x" aria-label="No" %} | {% octicon "check" aria-label="Yes" %} | | {% ifversion ghec %} | -| View organization insights (see "[AUTOTITLE](/organizations/collaborating-with-groups-in-organizations/viewing-insights-for-dependencies-in-your-organization)") | {% octicon "check" aria-label="Yes" %} | {% octicon "check" aria-label="Yes" %} | {% octicon "check" aria-label="Yes" %} | {% octicon "x" aria-label="No" %} | {% octicon "check" aria-label="Yes" %} | +| View organization insights (see [AUTOTITLE](/organizations/collaborating-with-groups-in-organizations/viewing-insights-for-dependencies-in-your-organization)) | {% octicon "check" aria-label="Yes" %} | {% octicon "check" aria-label="Yes" %} | {% octicon "check" aria-label="Yes" %} | {% octicon "x" aria-label="No" %} | {% octicon "check" aria-label="Yes" %} | | {% endif %} | | {% ifversion team-discussions %} | -| View and post public team discussions to **all teams** (see "[AUTOTITLE](/organizations/collaborating-with-your-team/about-team-discussions)") | {% octicon "check" aria-label="Yes" %} | {% octicon "check" aria-label="Yes" %} | {% octicon "check" aria-label="Yes" %} | {% octicon "x" aria-label="No" %} | {% octicon "check" aria-label="Yes" %} | -| View and post private team discussions to **all teams** (see "[AUTOTITLE](/organizations/collaborating-with-your-team/about-team-discussions)") | {% octicon "check" aria-label="Yes" %} | {% octicon "x" aria-label="No" %} |{% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | -| Edit and delete team discussions in **all teams** (see "[AUTOTITLE](/communities/moderating-comments-and-conversations/managing-disruptive-comments)") | {% octicon "check" aria-label="Yes" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | -| Disable team discussions for an organization (see "[AUTOTITLE](/organizations/organizing-members-into-teams/disabling-team-discussions-for-your-organization)") | {% octicon "check" aria-label="Yes" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | +| View and post public team discussions to **all teams** (see [AUTOTITLE](/organizations/collaborating-with-your-team/about-team-discussions)) | {% octicon "check" aria-label="Yes" %} | {% octicon "check" aria-label="Yes" %} | {% octicon "check" aria-label="Yes" %} | {% octicon "x" aria-label="No" %} | {% octicon "check" aria-label="Yes" %} | +| View and post private team discussions to **all teams** (see [AUTOTITLE](/organizations/collaborating-with-your-team/about-team-discussions)) | {% octicon "check" aria-label="Yes" %} | {% octicon "x" aria-label="No" %} |{% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | +| Edit and delete team discussions in **all teams** (see [AUTOTITLE](/communities/moderating-comments-and-conversations/managing-disruptive-comments)) | {% octicon "check" aria-label="Yes" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | +| Disable team discussions for an organization (see [AUTOTITLE](/organizations/organizing-members-into-teams/disabling-team-discussions-for-your-organization)) | {% octicon "check" aria-label="Yes" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | | {% endif %} | -| Hide comments on writable commits, pull requests, and issues (see "[AUTOTITLE](/communities/moderating-comments-and-conversations/managing-disruptive-comments#hiding-a-comment)") | {% octicon "check" aria-label="Yes" %} | {% octicon "check" aria-label="Yes" %} | {% octicon "check" aria-label="Yes" %} | {% octicon "x" aria-label="No" %} | {% octicon "check" aria-label="Yes" %} | -| Hide comments on _all_ commits, pull requests, and issues (see "[AUTOTITLE](/communities/moderating-comments-and-conversations/managing-disruptive-comments#hiding-a-comment)") | {% octicon "check" aria-label="Yes" %} | {% octicon "x" aria-label="No" %} | {% octicon "check" aria-label="Yes" %} | {% octicon "x" aria-label="No" %} | {% octicon "check" aria-label="Yes" %} | -| Block and unblock non-member contributors (see "[AUTOTITLE](/communities/maintaining-your-safety-on-github/blocking-a-user-from-your-organization)") | {% octicon "check" aria-label="Yes" %} | {% octicon "x" aria-label="No" %} | {% octicon "check" aria-label="Yes" %} | {% octicon "x" aria-label="No" %} |{% octicon "x" aria-label="No" %} | -| Limit interactions for certain users in public repositories (see "[AUTOTITLE](/communities/moderating-comments-and-conversations/limiting-interactions-in-your-organization)") | {% octicon "check" aria-label="Yes" %} | {% octicon "x" aria-label="No" %} | {% octicon "check" aria-label="Yes" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | +| Hide comments on writable commits, pull requests, and issues (see [AUTOTITLE](/communities/moderating-comments-and-conversations/managing-disruptive-comments#hiding-a-comment)) | {% octicon "check" aria-label="Yes" %} | {% octicon "check" aria-label="Yes" %} | {% octicon "check" aria-label="Yes" %} | {% octicon "x" aria-label="No" %} | {% octicon "check" aria-label="Yes" %} | +| Hide comments on _all_ commits, pull requests, and issues (see [AUTOTITLE](/communities/moderating-comments-and-conversations/managing-disruptive-comments#hiding-a-comment)) | {% octicon "check" aria-label="Yes" %} | {% octicon "x" aria-label="No" %} | {% octicon "check" aria-label="Yes" %} | {% octicon "x" aria-label="No" %} | {% octicon "check" aria-label="Yes" %} | +| Block and unblock non-member contributors (see [AUTOTITLE](/communities/maintaining-your-safety-on-github/blocking-a-user-from-your-organization)) | {% octicon "check" aria-label="Yes" %} | {% octicon "x" aria-label="No" %} | {% octicon "check" aria-label="Yes" %} | {% octicon "x" aria-label="No" %} |{% octicon "x" aria-label="No" %} | +| Limit interactions for certain users in public repositories (see [AUTOTITLE](/communities/moderating-comments-and-conversations/limiting-interactions-in-your-organization)) | {% octicon "check" aria-label="Yes" %} | {% octicon "x" aria-label="No" %} | {% octicon "check" aria-label="Yes" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | | {% ifversion ghec %} | -| Manage viewing of organization dependency insights (see "[AUTOTITLE](/organizations/managing-organization-settings/changing-the-visibility-of-your-organizations-dependency-insights)") | {% octicon "check" aria-label="Yes" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | +| Manage viewing of organization dependency insights (see [AUTOTITLE](/organizations/managing-organization-settings/changing-the-visibility-of-your-organizations-dependency-insights)) | {% octicon "check" aria-label="Yes" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | | {% endif %} | -| Set a team profile picture in **all teams** (see "[AUTOTITLE](/organizations/organizing-members-into-teams/setting-your-teams-profile-picture)") | {% octicon "check" aria-label="Yes" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | -| Sponsor accounts and manage the organization's sponsorships (see "[AUTOTITLE](/sponsors/sponsoring-open-source-contributors)") | {% octicon "check" aria-label="Yes" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "check" aria-label="Yes" %} | {% octicon "check" aria-label="Yes" %} | -| Manage email updates from sponsored accounts (see "[AUTOTITLE](/organizations/managing-organization-settings/managing-updates-from-accounts-your-organization-sponsors)") | {% octicon "check" aria-label="Yes" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | -| Attribute your sponsorships to another organization (see "[AUTOTITLE](/sponsors/sponsoring-open-source-contributors/attributing-sponsorships-to-your-organization)" for details ) | {% octicon "check" aria-label="Yes" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | -| Manage the publication of {% data variables.product.prodname_pages %} sites from repositories in the organization (see "[AUTOTITLE](/organizations/managing-organization-settings/managing-the-publication-of-github-pages-sites-for-your-organization)") | {% octicon "check" aria-label="Yes" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | -| Manage security and analysis settings (see "[AUTOTITLE](/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-security-and-analysis-settings-for-your-organization)") | {% octicon "check" aria-label="Yes" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "check" aria-label="Yes" %} | -| View security overview for the organization (see "[AUTOTITLE](/code-security/security-overview/about-security-overview)") | {% octicon "check" aria-label="Yes" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "check" aria-label="Yes" %} | +| Set a team profile picture in **all teams** (see [AUTOTITLE](/organizations/organizing-members-into-teams/setting-your-teams-profile-picture)) | {% octicon "check" aria-label="Yes" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | +| Sponsor accounts and manage the organization's sponsorships (see [AUTOTITLE](/sponsors/sponsoring-open-source-contributors)) | {% octicon "check" aria-label="Yes" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "check" aria-label="Yes" %} | {% octicon "check" aria-label="Yes" %} | +| Manage email updates from sponsored accounts (see [AUTOTITLE](/organizations/managing-organization-settings/managing-updates-from-accounts-your-organization-sponsors)) | {% octicon "check" aria-label="Yes" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | +| Attribute your sponsorships to another organization (see [AUTOTITLE](/sponsors/sponsoring-open-source-contributors/attributing-sponsorships-to-your-organization) for details ) | {% octicon "check" aria-label="Yes" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | +| Manage the publication of {% data variables.product.prodname_pages %} sites from repositories in the organization (see [AUTOTITLE](/organizations/managing-organization-settings/managing-the-publication-of-github-pages-sites-for-your-organization)) | {% octicon "check" aria-label="Yes" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | +| Manage security and analysis settings (see [AUTOTITLE](/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-security-and-analysis-settings-for-your-organization)) | {% octicon "check" aria-label="Yes" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "check" aria-label="Yes" %} | +| View security overview for the organization (see [AUTOTITLE](/code-security/security-overview/about-security-overview)) | {% octicon "check" aria-label="Yes" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "check" aria-label="Yes" %} | | {% ifversion ghec %} | | Enable and enforce [SAML single sign-on](/organizations/managing-saml-single-sign-on-for-your-organization/about-identity-and-access-management-with-saml-single-sign-on) | {% octicon "check" aria-label="Yes" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | | [Manage a user's SAML access to your organization](/organizations/granting-access-to-your-organization-with-saml-single-sign-on/viewing-and-managing-a-members-saml-access-to-your-organization) | {% octicon "check" aria-label="Yes" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | -| Manage an organization's SSH certificate authorities (see "[AUTOTITLE](/organizations/managing-git-access-to-your-organizations-repositories/managing-your-organizations-ssh-certificate-authorities)") | {% octicon "check" aria-label="Yes" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | +| Manage an organization's SSH certificate authorities (see [AUTOTITLE](/organizations/managing-git-access-to-your-organizations-repositories/managing-your-organizations-ssh-certificate-authorities)) | {% octicon "check" aria-label="Yes" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | | {% endif %} | | Transfer repositories | {% octicon "check" aria-label="Yes" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | | Purchase, install, manage billing for, and cancel {% data variables.product.prodname_marketplace %} apps | {% octicon "check" aria-label="Yes" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | | List apps in {% data variables.product.prodname_marketplace %} | {% octicon "check" aria-label="Yes" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | | Receive [{% data variables.product.prodname_dependabot_alerts %} about insecure dependencies](/code-security/dependabot/dependabot-alerts/about-dependabot-alerts) for all of an organization's repositories | {% octicon "check" aria-label="Yes" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "check" aria-label="Yes" %} | -| Manage {% data variables.product.prodname_dependabot_security_updates %} (see "[AUTOTITLE](/code-security/dependabot/dependabot-security-updates/about-dependabot-security-updates)") | {% octicon "check" aria-label="Yes" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "check" aria-label="Yes" %} | +| Manage {% data variables.product.prodname_dependabot_security_updates %} (see [AUTOTITLE](/code-security/dependabot/dependabot-security-updates/about-dependabot-security-updates)) | {% octicon "check" aria-label="Yes" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "check" aria-label="Yes" %} | | [Manage the forking policy](/organizations/managing-organization-settings/managing-the-forking-policy-for-your-organization) | {% octicon "check" aria-label="Yes" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | | [Limit activity in public repositories in an organization](/communities/moderating-comments-and-conversations/limiting-interactions-in-your-organization) | {% octicon "check" aria-label="Yes" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | | Pull (read) _all repositories_ in the organization | {% octicon "check" aria-label="Yes" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "check" aria-label="Yes" %} | @@ -195,17 +195,17 @@ Some of the features listed below are limited to organizations using {% data var | {% ifversion ghec %} | | [Export a list of people with access to an organization repository](/organizations/managing-user-access-to-your-organizations-repositories/managing-repository-roles/viewing-people-with-access-to-your-repository#exporting-a-list-of-people-with-access-to-your-repository) | {% octicon "check" aria-label="Yes" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | | {% endif %} | -| Manage the default branch name (see "[AUTOTITLE](/organizations/managing-organization-settings/managing-the-default-branch-name-for-repositories-in-your-organization)") | {% octicon "check" aria-label="Yes" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | -| Manage default labels (see "[AUTOTITLE](/organizations/managing-organization-settings/managing-default-labels-for-repositories-in-your-organization)") | {% octicon "check" aria-label="Yes" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | +| Manage the default branch name (see [AUTOTITLE](/organizations/managing-organization-settings/managing-the-default-branch-name-for-repositories-in-your-organization)) | {% octicon "check" aria-label="Yes" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | +| Manage default labels (see [AUTOTITLE](/organizations/managing-organization-settings/managing-default-labels-for-repositories-in-your-organization)) | {% octicon "check" aria-label="Yes" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | | {% ifversion ghec %} | -| Enable team synchronization (see "[AUTOTITLE](/organizations/managing-saml-single-sign-on-for-your-organization/managing-team-synchronization-for-your-organization)") | {% octicon "check" aria-label="Yes" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | +| Enable team synchronization (see [AUTOTITLE](/organizations/managing-saml-single-sign-on-for-your-organization/managing-team-synchronization-for-your-organization)) | {% octicon "check" aria-label="Yes" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | | {% endif %} | -| Manage pull request reviews in the organization (see "[AUTOTITLE](/organizations/managing-organization-settings/managing-pull-request-reviews-in-your-organization)") | {% octicon "check" aria-label="Yes" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | +| Manage pull request reviews in the organization (see [AUTOTITLE](/organizations/managing-organization-settings/managing-pull-request-reviews-in-your-organization)) | {% octicon "check" aria-label="Yes" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | | {% ifversion repo-rules-enterprise %} | -| Manage organization-level rulesets (see "[AUTOTITLE](/organizations/managing-organization-settings/managing-rulesets-for-repositories-in-your-organization)") | {% octicon "check" aria-label="Yes" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | +| Manage organization-level rulesets (see [AUTOTITLE](/organizations/managing-organization-settings/managing-rulesets-for-repositories-in-your-organization)) | {% octicon "check" aria-label="Yes" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | | {% endif %} | | {% ifversion push-protection-bypass-fine-grained-permissions %} | -| Review and manage {% data variables.product.prodname_secret_scanning %} bypass requests (see "[AUTOTITLE](/code-security/secret-scanning/using-advanced-secret-scanning-and-push-protection-features/delegated-bypass-for-push-protection)") | {% octicon "check" aria-label="Yes" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "check" aria-label="Yes" %} | +| Review and manage {% data variables.product.prodname_secret_scanning %} bypass requests (see [AUTOTITLE](/code-security/secret-scanning/using-advanced-secret-scanning-and-push-protection-features/delegated-bypass-for-push-protection)) | {% octicon "check" aria-label="Yes" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "check" aria-label="Yes" %} | | {% endif %} | {% endrowheaders %} @@ -223,44 +223,44 @@ Some of the features listed below are limited to organizations using {% data var | Reinstate former members to the organization | {% octicon "check" aria-label="Yes" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | | Add and remove people from **all teams** | {% octicon "check" aria-label="Yes" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | | Promote organization members to _team maintainer_ | {% octicon "check" aria-label="Yes" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | -| Configure code review assignments (see "[AUTOTITLE](/organizations/organizing-members-into-teams/managing-code-review-settings-for-your-team)") | {% octicon "check" aria-label="Yes" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | +| Configure code review assignments (see [AUTOTITLE](/organizations/organizing-members-into-teams/managing-code-review-settings-for-your-team)) | {% octicon "check" aria-label="Yes" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | | Add collaborators to **all repositories** | {% octicon "check" aria-label="Yes" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | | Access the organization audit log | {% octicon "check" aria-label="Yes" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | -| Edit the organization's profile page (see "[AUTOTITLE](/account-and-profile/setting-up-and-managing-your-github-profile/customizing-your-profile/about-your-organizations-profile)") | {% octicon "check" aria-label="Yes" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | +| Edit the organization's profile page (see [AUTOTITLE](/account-and-profile/setting-up-and-managing-your-github-profile/customizing-your-profile/about-your-organizations-profile)) | {% octicon "check" aria-label="Yes" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | | {% ifversion ghes %} | -| Verify the organization's domains (see "[AUTOTITLE](/organizations/managing-organization-settings/verifying-or-approving-a-domain-for-your-organization)") | {% octicon "check" aria-label="Yes" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | -| Restrict email notifications to verified or approved domains (see "[AUTOTITLE](/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/restricting-email-notifications-for-your-organization)") | {% octicon "check" aria-label="Yes" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | +| Verify the organization's domains (see [AUTOTITLE](/organizations/managing-organization-settings/verifying-or-approving-a-domain-for-your-organization)) | {% octicon "check" aria-label="Yes" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | +| Restrict email notifications to verified or approved domains (see [AUTOTITLE](/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/restricting-email-notifications-for-your-organization)) | {% octicon "check" aria-label="Yes" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | | {% endif %} | | Delete **all teams** | {% octicon "check" aria-label="Yes" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | | Delete the organization account, including all repositories | {% octicon "check" aria-label="Yes" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | -| Create teams (see "[AUTOTITLE](/organizations/managing-organization-settings/setting-team-creation-permissions-in-your-organization)") | {% octicon "check" aria-label="Yes" %} | {% octicon "check" aria-label="Yes" %} | {% octicon "check" aria-label="Yes" %} | +| Create teams (see [AUTOTITLE](/organizations/managing-organization-settings/setting-team-creation-permissions-in-your-organization)) | {% octicon "check" aria-label="Yes" %} | {% octicon "check" aria-label="Yes" %} | {% octicon "check" aria-label="Yes" %} | | See all organization members and teams | {% octicon "check" aria-label="Yes" %} | {% octicon "check" aria-label="Yes" %} | {% octicon "check" aria-label="Yes" %} | | @mention any visible team | {% octicon "check" aria-label="Yes" %} | {% octicon "check" aria-label="Yes" %} | {% octicon "check" aria-label="Yes" %} | | Can be made a _team maintainer_ | {% octicon "check" aria-label="Yes" %} | {% octicon "check" aria-label="Yes" %} | {% octicon "check" aria-label="Yes" %} | | Transfer repositories | {% octicon "check" aria-label="Yes" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | -| Manage security and analysis settings (see "[AUTOTITLE](/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-security-and-analysis-settings-for-your-organization)") | {% octicon "check" aria-label="Yes" %} | {% octicon "x" aria-label="No" %} | {% octicon "check" aria-label="Yes" %} | +| Manage security and analysis settings (see [AUTOTITLE](/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-security-and-analysis-settings-for-your-organization)) | {% octicon "check" aria-label="Yes" %} | {% octicon "x" aria-label="No" %} | {% octicon "check" aria-label="Yes" %} | | {% ifversion ghes %} | -| View the security overview for the organization (see "[AUTOTITLE](/code-security/security-overview/about-the-security-overview)") | {% octicon "check" aria-label="Yes" %} | {% octicon "x" aria-label="No" %} | {% octicon "check" aria-label="Yes" %} | +| View the security overview for the organization (see [AUTOTITLE](/code-security/security-overview/about-the-security-overview)) | {% octicon "check" aria-label="Yes" %} | {% octicon "x" aria-label="No" %} | {% octicon "check" aria-label="Yes" %} | | {% endif %} | | {% ifversion ghes %} | -| Manage {% data variables.product.prodname_dependabot_security_updates %} (see "[AUTOTITLE](/code-security/dependabot/dependabot-security-updates/about-dependabot-security-updates)") | {% octicon "check" aria-label="Yes" %} | {% octicon "x" aria-label="No" %} | {% octicon "check" aria-label="Yes" %} | +| Manage {% data variables.product.prodname_dependabot_security_updates %} (see [AUTOTITLE](/code-security/dependabot/dependabot-security-updates/about-dependabot-security-updates)) | {% octicon "check" aria-label="Yes" %} | {% octicon "x" aria-label="No" %} | {% octicon "check" aria-label="Yes" %} | | {% endif %} | -| Manage an organization's SSH certificate authorities (see "[AUTOTITLE](/organizations/managing-git-access-to-your-organizations-repositories/managing-your-organizations-ssh-certificate-authorities)") | {% octicon "check" aria-label="Yes" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | +| Manage an organization's SSH certificate authorities (see [AUTOTITLE](/organizations/managing-git-access-to-your-organizations-repositories/managing-your-organizations-ssh-certificate-authorities)) | {% octicon "check" aria-label="Yes" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | | {% ifversion projects-v1 %} | -| Create {% data variables.projects.projects_v1_boards %} (see "[AUTOTITLE](/organizations/managing-access-to-your-organizations-project-boards/project-board-permissions-for-an-organization)") | {% octicon "check" aria-label="Yes" %} | {% octicon "check" aria-label="Yes" %} | {% octicon "check" aria-label="Yes" %} | +| Create {% data variables.projects.projects_v1_boards %} (see [AUTOTITLE](/organizations/managing-access-to-your-organizations-project-boards/project-board-permissions-for-an-organization)) | {% octicon "check" aria-label="Yes" %} | {% octicon "check" aria-label="Yes" %} | {% octicon "check" aria-label="Yes" %} | | {% endif %} | | {% ifversion team-discussions %} | -| View and post public team discussions to **all teams** (see "[AUTOTITLE](/organizations/collaborating-with-your-team/about-team-discussions)") | {% octicon "check" aria-label="Yes" %} | {% octicon "check" aria-label="Yes" %} | {% octicon "check" aria-label="Yes" %} | -| View and post private team discussions to **all teams** (see "[AUTOTITLE](/organizations/collaborating-with-your-team/about-team-discussions)") | {% octicon "check" aria-label="Yes" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | -| Edit and delete team discussions in **all teams** (for more information, see "[AUTOTITLE](/communities/moderating-comments-and-conversations/managing-disruptive-comments)) | {% octicon "check" aria-label="Yes" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | +| View and post public team discussions to **all teams** (see [AUTOTITLE](/organizations/collaborating-with-your-team/about-team-discussions)) | {% octicon "check" aria-label="Yes" %} | {% octicon "check" aria-label="Yes" %} | {% octicon "check" aria-label="Yes" %} | +| View and post private team discussions to **all teams** (see [AUTOTITLE](/organizations/collaborating-with-your-team/about-team-discussions)) | {% octicon "check" aria-label="Yes" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | +| Edit and delete team discussions in **all teams** (for more information, see [AUTOTITLE](/communities/moderating-comments-and-conversations/managing-disruptive-comments)) | {% octicon "check" aria-label="Yes" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | | {% endif %} | -| Hide comments on commits, pull requests, and issues (see "[AUTOTITLE](/communities/moderating-comments-and-conversations/managing-disruptive-comments#hiding-a-comment)") | {% octicon "check" aria-label="Yes" %} | {% octicon "check" aria-label="Yes" %} | {% octicon "check" aria-label="Yes" %} | +| Hide comments on commits, pull requests, and issues (see [AUTOTITLE](/communities/moderating-comments-and-conversations/managing-disruptive-comments#hiding-a-comment)) | {% octicon "check" aria-label="Yes" %} | {% octicon "check" aria-label="Yes" %} | {% octicon "check" aria-label="Yes" %} | | {% ifversion team-discussions %} | -| Disable team discussions for an organization (see "[AUTOTITLE](/organizations/organizing-members-into-teams/disabling-team-discussions-for-your-organization)") | {% octicon "check" aria-label="Yes" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | +| Disable team discussions for an organization (see [AUTOTITLE](/organizations/organizing-members-into-teams/disabling-team-discussions-for-your-organization)) | {% octicon "check" aria-label="Yes" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | | {% endif %} | -| Set a team profile picture in **all teams** (see "[AUTOTITLE](/organizations/organizing-members-into-teams/setting-your-teams-profile-picture)") | {% octicon "check" aria-label="Yes" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | +| Set a team profile picture in **all teams** (see [AUTOTITLE](/organizations/organizing-members-into-teams/setting-your-teams-profile-picture)) | {% octicon "check" aria-label="Yes" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | | {% ifversion ghes %} | -| Manage the publication of {% data variables.product.prodname_pages %} sites from repositories in the organization (see "[AUTOTITLE](/organizations/managing-organization-settings/managing-the-publication-of-github-pages-sites-for-your-organization)") | {% octicon "check" aria-label="Yes" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | +| Manage the publication of {% data variables.product.prodname_pages %} sites from repositories in the organization (see [AUTOTITLE](/organizations/managing-organization-settings/managing-the-publication-of-github-pages-sites-for-your-organization)) | {% octicon "check" aria-label="Yes" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | | {% endif %} | | [Move teams in an organization's hierarchy](/organizations/organizing-members-into-teams/moving-a-team-in-your-organizations-hierarchy) | {% octicon "check" aria-label="Yes" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | | Pull (read) _all repositories_ in the organization | {% octicon "check" aria-label="Yes" %} | {% octicon "x" aria-label="No" %} | {% octicon "check" aria-label="Yes" %} | @@ -268,9 +268,9 @@ Some of the features listed below are limited to organizations using {% data var | Convert organization members to {% ifversion repository-collaborators %}[outside collaborators or repository collaborators](#outside-collaborators-or-repository-collaborators){% else %}[outside collaborators](#outside-collaborators){% endif %} | {% octicon "check" aria-label="Yes" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | | [View people with access to an organization repository](/organizations/managing-user-access-to-your-organizations-repositories/managing-repository-roles/viewing-people-with-access-to-your-repository) | {% octicon "check" aria-label="Yes" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | | [Export a list of people with access to an organization repository](/organizations/managing-user-access-to-your-organizations-repositories/managing-repository-roles/viewing-people-with-access-to-your-repository#exporting-a-list-of-people-with-access-to-your-repository) | {% octicon "check" aria-label="Yes" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | -| Manage default labels (see "[AUTOTITLE](/organizations/managing-organization-settings/managing-default-labels-for-repositories-in-your-organization)") | {% octicon "check" aria-label="Yes" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | +| Manage default labels (see [AUTOTITLE](/organizations/managing-organization-settings/managing-default-labels-for-repositories-in-your-organization)) | {% octicon "check" aria-label="Yes" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | | {% ifversion pull-request-approval-limit %} | -| Manage pull request reviews in the organization (see "[AUTOTITLE](/organizations/managing-organization-settings/managing-pull-request-reviews-in-your-organization)") | {% octicon "check" aria-label="Yes" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | +| Manage pull request reviews in the organization (see [AUTOTITLE](/organizations/managing-organization-settings/managing-pull-request-reviews-in-your-organization)) | {% octicon "check" aria-label="Yes" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | | {% endif %} | {% endrowheaders %} @@ -279,5 +279,5 @@ Some of the features listed below are limited to organizations using {% data var ## Further reading -* "[AUTOTITLE](/organizations/managing-user-access-to-your-organizations-repositories/managing-repository-roles/repository-roles-for-an-organization)"{% ifversion projects-v1 %} -* "[AUTOTITLE](/organizations/managing-access-to-your-organizations-project-boards/project-board-permissions-for-an-organization)"{% endif %} +* [AUTOTITLE](/organizations/managing-user-access-to-your-organizations-repositories/managing-repository-roles/repository-roles-for-an-organization){% ifversion projects-v1 %} +* [AUTOTITLE](/organizations/managing-access-to-your-organizations-project-boards/project-board-permissions-for-an-organization){% endif %} diff --git a/content/organizations/managing-peoples-access-to-your-organization-with-roles/using-organization-roles.md b/content/organizations/managing-peoples-access-to-your-organization-with-roles/using-organization-roles.md index 10217b1e1dd8..38cbe0858166 100644 --- a/content/organizations/managing-peoples-access-to-your-organization-with-roles/using-organization-roles.md +++ b/content/organizations/managing-peoples-access-to-your-organization-with-roles/using-organization-roles.md @@ -21,7 +21,7 @@ You can have more granular, scalable control over the access you grant to your o {% ifversion ghec or ghes %} -In addition to pre-defined roles, you can also create up to 10 custom roles that define groups of permissions. For more information, see "[AUTOTITLE](/organizations/managing-peoples-access-to-your-organization-with-roles/about-custom-organization-roles)." +In addition to pre-defined roles, you can also create up to 10 custom roles that define groups of permissions. For more information, see [AUTOTITLE](/organizations/managing-peoples-access-to-your-organization-with-roles/about-custom-organization-roles). {% endif %} diff --git a/content/organizations/managing-programmatic-access-to-your-organization/about-programmatic-access-in-your-organization.md b/content/organizations/managing-programmatic-access-to-your-organization/about-programmatic-access-in-your-organization.md index 8d0244c2645b..238f0a0a429f 100644 --- a/content/organizations/managing-programmatic-access-to-your-organization/about-programmatic-access-in-your-organization.md +++ b/content/organizations/managing-programmatic-access-to-your-organization/about-programmatic-access-in-your-organization.md @@ -20,36 +20,36 @@ versions: ## {% data variables.product.prodname_github_apps %} -Organization owners can install {% data variables.product.prodname_github_apps %} on their organization. Repository admins can also install a {% data variables.product.prodname_github_app %} on the organization if the app does not request organization resources and if they only grant the app access to repositories where they are an admin. Organization members can submit a request for their organization owner to install a {% data variables.product.prodname_github_app %} on the organization. For more information, see {% ifversion fpt or ghec %}"[AUTOTITLE](/apps/using-github-apps/installing-an-app-in-your-organization)."{% else %}"[AUTOTITLE](/apps/maintaining-github-apps/installing-github-apps)."{% endif %} +Organization owners can install {% data variables.product.prodname_github_apps %} on their organization. Repository admins can also install a {% data variables.product.prodname_github_app %} on the organization if the app does not request organization resources and if they only grant the app access to repositories where they are an admin. Organization members can submit a request for their organization owner to install a {% data variables.product.prodname_github_app %} on the organization. For more information, see {% ifversion fpt or ghec %}[AUTOTITLE](/apps/using-github-apps/installing-an-app-in-your-organization).{% else %}[AUTOTITLE](/apps/maintaining-github-apps/installing-github-apps).{% endif %} -{% ifversion limit-app-access-requests %}Organization owners can prevent outside collaborators from requesting {% data variables.product.prodname_github_apps %} or from installing a {% data variables.product.prodname_github_app %} even if the collaborator is a repository admin. For more information, see "[AUTOTITLE](/organizations/managing-programmatic-access-to-your-organization/limiting-oauth-app-and-github-app-access-requests)."{% endif %} +{% ifversion limit-app-access-requests %}Organization owners can prevent outside collaborators from requesting {% data variables.product.prodname_github_apps %} or from installing a {% data variables.product.prodname_github_app %} even if the collaborator is a repository admin. For more information, see [AUTOTITLE](/organizations/managing-programmatic-access-to-your-organization/limiting-oauth-app-and-github-app-access-requests).{% endif %} -Organization owners can review the {% data variables.product.prodname_github_apps %} that are installed on their organization and modify the repositories that each app can access. For more information, see "[AUTOTITLE](/organizations/managing-programmatic-access-to-your-organization/reviewing-github-apps-installed-in-your-organization)." +Organization owners can review the {% data variables.product.prodname_github_apps %} that are installed on their organization and modify the repositories that each app can access. For more information, see [AUTOTITLE](/organizations/managing-programmatic-access-to-your-organization/reviewing-github-apps-installed-in-your-organization). -To help maintain {% data variables.product.prodname_github_apps %} owned by their organization, organization owners can designate other users in their organization as {% data variables.product.prodname_github_app %} managers. {% data variables.product.prodname_github_app %} managers can manage the settings of some or all of the {% data variables.product.prodname_github_apps %} that are owned by the organization. The {% data variables.product.prodname_github_app %} manager role does not grant users permission to install {% data variables.product.prodname_github_apps %} on an organization. For more information, see "[AUTOTITLE](/organizations/managing-programmatic-access-to-your-organization/adding-and-removing-github-app-managers-in-your-organization)." +To help maintain {% data variables.product.prodname_github_apps %} owned by their organization, organization owners can designate other users in their organization as {% data variables.product.prodname_github_app %} managers. {% data variables.product.prodname_github_app %} managers can manage the settings of some or all of the {% data variables.product.prodname_github_apps %} that are owned by the organization. The {% data variables.product.prodname_github_app %} manager role does not grant users permission to install {% data variables.product.prodname_github_apps %} on an organization. For more information, see [AUTOTITLE](/organizations/managing-programmatic-access-to-your-organization/adding-and-removing-github-app-managers-in-your-organization). {% ifversion fpt or ghec %} ## {% data variables.product.prodname_oauth_apps %} -Organization managers can restrict {% data variables.product.prodname_oauth_apps %} from accessing organization resources. When these restrictions are enabled, organization members and outside collaborators can still request approval for individual {% data variables.product.prodname_oauth_apps %}. For more information, see "[AUTOTITLE](/organizations/managing-oauth-access-to-your-organizations-data/about-oauth-app-access-restrictions)." +Organization managers can restrict {% data variables.product.prodname_oauth_apps %} from accessing organization resources. When these restrictions are enabled, organization members and outside collaborators can still request approval for individual {% data variables.product.prodname_oauth_apps %}. For more information, see [AUTOTITLE](/organizations/managing-oauth-access-to-your-organizations-data/about-oauth-app-access-restrictions). {% endif %} ## {% data variables.product.pat_generic_caps %}s -Organization owners can prevent {% data variables.product.pat_v2 %}s and {% data variables.product.pat_v1_plural %} from accessing resources owned by the organization. Organization owners can also require approval for each {% data variables.product.pat_v2 %} that can access the organization. For more information, see "[AUTOTITLE](/organizations/managing-programmatic-access-to-your-organization/setting-a-personal-access-token-policy-for-your-organization)." +Organization owners can prevent {% data variables.product.pat_v2 %}s and {% data variables.product.pat_v1_plural %} from accessing resources owned by the organization. Organization owners can also require approval for each {% data variables.product.pat_v2 %} that can access the organization. For more information, see [AUTOTITLE](/organizations/managing-programmatic-access-to-your-organization/setting-a-personal-access-token-policy-for-your-organization). -Organization owners can view all {% data variables.product.pat_v2 %}s that can access resources owned by the organization. Organization owners can also revoke access by {% data variables.product.pat_v2 %}s. For more information, see "[AUTOTITLE](/organizations/managing-programmatic-access-to-your-organization/reviewing-and-revoking-personal-access-tokens-in-your-organization)." +Organization owners can view all {% data variables.product.pat_v2 %}s that can access resources owned by the organization. Organization owners can also revoke access by {% data variables.product.pat_v2 %}s. For more information, see [AUTOTITLE](/organizations/managing-programmatic-access-to-your-organization/reviewing-and-revoking-personal-access-tokens-in-your-organization). {% ifversion ghec %} -If their organization uses SAML, organization owners can see each {% data variables.product.pat_generic %} that a member of their organization authorized. For more information, see "[AUTOTITLE](/organizations/granting-access-to-your-organization-with-saml-single-sign-on/viewing-and-managing-a-members-saml-access-to-your-organization#viewing-and-revoking-authorized-credentials)." +If their organization uses SAML, organization owners can see each {% data variables.product.pat_generic %} that a member of their organization authorized. For more information, see [AUTOTITLE](/organizations/granting-access-to-your-organization-with-saml-single-sign-on/viewing-and-managing-a-members-saml-access-to-your-organization#viewing-and-revoking-authorized-credentials). {% endif %} {% ifversion ghes %} -Site administrators can use the REST API to manage {% data variables.product.pat_generic %}s in their enterprise. For more information, see "[AUTOTITLE](/rest/enterprise-admin/users)." +Site administrators can use the REST API to manage {% data variables.product.pat_generic %}s in their enterprise. For more information, see [AUTOTITLE](/rest/enterprise-admin/users). {% endif %} diff --git a/content/organizations/managing-programmatic-access-to-your-organization/managing-requests-for-personal-access-tokens-in-your-organization.md b/content/organizations/managing-programmatic-access-to-your-organization/managing-requests-for-personal-access-tokens-in-your-organization.md index 7a11943e861c..be5dd50e049c 100644 --- a/content/organizations/managing-programmatic-access-to-your-organization/managing-requests-for-personal-access-tokens-in-your-organization.md +++ b/content/organizations/managing-programmatic-access-to-your-organization/managing-requests-for-personal-access-tokens-in-your-organization.md @@ -12,16 +12,16 @@ shortTitle: Manage token requests ## About {% data variables.product.pat_v2 %} requests -When organization members create a {% data variables.product.pat_v2 %} to access resources owned by the organization, if the organization requires approval for {% data variables.product.pat_v2 %}s, then an organization owner must approve the token before it can be used to access any resources that are not public. For more information, see "[AUTOTITLE](/organizations/managing-programmatic-access-to-your-organization/setting-a-personal-access-token-policy-for-your-organization)." +When organization members create a {% data variables.product.pat_v2 %} to access resources owned by the organization, if the organization requires approval for {% data variables.product.pat_v2 %}s, then an organization owner must approve the token before it can be used to access any resources that are not public. For more information, see [AUTOTITLE](/organizations/managing-programmatic-access-to-your-organization/setting-a-personal-access-token-policy-for-your-organization). {% data variables.product.company_short %} will notify organization owners with a daily email about all {% data variables.product.pat_v2 %}s that are awaiting approval. When a token is denied or approved, the user who created the token will receive an email notification. > [!NOTE] -> Only {% data variables.product.pat_v2 %}s, not {% data variables.product.pat_v1_plural %}, are subject to approval. Unless the organization has restricted access by {% data variables.product.pat_v1_plural %}, any {% data variables.product.pat_v1 %} can access organization resources without prior approval. For more information, see "[AUTOTITLE](/organizations/managing-programmatic-access-to-your-organization/setting-a-personal-access-token-policy-for-your-organization)." +> Only {% data variables.product.pat_v2 %}s, not {% data variables.product.pat_v1_plural %}, are subject to approval. Unless the organization has restricted access by {% data variables.product.pat_v1_plural %}, any {% data variables.product.pat_v1 %} can access organization resources without prior approval. For more information, see [AUTOTITLE](/organizations/managing-programmatic-access-to-your-organization/setting-a-personal-access-token-policy-for-your-organization). {% ifversion pat-v2-org-admin-api %} -Organization owners can also use the REST API to review and manage {% data variables.product.pat_v2 %} requests. These endpoints can only be called by {% data variables.product.prodname_github_apps %}, and cannot be called with {% data variables.product.pat_generic_plural %} or {% data variables.product.prodname_oauth_apps %}. For more information, see "[AUTOTITLE](/rest/orgs/orgs#list-requests-to-access-organization-resources-with-fine-grained-personal-access-tokens)." +Organization owners can also use the REST API to review and manage {% data variables.product.pat_v2 %} requests. These endpoints can only be called by {% data variables.product.prodname_github_apps %}, and cannot be called with {% data variables.product.pat_generic_plural %} or {% data variables.product.prodname_oauth_apps %}. For more information, see [AUTOTITLE](/rest/orgs/orgs#list-requests-to-access-organization-resources-with-fine-grained-personal-access-tokens). {% endif %} diff --git a/content/organizations/managing-programmatic-access-to-your-organization/reviewing-and-revoking-personal-access-tokens-in-your-organization.md b/content/organizations/managing-programmatic-access-to-your-organization/reviewing-and-revoking-personal-access-tokens-in-your-organization.md index f1ad6b91c7c4..39ea968a4187 100644 --- a/content/organizations/managing-programmatic-access-to-your-organization/reviewing-and-revoking-personal-access-tokens-in-your-organization.md +++ b/content/organizations/managing-programmatic-access-to-your-organization/reviewing-and-revoking-personal-access-tokens-in-your-organization.md @@ -16,13 +16,13 @@ Organization owners can view all {% data variables.product.pat_v2 %}s that can a When a token is revoked, the user who created the token will receive an email notification. -Organization owners can only view and revoke {% data variables.product.pat_v2 %}s, not {% data variables.product.pat_v1_plural %}. Unless the organization {% ifversion ghec or ghes %}or enterprise {% endif %}has restricted access by {% data variables.product.pat_v1_plural %}, any {% data variables.product.pat_v1 %} can access organization resources until the token expires. For more information about restricting access by {% data variables.product.pat_v1_plural %}, see "[AUTOTITLE](/organizations/managing-programmatic-access-to-your-organization/setting-a-personal-access-token-policy-for-your-organization)"{% ifversion ghec or ghes %} and "[AUTOTITLE](/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-personal-access-tokens-in-your-enterprise)"{% endif %}. +Organization owners can only view and revoke {% data variables.product.pat_v2 %}s, not {% data variables.product.pat_v1_plural %}. Unless the organization {% ifversion ghec or ghes %}or enterprise {% endif %}has restricted access by {% data variables.product.pat_v1_plural %}, any {% data variables.product.pat_v1 %} can access organization resources until the token expires. For more information about restricting access by {% data variables.product.pat_v1_plural %}, see [AUTOTITLE](/organizations/managing-programmatic-access-to-your-organization/setting-a-personal-access-token-policy-for-your-organization){% ifversion ghec or ghes %} and [AUTOTITLE](/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-personal-access-tokens-in-your-enterprise){% endif %}. -{% ifversion ghec %} Organization owners can also view and revoke {% data variables.product.pat_v1_plural %} if their organization requires SAML single-sign on. For more information, see "[AUTOTITLE](/admin/user-management/managing-users-in-your-enterprise/viewing-and-managing-a-users-saml-access-to-your-enterprise#viewing-and-revoking-authorized-credentials)". For more information about using the REST API to do this, see "[List SAML SSO authorizations for an organization](/rest/orgs/orgs#list-saml-sso-authorizations-for-an-organization)" and "[Remove a SAML SSO authorization for an organization](/rest/orgs/orgs#remove-a-saml-sso-authorization-for-an-organization)."{% endif %} +{% ifversion ghec %} Organization owners can also view and revoke {% data variables.product.pat_v1_plural %} if their organization requires SAML single-sign on. For more information, see [AUTOTITLE](/admin/user-management/managing-users-in-your-enterprise/viewing-and-managing-a-users-saml-access-to-your-enterprise#viewing-and-revoking-authorized-credentials). For more information about using the REST API to do this, see [List SAML SSO authorizations for an organization](/rest/orgs/orgs#list-saml-sso-authorizations-for-an-organization) and [Remove a SAML SSO authorization for an organization](/rest/orgs/orgs#remove-a-saml-sso-authorization-for-an-organization).{% endif %} {% ifversion pat-v2-org-admin-api %} -Organization owners can also use the REST API to review and revoke {% data variables.product.pat_v2 %}s. These endpoints can only be called by {% data variables.product.prodname_github_apps %}, and cannot be called with {% data variables.product.pat_generic_plural %} or {% data variables.product.prodname_oauth_apps %}. For more information, see "[AUTOTITLE](/rest/orgs/orgs#list-fine-grained-personal-access-tokens-with-access-to-organization-resources)." +Organization owners can also use the REST API to review and revoke {% data variables.product.pat_v2 %}s. These endpoints can only be called by {% data variables.product.prodname_github_apps %}, and cannot be called with {% data variables.product.pat_generic_plural %} or {% data variables.product.prodname_oauth_apps %}. For more information, see [AUTOTITLE](/rest/orgs/orgs#list-fine-grained-personal-access-tokens-with-access-to-organization-resources). {% endif %} diff --git a/content/organizations/managing-programmatic-access-to-your-organization/reviewing-github-apps-installed-in-your-organization.md b/content/organizations/managing-programmatic-access-to-your-organization/reviewing-github-apps-installed-in-your-organization.md index 36c61d919bde..3a86a6e58eae 100644 --- a/content/organizations/managing-programmatic-access-to-your-organization/reviewing-github-apps-installed-in-your-organization.md +++ b/content/organizations/managing-programmatic-access-to-your-organization/reviewing-github-apps-installed-in-your-organization.md @@ -18,6 +18,6 @@ topics: shortTitle: Review installed GitHub Apps --- -Organization owners can review the {% data variables.product.prodname_github_apps %} that are installed on their organization. They can view the permissions granted to the app and change the repositories that the {% data variables.product.prodname_github_app %} can access. They can also suspend or delete the {% data variables.product.prodname_github_app %} to prevent the app from accessing resources owned by the organization. For more information, see "[AUTOTITLE](/apps/using-github-apps/reviewing-and-modifying-installed-github-apps)." +Organization owners can review the {% data variables.product.prodname_github_apps %} that are installed on their organization. They can view the permissions granted to the app and change the repositories that the {% data variables.product.prodname_github_app %} can access. They can also suspend or delete the {% data variables.product.prodname_github_app %} to prevent the app from accessing resources owned by the organization. For more information, see [AUTOTITLE](/apps/using-github-apps/reviewing-and-modifying-installed-github-apps). -Organization owners can also use the REST API to view the {% data variables.product.prodname_github_apps %} installed on their organization, along with the permissions and repository access granted to each {% data variables.product.prodname_github_app %}. For more information, see "[AUTOTITLE](/rest/orgs/orgs#list-app-installations-for-an-organization)." +Organization owners can also use the REST API to view the {% data variables.product.prodname_github_apps %} installed on their organization, along with the permissions and repository access granted to each {% data variables.product.prodname_github_app %}. For more information, see [AUTOTITLE](/rest/orgs/orgs#list-app-installations-for-an-organization). diff --git a/content/organizations/managing-programmatic-access-to-your-organization/setting-a-personal-access-token-policy-for-your-organization.md b/content/organizations/managing-programmatic-access-to-your-organization/setting-a-personal-access-token-policy-for-your-organization.md index b8786271ed4c..119f2dac88d1 100644 --- a/content/organizations/managing-programmatic-access-to-your-organization/setting-a-personal-access-token-policy-for-your-organization.md +++ b/content/organizations/managing-programmatic-access-to-your-organization/setting-a-personal-access-token-policy-for-your-organization.md @@ -18,7 +18,7 @@ Organization owners can prevent {% data variables.product.pat_generic_plural %} Regardless of the chosen policy, {% data variables.product.pat_generic_caps_plural %} will have access to public resources within the organization. -{% ifversion ghec or ghes %} If your organization is owned by an enterprise, and your enterprise owner has restricted access by {% data variables.product.pat_generic_caps_plural %}, you cannot override the policy in your organization. For more information, see "[AUTOTITLE](/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-personal-access-tokens-in-your-enterprise)."{% endif %} +{% ifversion ghec or ghes %} If your organization is owned by an enterprise, and your enterprise owner has restricted access by {% data variables.product.pat_generic_caps_plural %}, you cannot override the policy in your organization. For more information, see [AUTOTITLE](/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-personal-access-tokens-in-your-enterprise).{% endif %} {% data reusables.profile.access_org %} {% data reusables.profile.org_settings %} @@ -31,7 +31,7 @@ Regardless of the chosen policy, {% data variables.product.pat_generic_caps_plur ## Enforcing a maximum lifetime policy for {% data variables.product.pat_generic_plural %} -Organization owners can set maximum lifetime allowances for both {% data variables.product.pat_v2_plural %} and {% data variables.product.pat_v1_plural %} to control access to organization resources. {% ifversion ghec or ghes %} However, these policies cannot exceed the maximum lifetime set at the enterprise level or disable the expiration policy set at the enterprise level. See "[Enforcing a maximum lifetime policy for {% data variables.product.pat_generic_plural %}](/admin/enforcing-policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-personal-access-tokens-in-your-enterprise#enforcing-a-maximum-lifetime-policy-for-personal-access-tokens)" {% endif %} +Organization owners can set maximum lifetime allowances for both {% data variables.product.pat_v2_plural %} and {% data variables.product.pat_v1_plural %} to control access to organization resources. {% ifversion ghec or ghes %} However, these policies cannot exceed the maximum lifetime set at the enterprise level or disable the expiration policy set at the enterprise level. See [Enforcing a maximum lifetime policy for {% data variables.product.pat_generic_plural %}](/admin/enforcing-policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-personal-access-tokens-in-your-enterprise#enforcing-a-maximum-lifetime-policy-for-personal-access-tokens) {% endif %} For {% data variables.product.pat_v2_plural %}, the default the maximum lifetime policy for organizations is set to expire within 366 days. {% data variables.product.pat_v1_caps_plural %} do not have an expiration requirement. @@ -53,10 +53,10 @@ Organization owners can manage approval requirements for each {% data variables. {% data variables.product.pat_v2_caps %}s will still be able to read public resources within the organization without approval. -{% ifversion ghec or ghes %} If your organization is owned by an enterprise, and your enterprise owner has set an approval policy for {% data variables.product.pat_v2 %}s, then you cannot override the policy in your organization. For more information, see "[AUTOTITLE](/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-personal-access-tokens-in-your-enterprise)."{% endif %} +{% ifversion ghec or ghes %} If your organization is owned by an enterprise, and your enterprise owner has set an approval policy for {% data variables.product.pat_v2 %}s, then you cannot override the policy in your organization. For more information, see [AUTOTITLE](/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-personal-access-tokens-in-your-enterprise).{% endif %} > [!NOTE] -> Only {% data variables.product.pat_v2_plural %}, not {% data variables.product.pat_v1_plural %}, are subject to approval. Unless the organization has restricted access by {% data variables.product.pat_v1_plural %}, any {% data variables.product.pat_v1 %} can access organization resources without prior approval. For more information, see "[Restricting access by {% data variables.product.pat_generic_plural %}](#restricting-access-by-personal-access-tokens)" on this page. +> Only {% data variables.product.pat_v2_plural %}, not {% data variables.product.pat_v1_plural %}, are subject to approval. Unless the organization has restricted access by {% data variables.product.pat_v1_plural %}, any {% data variables.product.pat_v1 %} can access organization resources without prior approval. For more information, see [Restricting access by {% data variables.product.pat_generic_plural %}](#restricting-access-by-personal-access-tokens) on this page. {% data reusables.profile.access_org %} {% data reusables.profile.org_settings %} diff --git a/content/organizations/managing-programmatic-access-to-your-organization/viewing-api-insights-in-your-organization.md b/content/organizations/managing-programmatic-access-to-your-organization/viewing-api-insights-in-your-organization.md index e8594d2e1540..d2216a4685be 100644 --- a/content/organizations/managing-programmatic-access-to-your-organization/viewing-api-insights-in-your-organization.md +++ b/content/organizations/managing-programmatic-access-to-your-organization/viewing-api-insights-in-your-organization.md @@ -16,13 +16,13 @@ topics: ## About API insights -As a {% data variables.product.prodname_ghe_cloud %} organization owner, you and your designated users can view REST API activity for your entire organization or specific apps and users. This helps you understand the sources of your REST API activity and manage against your primary rate limits, giving you visibility into the timeframe, apps, and API endpoints involved. To learn more about primary rate limits, see "[AUTOTITLE](/rest/using-the-rest-api/rate-limits-for-the-rest-api#about-primary-rate-limits)." +As a {% data variables.product.prodname_ghe_cloud %} organization owner, you and your designated users can view REST API activity for your entire organization or specific apps and users. This helps you understand the sources of your REST API activity and manage against your primary rate limits, giving you visibility into the timeframe, apps, and API endpoints involved. To learn more about primary rate limits, see [AUTOTITLE](/rest/using-the-rest-api/rate-limits-for-the-rest-api#about-primary-rate-limits). -> [!NOTE] Currently, this feature supports only the `core` category of REST API endpoints and primary rate limits. API activity for search, {% data variables.product.prodname_actions %} (using the [`GITHUB_TOKEN`](/actions/security-for-github-actions/security-guides/automatic-token-authentication) secret), and secondary rate-limiting are not supported. For information about API categories, see "[AUTOTITLE](/rest/rate-limit/rate-limit)." To learn more about primary and secondary rate limits, see "[AUTOTITLE](/rest/using-the-rest-api/rate-limits-for-the-rest-api)." +> [!NOTE] Currently, this feature supports only the `core` category of REST API endpoints and primary rate limits. API activity for search, {% data variables.product.prodname_actions %} (using the [`GITHUB_TOKEN`](/actions/security-for-github-actions/security-guides/automatic-token-authentication) secret), and secondary rate-limiting are not supported. For information about API categories, see [AUTOTITLE](/rest/rate-limit/rate-limit). To learn more about primary and secondary rate limits, see [AUTOTITLE](/rest/using-the-rest-api/rate-limits-for-the-rest-api). ## Enabling access to API insights -Organization owners can create custom organization roles to allow people to view API insights for their organization. To provide users with access, select the **View organization API insights** permission when creating a custom organization role. Then assign the custom role to an organization member or team. For more information, see "[AUTOTITLE](/organizations/managing-peoples-access-to-your-organization-with-roles/about-custom-organization-roles)." +Organization owners can create custom organization roles to allow people to view API insights for their organization. To provide users with access, select the **View organization API insights** permission when creating a custom organization role. Then assign the custom role to an organization member or team. For more information, see [AUTOTITLE](/organizations/managing-peoples-access-to-your-organization-with-roles/about-custom-organization-roles). >[!WARNING] Granting access to organization non-owners will allow them to view API insights for all users and apps in the organization, so privacy should be considered. @@ -51,7 +51,7 @@ The time period selection feature allows you to view API insights over predefine {% data reusables.user-settings.access_org %} {% data reusables.organizations.insights %} 1. In the "Insights" navigation menu, click **REST API**. -1. Optionally, to select a time period to view API insights for, choose an option from the **Period** drop down menu at the top-right of the page. For more information, see "[Understanding API insights aggregation](#understanding-api-insights-aggregation)." +1. Optionally, to select a time period to view API insights for, choose an option from the **Period** drop down menu at the top-right of the page. For more information, see [Understanding API insights aggregation](#understanding-api-insights-aggregation). 1. Optionally, to switch between displaying dates and times in Coordinated Universal Time (UTC) or the local time zone used by your browser, select "UTC" or "Local" from the **Period** drop down menu at the top-right of the page. 1. Optionally, to select how granularly to display REST API requests on the chart, choose an option from the **Interval** drop down menu at the top-right of the page. Large intervals show summaries of the API activity on the chart while smaller intervals show greater detail for the selected time period. The chart does not automatically update to show new activity. @@ -61,7 +61,7 @@ The selected period and interval automatically become part of the page URL so th The "Actors" table displays {% data variables.product.prodname_github_apps %} and users that made REST API requests in the current organization within the selected time period. The table does not automatically update to show new activity. -1. First, view API insights for an organization using the steps above in "[Viewing API insights for an organization](#viewing-api-insights-for-an-organization)." +1. First, view API insights for an organization using the steps above in [Viewing API insights for an organization](#viewing-api-insights-for-an-organization). 1. Filter the apps and users displayed in the "Actors" table. 1. To filter by name, enter the first few letters of the name in the search field above the "Actors" table. Then press enter. 1. To filter by type of actor (app or user), choose an option from the **Type** drop down menu above the top-right of the "Actors" table. @@ -69,7 +69,7 @@ The "Actors" table displays {% data variables.product.prodname_github_apps %} an ## Viewing API insights for a specific app or user in an organization -1. First, view API insights for an organization using the steps above in "[Viewing API insights for an organization](#viewing-api-insights-for-an-organization)." +1. First, view API insights for an organization using the steps above in [Viewing API insights for an organization](#viewing-api-insights-for-an-organization). 1. Optionally, select an app in the "Actors" table to display its REST API activity and any primary-rate-limiting. The resulting view will be specific to the selected app and will display the API endpoints it accessed. -1. Optionally, select a user in the "Actors" table to display their personal REST API activity. The resulting view will be specific to the selected user and will display API activity of their {% data variables.product.pat_generic_plural %} and requests made by {% data variables.product.prodname_oauth_apps %} on their behalf. Both contribute to a user’s personal primary rate limit. For information about primary rate limits for users, and {% data variables.product.prodname_oauth_apps %} that act on their behalf, see "[AUTOTITLE](/rest/using-the-rest-api/rate-limits-for-the-rest-api#primary-rate-limit-for-authenticated-users)." +1. Optionally, select a user in the "Actors" table to display their personal REST API activity. The resulting view will be specific to the selected user and will display API activity of their {% data variables.product.pat_generic_plural %} and requests made by {% data variables.product.prodname_oauth_apps %} on their behalf. Both contribute to a user’s personal primary rate limit. For information about primary rate limits for users, and {% data variables.product.prodname_oauth_apps %} that act on their behalf, see [AUTOTITLE](/rest/using-the-rest-api/rate-limits-for-the-rest-api#primary-rate-limit-for-authenticated-users). 1. Optionally, in the user-specific view, click on a {% data variables.product.pat_generic %} or {% data variables.product.prodname_oauth_app %} to view its REST API activity made on behalf of the user. diff --git a/content/organizations/managing-saml-single-sign-on-for-your-organization/about-identity-and-access-management-with-saml-single-sign-on.md b/content/organizations/managing-saml-single-sign-on-for-your-organization/about-identity-and-access-management-with-saml-single-sign-on.md index 493156bd6802..cfd6d52a0203 100644 --- a/content/organizations/managing-saml-single-sign-on-for-your-organization/about-identity-and-access-management-with-saml-single-sign-on.md +++ b/content/organizations/managing-saml-single-sign-on-for-your-organization/about-identity-and-access-management-with-saml-single-sign-on.md @@ -24,19 +24,19 @@ shortTitle: IAM with SAML SSO {% data reusables.saml.outside-collaborators-exemption %} -Organization owners can enforce SAML SSO for an individual organization, or enterprise owners can enforce SAML SSO for all organizations in an enterprise account. For more information, see "[AUTOTITLE](/admin/identity-and-access-management/managing-iam-for-your-enterprise/about-authentication-for-your-enterprise#considerations-for-enabling-saml-for-an-enterprise-or-organization)" and "[AUTOTITLE](/enterprise-cloud@latest/admin/identity-and-access-management/using-saml-for-enterprise-iam/configuring-saml-single-sign-on-for-your-enterprise)." +Organization owners can enforce SAML SSO for an individual organization, or enterprise owners can enforce SAML SSO for all organizations in an enterprise account. For more information, see [AUTOTITLE](/admin/identity-and-access-management/managing-iam-for-your-enterprise/about-authentication-for-your-enterprise#considerations-for-enabling-saml-for-an-enterprise-or-organization) and [AUTOTITLE](/enterprise-cloud@latest/admin/identity-and-access-management/using-saml-for-enterprise-iam/configuring-saml-single-sign-on-for-your-enterprise). -Before enabling SAML SSO for your organization, you'll need to connect your IdP to your organization. For more information, see "[AUTOTITLE](/organizations/managing-saml-single-sign-on-for-your-organization/connecting-your-identity-provider-to-your-organization)." +Before enabling SAML SSO for your organization, you'll need to connect your IdP to your organization. For more information, see [AUTOTITLE](/organizations/managing-saml-single-sign-on-for-your-organization/connecting-your-identity-provider-to-your-organization). -For an organization, SAML SSO can be disabled, enabled but not enforced, or enabled and enforced. After you enable SAML SSO for your organization and your organization's members successfully authenticate with your IdP, you can enforce the SAML SSO configuration. For more information about enforcing SAML SSO for your {% data variables.product.prodname_dotcom %} organization, see "[AUTOTITLE](/organizations/managing-saml-single-sign-on-for-your-organization/enforcing-saml-single-sign-on-for-your-organization)." +For an organization, SAML SSO can be disabled, enabled but not enforced, or enabled and enforced. After you enable SAML SSO for your organization and your organization's members successfully authenticate with your IdP, you can enforce the SAML SSO configuration. For more information about enforcing SAML SSO for your {% data variables.product.prodname_dotcom %} organization, see [AUTOTITLE](/organizations/managing-saml-single-sign-on-for-your-organization/enforcing-saml-single-sign-on-for-your-organization). Members must periodically authenticate with your IdP to authenticate and gain access to your organization's resources. The duration of this login period is specified by your IdP and is generally 24 hours. This periodic login requirement limits the length of access and requires users to re-identify themselves to continue. -To access the organization's protected resources using the API and Git on the command line, members must authorize and authenticate with a {% data variables.product.pat_generic %} or SSH key. For more information, see "[AUTOTITLE](/authentication/authenticating-with-saml-single-sign-on/authorizing-a-personal-access-token-for-use-with-saml-single-sign-on)" and "[AUTOTITLE](/authentication/authenticating-with-saml-single-sign-on/authorizing-an-ssh-key-for-use-with-saml-single-sign-on)." +To access the organization's protected resources using the API and Git on the command line, members must authorize and authenticate with a {% data variables.product.pat_generic %} or SSH key. For more information, see [AUTOTITLE](/authentication/authenticating-with-saml-single-sign-on/authorizing-a-personal-access-token-for-use-with-saml-single-sign-on) and [AUTOTITLE](/authentication/authenticating-with-saml-single-sign-on/authorizing-an-ssh-key-for-use-with-saml-single-sign-on). -The first time a member uses SAML SSO to access your organization, {% data variables.product.prodname_dotcom %} automatically creates a record that links your organization, the member's account on {% data variables.product.prodname_dotcom %}, and the member's account on your IdP. You can view and revoke the linked SAML identity, active sessions, and authorized credentials for members of your organization or enterprise account. For more information, see "[AUTOTITLE](/organizations/granting-access-to-your-organization-with-saml-single-sign-on/viewing-and-managing-a-members-saml-access-to-your-organization)" and "[AUTOTITLE](/enterprise-cloud@latest/admin/user-management/managing-users-in-your-enterprise/viewing-and-managing-a-users-saml-access-to-your-enterprise)." +The first time a member uses SAML SSO to access your organization, {% data variables.product.prodname_dotcom %} automatically creates a record that links your organization, the member's account on {% data variables.product.prodname_dotcom %}, and the member's account on your IdP. You can view and revoke the linked SAML identity, active sessions, and authorized credentials for members of your organization or enterprise account. For more information, see [AUTOTITLE](/organizations/granting-access-to-your-organization-with-saml-single-sign-on/viewing-and-managing-a-members-saml-access-to-your-organization) and [AUTOTITLE](/enterprise-cloud@latest/admin/user-management/managing-users-in-your-enterprise/viewing-and-managing-a-users-saml-access-to-your-enterprise). -If members are signed in with a SAML SSO session when they create a new repository, the default visibility of that repository is private. Otherwise, the default visibility is public. For more information on repository visibility, see "[AUTOTITLE](/repositories/creating-and-managing-repositories/about-repositories#about-repository-visibility)." +If members are signed in with a SAML SSO session when they create a new repository, the default visibility of that repository is private. Otherwise, the default visibility is public. For more information on repository visibility, see [AUTOTITLE](/repositories/creating-and-managing-repositories/about-repositories#about-repository-visibility). Organization members must also have an active SAML session to authorize an {% data variables.product.prodname_oauth_app %}. You can opt out of this requirement by contacting {% data variables.contact.contact_support %}. {% data variables.product.product_name %} does not recommend opting out of this requirement, which will expose your organization to a higher risk of account takeovers and potential data loss. @@ -46,20 +46,20 @@ Organization members must also have an active SAML session to authorize an {% da {% data reusables.saml.saml-supported-idps %} -Some IdPs support provisioning access to a {% data variables.product.prodname_dotcom %} organization via SCIM. For more information, see "[AUTOTITLE](/organizations/managing-saml-single-sign-on-for-your-organization/about-scim-for-organizations)." +Some IdPs support provisioning access to a {% data variables.product.prodname_dotcom %} organization via SCIM. For more information, see [AUTOTITLE](/organizations/managing-saml-single-sign-on-for-your-organization/about-scim-for-organizations). {% data reusables.scim.enterprise-account-scim %} ## Adding members to an organization using SAML SSO -After you enable SAML SSO, there are multiple ways you can add new members to your organization. Organization owners can invite new members manually on {% data variables.product.product_name %} or using the API. For more information, see "[AUTOTITLE](/organizations/managing-membership-in-your-organization/inviting-users-to-join-your-organization)" and "[AUTOTITLE](/rest/orgs#add-or-update-organization-membership)." +After you enable SAML SSO, there are multiple ways you can add new members to your organization. Organization owners can invite new members manually on {% data variables.product.product_name %} or using the API. For more information, see [AUTOTITLE](/organizations/managing-membership-in-your-organization/inviting-users-to-join-your-organization) and [AUTOTITLE](/rest/orgs#add-or-update-organization-membership). To provision new users without an invitation from an organization owner, you can use the URL `https://github.com/orgs/ORGANIZATION/sso/sign_up`, replacing ORGANIZATION with the name of your organization. For example, you can configure your IdP so that anyone with access to the IdP can click a link on the IdP's dashboard to join your {% data variables.product.prodname_dotcom %} organization. > [!NOTE] -> Provisioning new users via `https://github.com/orgs/ORGANIZATION/sso/sign_up` is only supported when SAML SSO is configured at the organization level, not when SAML SSO is configured at the enterprise account level. For more information about SAML SSO for enterprise accounts, see "[AUTOTITLE](/admin/identity-and-access-management/using-saml-for-enterprise-iam/about-saml-for-enterprise-iam)." +> Provisioning new users via `https://github.com/orgs/ORGANIZATION/sso/sign_up` is only supported when SAML SSO is configured at the organization level, not when SAML SSO is configured at the enterprise account level. For more information about SAML SSO for enterprise accounts, see [AUTOTITLE](/admin/identity-and-access-management/using-saml-for-enterprise-iam/about-saml-for-enterprise-iam). -If your IdP supports SCIM, {% data variables.product.prodname_dotcom %} can automatically invite members to join your organization when you grant access on your IdP. If you remove a member's access to your {% data variables.product.prodname_dotcom %} organization on your SAML IdP, the member will be automatically removed from the {% data variables.product.prodname_dotcom %} organization. For more information, see "[AUTOTITLE](/organizations/managing-saml-single-sign-on-for-your-organization/about-scim-for-organizations)." +If your IdP supports SCIM, {% data variables.product.prodname_dotcom %} can automatically invite members to join your organization when you grant access on your IdP. If you remove a member's access to your {% data variables.product.prodname_dotcom %} organization on your SAML IdP, the member will be automatically removed from the {% data variables.product.prodname_dotcom %} organization. For more information, see [AUTOTITLE](/organizations/managing-saml-single-sign-on-for-your-organization/about-scim-for-organizations). {% data reusables.organizations.team-synchronization %} @@ -67,6 +67,6 @@ If an organization exceeds 100,000 members, some UI experiences and API function ## Further reading -* "[AUTOTITLE](/admin/identity-and-access-management/using-saml-for-enterprise-iam/saml-configuration-reference)" -* "[AUTOTITLE](/organizations/granting-access-to-your-organization-with-saml-single-sign-on/about-two-factor-authentication-and-saml-single-sign-on)" -* "[AUTOTITLE](/authentication/authenticating-with-saml-single-sign-on/about-authentication-with-saml-single-sign-on)" +* [AUTOTITLE](/admin/identity-and-access-management/using-saml-for-enterprise-iam/saml-configuration-reference) +* [AUTOTITLE](/organizations/granting-access-to-your-organization-with-saml-single-sign-on/about-two-factor-authentication-and-saml-single-sign-on) +* [AUTOTITLE](/authentication/authenticating-with-saml-single-sign-on/about-authentication-with-saml-single-sign-on) diff --git a/content/organizations/managing-saml-single-sign-on-for-your-organization/about-scim-for-organizations.md b/content/organizations/managing-saml-single-sign-on-for-your-organization/about-scim-for-organizations.md index 8b6cf3953b64..36da3a0fe638 100644 --- a/content/organizations/managing-saml-single-sign-on-for-your-organization/about-scim-for-organizations.md +++ b/content/organizations/managing-saml-single-sign-on-for-your-organization/about-scim-for-organizations.md @@ -26,7 +26,7 @@ If you use SAML SSO without implementing SCIM, you won't have automatic deprovis ## Supported identity providers -These identity providers (IdPs) are compatible with the {% data variables.product.product_name %} SCIM API for organizations. For more information, see "[AUTOTITLE](/rest/scim)." +These identity providers (IdPs) are compatible with the {% data variables.product.product_name %} SCIM API for organizations. For more information, see [AUTOTITLE](/rest/scim). * Microsoft Entra ID (previously known as Azure AD) * Okta * OneLogin @@ -35,11 +35,11 @@ These identity providers (IdPs) are compatible with the {% data variables.produc {% data reusables.scim.dedicated-configuration-account %} -Before you authorize the {% data variables.product.prodname_oauth_app %}, you must have an active SAML session. For more information, see "[AUTOTITLE](/authentication/authenticating-with-saml-single-sign-on/about-authentication-with-saml-single-sign-on#about-oauth-apps-github-apps-and-saml-sso)." +Before you authorize the {% data variables.product.prodname_oauth_app %}, you must have an active SAML session. For more information, see [AUTOTITLE](/authentication/authenticating-with-saml-single-sign-on/about-authentication-with-saml-single-sign-on#about-oauth-apps-github-apps-and-saml-sso). > [!NOTE] > {% data reusables.scim.nameid-and-username-must-match %} ## Further reading -* "[AUTOTITLE](/organizations/granting-access-to-your-organization-with-saml-single-sign-on/viewing-and-managing-a-members-saml-access-to-your-organization)" +* [AUTOTITLE](/organizations/granting-access-to-your-organization-with-saml-single-sign-on/viewing-and-managing-a-members-saml-access-to-your-organization) diff --git a/content/organizations/managing-saml-single-sign-on-for-your-organization/accessing-your-organization-if-your-identity-provider-is-unavailable.md b/content/organizations/managing-saml-single-sign-on-for-your-organization/accessing-your-organization-if-your-identity-provider-is-unavailable.md index 233e1002e21b..cb07f6ac4974 100644 --- a/content/organizations/managing-saml-single-sign-on-for-your-organization/accessing-your-organization-if-your-identity-provider-is-unavailable.md +++ b/content/organizations/managing-saml-single-sign-on-for-your-organization/accessing-your-organization-if-your-identity-provider-is-unavailable.md @@ -15,7 +15,7 @@ permissions: Organization owners can use a recovery code to bypass SAML SSO. ## About recovery codes -Organization owners can use one of their downloaded or saved recovery codes to bypass single sign-on. You may have saved these to a password manager. For more information about downloading recovery codes, see "[AUTOTITLE](/organizations/managing-saml-single-sign-on-for-your-organization/downloading-your-organizations-saml-single-sign-on-recovery-codes)." +Organization owners can use one of their downloaded or saved recovery codes to bypass single sign-on. You may have saved these to a password manager. For more information about downloading recovery codes, see [AUTOTITLE](/organizations/managing-saml-single-sign-on-for-your-organization/downloading-your-organizations-saml-single-sign-on-recovery-codes). {% data reusables.saml.recovery-code-caveats %} diff --git a/content/organizations/managing-saml-single-sign-on-for-your-organization/configuring-saml-single-sign-on-and-scim-using-okta.md b/content/organizations/managing-saml-single-sign-on-for-your-organization/configuring-saml-single-sign-on-and-scim-using-okta.md index ba55157a8ba2..4186df40f19f 100644 --- a/content/organizations/managing-saml-single-sign-on-for-your-organization/configuring-saml-single-sign-on-and-scim-using-okta.md +++ b/content/organizations/managing-saml-single-sign-on-for-your-organization/configuring-saml-single-sign-on-and-scim-using-okta.md @@ -18,7 +18,7 @@ You can control access to your organization on {% data variables.product.prodnam {% data reusables.saml.ghec-only %} -SAML SSO controls and secures access to organization resources like repositories, issues, and pull requests. SCIM automatically adds, manages, and removes members' access to your organization on {% data variables.product.prodname_dotcom %} when you make changes in Okta. For more information, see "[AUTOTITLE](/organizations/managing-saml-single-sign-on-for-your-organization/about-identity-and-access-management-with-saml-single-sign-on)" and "[AUTOTITLE](/organizations/managing-saml-single-sign-on-for-your-organization/about-scim-for-organizations)." +SAML SSO controls and secures access to organization resources like repositories, issues, and pull requests. SCIM automatically adds, manages, and removes members' access to your organization on {% data variables.product.prodname_dotcom %} when you make changes in Okta. For more information, see [AUTOTITLE](/organizations/managing-saml-single-sign-on-for-your-organization/about-identity-and-access-management-with-saml-single-sign-on) and [AUTOTITLE](/organizations/managing-saml-single-sign-on-for-your-organization/about-scim-for-organizations). After you enable SCIM, the following provisioning features are available for any users that you assign your {% data variables.product.prodname_ghe_cloud %} application to in Okta. @@ -29,7 +29,7 @@ After you enable SCIM, the following provisioning features are available for any | Push Profile Updates | When you update a user's profile in Okta, Okta will update the metadata for the user's membership in your organization on {% data variables.product.prodname_dotcom %}. | | Reactivate Users | When you reactivate a user in Okta, Okta will send an email invitation for the user to rejoin your organization on {% data variables.product.prodname_dotcom %}. | -Alternatively, you can configure SAML SSO for an enterprise using Okta. SCIM for enterprise accounts is only available with Enterprise Managed Users. For more information, see "[AUTOTITLE](/admin/identity-and-access-management/using-saml-for-enterprise-iam/configuring-saml-single-sign-on-for-your-enterprise-using-okta)" and "[AUTOTITLE](/admin/identity-and-access-management/using-enterprise-managed-users-for-iam/configuring-scim-provisioning-for-enterprise-managed-users-with-okta)." +Alternatively, you can configure SAML SSO for an enterprise using Okta. SCIM for enterprise accounts is only available with Enterprise Managed Users. For more information, see [AUTOTITLE](/admin/identity-and-access-management/using-saml-for-enterprise-iam/configuring-saml-single-sign-on-for-your-enterprise-using-okta) and [AUTOTITLE](/admin/identity-and-access-management/using-enterprise-managed-users-for-iam/configuring-scim-provisioning-for-enterprise-managed-users-with-okta). ## Configuring SAML in Okta @@ -40,14 +40,14 @@ Alternatively, you can configure SAML SSO for an enterprise using Okta. SCIM for {% data reusables.saml.assign-yourself-to-okta %} {% data reusables.saml.okta-sign-on-tab %} {% data reusables.saml.okta-view-setup-instructions %} -1. Enable and test SAML SSO on {% data variables.product.prodname_dotcom %} using the sign on URL, issuer URL, and public certificates from the "How to Configure SAML 2.0" guide. For more information, see "[AUTOTITLE](/organizations/managing-saml-single-sign-on-for-your-organization/enabling-and-testing-saml-single-sign-on-for-your-organization#enabling-and-testing-saml-single-sign-on-for-your-organization)." +1. Enable and test SAML SSO on {% data variables.product.prodname_dotcom %} using the sign on URL, issuer URL, and public certificates from the "How to Configure SAML 2.0" guide. For more information, see [AUTOTITLE](/organizations/managing-saml-single-sign-on-for-your-organization/enabling-and-testing-saml-single-sign-on-for-your-organization#enabling-and-testing-saml-single-sign-on-for-your-organization). ## Configuring access provisioning with SCIM in Okta {% data reusables.scim.dedicated-configuration-account %} 1. Sign into {% data variables.product.prodname_dotcom %} using an account that is an organization owner and is ideally used only for SCIM configuration. -1. To create an active SAML session for your organization, navigate to `https://github.com/orgs/ORGANIZATION-NAME/sso`. For more information, see "[AUTOTITLE](/authentication/authenticating-with-saml-single-sign-on/about-authentication-with-saml-single-sign-on#about-oauth-apps-github-apps-and-saml-sso)." +1. To create an active SAML session for your organization, navigate to `https://github.com/orgs/ORGANIZATION-NAME/sso`. For more information, see [AUTOTITLE](/authentication/authenticating-with-saml-single-sign-on/about-authentication-with-saml-single-sign-on#about-oauth-apps-github-apps-and-saml-sso). 1. Navigate to Okta. {% data reusables.saml.okta-dashboard-click-applications %} {% data reusables.saml.okta-applications-click-ghec-application-label %} @@ -58,7 +58,7 @@ Alternatively, you can configure SAML SSO for an enterprise using Okta. SCIM for 1. To the right of your organization's name, click **Grant**. > [!NOTE] - > If you cannot see your organization, this may be because {% data variables.product.prodname_oauth_app %} access restrictions are enabled for the organization. To continue, you will need to approve the "OKTA SCIM Integration" app for the organization. For more information, see "[AUTOTITLE](/organizations/managing-oauth-access-to-your-organizations-data/approving-oauth-apps-for-your-organization)." + > If you cannot see your organization, this may be because {% data variables.product.prodname_oauth_app %} access restrictions are enabled for the organization. To continue, you will need to approve the "OKTA SCIM Integration" app for the organization. For more information, see [AUTOTITLE](/organizations/managing-oauth-access-to-your-organizations-data/approving-oauth-apps-for-your-organization). 1. Click **Authorize OktaOAN**. {% data reusables.saml.okta-save-provisioning %} @@ -66,6 +66,6 @@ Alternatively, you can configure SAML SSO for an enterprise using Okta. SCIM for ## Further reading -* "[AUTOTITLE](/enterprise-cloud@latest/admin/identity-and-access-management/using-saml-for-enterprise-iam/configuring-saml-single-sign-on-for-your-enterprise-using-okta)" +* [AUTOTITLE](/enterprise-cloud@latest/admin/identity-and-access-management/using-saml-for-enterprise-iam/configuring-saml-single-sign-on-for-your-enterprise-using-okta) * [Understanding SAML](https://developer.okta.com/docs/concepts/saml/) in the Okta documentation * [Understanding SCIM](https://developer.okta.com/docs/concepts/scim/) in the Okta documentation diff --git a/content/organizations/managing-saml-single-sign-on-for-your-organization/connecting-your-identity-provider-to-your-organization.md b/content/organizations/managing-saml-single-sign-on-for-your-organization/connecting-your-identity-provider-to-your-organization.md index e9e77caf53ec..f27abdcbc38a 100644 --- a/content/organizations/managing-saml-single-sign-on-for-your-organization/connecting-your-identity-provider-to-your-organization.md +++ b/content/organizations/managing-saml-single-sign-on-for-your-organization/connecting-your-identity-provider-to-your-organization.md @@ -15,7 +15,7 @@ shortTitle: Connect an IdP ## About connection of your IdP to your organization -When you enable SAML SSO for your {% data variables.product.product_name %} organization, you connect your identity provider (IdP) to your organization. For more information, see "[AUTOTITLE](/organizations/managing-saml-single-sign-on-for-your-organization/enabling-and-testing-saml-single-sign-on-for-your-organization)." +When you enable SAML SSO for your {% data variables.product.product_name %} organization, you connect your identity provider (IdP) to your organization. For more information, see [AUTOTITLE](/organizations/managing-saml-single-sign-on-for-your-organization/enabling-and-testing-saml-single-sign-on-for-your-organization). {% data reusables.saml.ghec-only %} @@ -28,10 +28,10 @@ You can find the SAML and SCIM implementation details for your IdP in the IdP's * Shibboleth [SAML](https://shibboleth.atlassian.net/wiki/spaces/IDP4/overview) > [!NOTE] -> {% data variables.product.product_name %} supported identity providers for SCIM are Entra ID, Okta, and OneLogin. For more information about SCIM, see "[AUTOTITLE](/organizations/managing-saml-single-sign-on-for-your-organization/about-scim-for-organizations)." +> {% data variables.product.product_name %} supported identity providers for SCIM are Entra ID, Okta, and OneLogin. For more information about SCIM, see [AUTOTITLE](/organizations/managing-saml-single-sign-on-for-your-organization/about-scim-for-organizations). > > {% data reusables.scim.enterprise-account-scim %} ## SAML metadata -For more information about SAML metadata for your organization, see "[AUTOTITLE](/admin/identity-and-access-management/using-saml-for-enterprise-iam/saml-configuration-reference)." +For more information about SAML metadata for your organization, see [AUTOTITLE](/admin/identity-and-access-management/using-saml-for-enterprise-iam/saml-configuration-reference). diff --git a/content/organizations/managing-saml-single-sign-on-for-your-organization/disabling-saml-single-sign-on-for-your-organization.md b/content/organizations/managing-saml-single-sign-on-for-your-organization/disabling-saml-single-sign-on-for-your-organization.md index 3b2e607e62b6..a4785ca4fd18 100644 --- a/content/organizations/managing-saml-single-sign-on-for-your-organization/disabling-saml-single-sign-on-for-your-organization.md +++ b/content/organizations/managing-saml-single-sign-on-for-your-organization/disabling-saml-single-sign-on-for-your-organization.md @@ -10,13 +10,13 @@ shortTitle: Disable SAML permissions: Organization owners can disable SAML SSO for an organization. --- -After you disable SAML SSO for your organization, all external identities for your organization will be removed. For more information, see "[AUTOTITLE](/organizations/granting-access-to-your-organization-with-saml-single-sign-on/viewing-and-managing-a-members-saml-access-to-your-organization)." +After you disable SAML SSO for your organization, all external identities for your organization will be removed. For more information, see [AUTOTITLE](/organizations/granting-access-to-your-organization-with-saml-single-sign-on/viewing-and-managing-a-members-saml-access-to-your-organization). {% data reusables.profile.access_org %} {% data reusables.profile.org_settings %} > [!NOTE] - > If you're unable to access the organization because your identity provider (IdP) is unavailable, you can use a recovery code to bypass SSO. For more information, see "[AUTOTITLE](/organizations/managing-saml-single-sign-on-for-your-organization/accessing-your-organization-if-your-identity-provider-is-unavailable)." + > If you're unable to access the organization because your identity provider (IdP) is unavailable, you can use a recovery code to bypass SSO. For more information, see [AUTOTITLE](/organizations/managing-saml-single-sign-on-for-your-organization/accessing-your-organization-if-your-identity-provider-is-unavailable). {% data reusables.organizations.security %} 1. Under "SAML single sign-on", deselect **Enable SAML authentication**. diff --git a/content/organizations/managing-saml-single-sign-on-for-your-organization/downloading-your-organizations-saml-single-sign-on-recovery-codes.md b/content/organizations/managing-saml-single-sign-on-for-your-organization/downloading-your-organizations-saml-single-sign-on-recovery-codes.md index 9d6ffec8ac27..23f1e16bbf0c 100644 --- a/content/organizations/managing-saml-single-sign-on-for-your-organization/downloading-your-organizations-saml-single-sign-on-recovery-codes.md +++ b/content/organizations/managing-saml-single-sign-on-for-your-organization/downloading-your-organizations-saml-single-sign-on-recovery-codes.md @@ -29,5 +29,5 @@ Recovery codes should not be shared or distributed. We recommend saving them wit ## Further reading -* "[AUTOTITLE](/organizations/managing-saml-single-sign-on-for-your-organization/about-identity-and-access-management-with-saml-single-sign-on)" -* "[AUTOTITLE](/organizations/managing-saml-single-sign-on-for-your-organization/accessing-your-organization-if-your-identity-provider-is-unavailable)" +* [AUTOTITLE](/organizations/managing-saml-single-sign-on-for-your-organization/about-identity-and-access-management-with-saml-single-sign-on) +* [AUTOTITLE](/organizations/managing-saml-single-sign-on-for-your-organization/accessing-your-organization-if-your-identity-provider-is-unavailable) diff --git a/content/organizations/managing-saml-single-sign-on-for-your-organization/enabling-and-testing-saml-single-sign-on-for-your-organization.md b/content/organizations/managing-saml-single-sign-on-for-your-organization/enabling-and-testing-saml-single-sign-on-for-your-organization.md index 8ba1f5fd1f5e..d0d6e43b69e6 100644 --- a/content/organizations/managing-saml-single-sign-on-for-your-organization/enabling-and-testing-saml-single-sign-on-for-your-organization.md +++ b/content/organizations/managing-saml-single-sign-on-for-your-organization/enabling-and-testing-saml-single-sign-on-for-your-organization.md @@ -18,7 +18,7 @@ You can enable SAML SSO in your organization without requiring all members to us {% data reusables.saml.ghec-only %} -If you enable but don't enforce SAML SSO, organization members who choose not to use SAML SSO can still be members of the organization. For more information on enforcing SAML SSO, see "[AUTOTITLE](/organizations/managing-saml-single-sign-on-for-your-organization/enforcing-saml-single-sign-on-for-your-organization)." +If you enable but don't enforce SAML SSO, organization members who choose not to use SAML SSO can still be members of the organization. For more information on enforcing SAML SSO, see [AUTOTITLE](/organizations/managing-saml-single-sign-on-for-your-organization/enforcing-saml-single-sign-on-for-your-organization). {% data reusables.saml.outside-collaborators-exemption %} @@ -28,9 +28,9 @@ If you enable but don't enforce SAML SSO, organization members who choose not to ## Enabling and testing SAML single sign-on for your organization -Before your enforce SAML SSO in your organization, ensure that you've prepared the organization. For more information, see "[AUTOTITLE](/organizations/managing-saml-single-sign-on-for-your-organization/preparing-to-enforce-saml-single-sign-on-in-your-organization)." +Before your enforce SAML SSO in your organization, ensure that you've prepared the organization. For more information, see [AUTOTITLE](/organizations/managing-saml-single-sign-on-for-your-organization/preparing-to-enforce-saml-single-sign-on-in-your-organization). -For more information about the identity providers (IdPs) that {% data variables.product.company_short %} supports for SAML SSO, see "[AUTOTITLE](/organizations/managing-saml-single-sign-on-for-your-organization/connecting-your-identity-provider-to-your-organization)." +For more information about the identity providers (IdPs) that {% data variables.product.company_short %} supports for SAML SSO, see [AUTOTITLE](/organizations/managing-saml-single-sign-on-for-your-organization/connecting-your-identity-provider-to-your-organization). {% data reusables.profile.access_org %} {% data reusables.profile.org_settings %} @@ -38,13 +38,13 @@ For more information about the identity providers (IdPs) that {% data variables. 1. Under "SAML single sign-on", select **Enable SAML authentication**. > [!NOTE] - > After enabling SAML SSO, you can download your single sign-on recovery codes so that you can access your organization even if your IdP is unavailable. For more information, see "[AUTOTITLE](/organizations/managing-saml-single-sign-on-for-your-organization/downloading-your-organizations-saml-single-sign-on-recovery-codes)." + > After enabling SAML SSO, you can download your single sign-on recovery codes so that you can access your organization even if your IdP is unavailable. For more information, see [AUTOTITLE](/organizations/managing-saml-single-sign-on-for-your-organization/downloading-your-organizations-saml-single-sign-on-recovery-codes). 1. In the "Sign on URL" field, type the HTTPS endpoint of your IdP for single sign-on requests. This value is available in your IdP configuration. 1. Optionally, in the "Issuer" field, type your SAML issuer's name. This verifies the authenticity of sent messages. > [!NOTE] - > If you want to enable team synchronization for your organization, the "Issuer" field is a required. For more information, see "[AUTOTITLE](/organizations/managing-saml-single-sign-on-for-your-organization/managing-team-synchronization-for-your-organization)." + > If you want to enable team synchronization for your organization, the "Issuer" field is a required. For more information, see [AUTOTITLE](/organizations/managing-saml-single-sign-on-for-your-organization/managing-team-synchronization-for-your-organization). 1. Under "Public Certificate," paste a certificate to verify SAML responses. {% data reusables.saml.edit-signature-and-digest-methods %} @@ -53,10 +53,10 @@ For more information about the identity providers (IdPs) that {% data variables. > [!TIP] > {% data reusables.saml.testing-saml-sso %} -1. To enforce SAML SSO and remove all organization members who haven't authenticated via your IdP, select **Require SAML SSO authentication for all members of the _organization name_ organization**. For more information on enforcing SAML SSO, see "[AUTOTITLE](/organizations/managing-saml-single-sign-on-for-your-organization/enforcing-saml-single-sign-on-for-your-organization)." +1. To enforce SAML SSO and remove all organization members who haven't authenticated via your IdP, select **Require SAML SSO authentication for all members of the _organization name_ organization**. For more information on enforcing SAML SSO, see [AUTOTITLE](/organizations/managing-saml-single-sign-on-for-your-organization/enforcing-saml-single-sign-on-for-your-organization). 1. Click **Save**. ## Further reading -* "[AUTOTITLE](/organizations/managing-saml-single-sign-on-for-your-organization/about-identity-and-access-management-with-saml-single-sign-on)" -* "[AUTOTITLE](/admin/identity-and-access-management/using-saml-for-enterprise-iam/saml-configuration-reference)" +* [AUTOTITLE](/organizations/managing-saml-single-sign-on-for-your-organization/about-identity-and-access-management-with-saml-single-sign-on) +* [AUTOTITLE](/admin/identity-and-access-management/using-saml-for-enterprise-iam/saml-configuration-reference) diff --git a/content/organizations/managing-saml-single-sign-on-for-your-organization/enforcing-saml-single-sign-on-for-your-organization.md b/content/organizations/managing-saml-single-sign-on-for-your-organization/enforcing-saml-single-sign-on-for-your-organization.md index 02e57f22e0ee..b4bd4c917b6b 100644 --- a/content/organizations/managing-saml-single-sign-on-for-your-organization/enforcing-saml-single-sign-on-for-your-organization.md +++ b/content/organizations/managing-saml-single-sign-on-for-your-organization/enforcing-saml-single-sign-on-for-your-organization.md @@ -20,19 +20,19 @@ You can also enforce SAML SSO for your organization. {% data reusables.saml.when {% data reusables.saml.ghec-only %} -{% data reusables.saml.removed-users-can-rejoin %} If a user rejoins the organization within three months, the user's access privileges and settings will be restored. For more information, see "[AUTOTITLE](/organizations/managing-membership-in-your-organization/reinstating-a-former-member-of-your-organization)." +{% data reusables.saml.removed-users-can-rejoin %} If a user rejoins the organization within three months, the user's access privileges and settings will be restored. For more information, see [AUTOTITLE](/organizations/managing-membership-in-your-organization/reinstating-a-former-member-of-your-organization). -Bots and service accounts that do not have external identities set up in your organization's IdP will also be removed when you enforce SAML SSO. For more information about bots and service accounts, see "[AUTOTITLE](/organizations/granting-access-to-your-organization-with-saml-single-sign-on/managing-bots-and-service-accounts-with-saml-single-sign-on)." +Bots and service accounts that do not have external identities set up in your organization's IdP will also be removed when you enforce SAML SSO. For more information about bots and service accounts, see [AUTOTITLE](/organizations/granting-access-to-your-organization-with-saml-single-sign-on/managing-bots-and-service-accounts-with-saml-single-sign-on). -If your organization is owned by an enterprise account, requiring SAML for the enterprise account will override your organization-level SAML configuration and enforce SAML SSO for every organization in the enterprise. For more information, see "[AUTOTITLE](/enterprise-cloud@latest/admin/identity-and-access-management/using-saml-for-enterprise-iam/configuring-saml-single-sign-on-for-your-enterprise)." +If your organization is owned by an enterprise account, requiring SAML for the enterprise account will override your organization-level SAML configuration and enforce SAML SSO for every organization in the enterprise. For more information, see [AUTOTITLE](/enterprise-cloud@latest/admin/identity-and-access-management/using-saml-for-enterprise-iam/configuring-saml-single-sign-on-for-your-enterprise). > [!TIP] > {% data reusables.saml.testing-saml-sso %} ## Enforcing SAML SSO for your organization -1. Enable and test SAML SSO for your organization, then authenticate with your IdP at least once. For more information, see "[AUTOTITLE](/organizations/managing-saml-single-sign-on-for-your-organization/enabling-and-testing-saml-single-sign-on-for-your-organization)." -1. Prepare to enforce SAML SSO for your organization. For more information, see "[AUTOTITLE](/organizations/managing-saml-single-sign-on-for-your-organization/preparing-to-enforce-saml-single-sign-on-in-your-organization)." +1. Enable and test SAML SSO for your organization, then authenticate with your IdP at least once. For more information, see [AUTOTITLE](/organizations/managing-saml-single-sign-on-for-your-organization/enabling-and-testing-saml-single-sign-on-for-your-organization). +1. Prepare to enforce SAML SSO for your organization. For more information, see [AUTOTITLE](/organizations/managing-saml-single-sign-on-for-your-organization/preparing-to-enforce-saml-single-sign-on-in-your-organization). {% data reusables.profile.access_org %} {% data reusables.profile.org_settings %} {% data reusables.organizations.security %} @@ -44,4 +44,4 @@ If your organization is owned by an enterprise account, requiring SAML for the e ## Further reading -* "[AUTOTITLE](/organizations/granting-access-to-your-organization-with-saml-single-sign-on/viewing-and-managing-a-members-saml-access-to-your-organization)" +* [AUTOTITLE](/organizations/granting-access-to-your-organization-with-saml-single-sign-on/viewing-and-managing-a-members-saml-access-to-your-organization) diff --git a/content/organizations/managing-saml-single-sign-on-for-your-organization/managing-team-synchronization-for-your-organization.md b/content/organizations/managing-saml-single-sign-on-for-your-organization/managing-team-synchronization-for-your-organization.md index ca47284044e9..1e8e37799ff7 100644 --- a/content/organizations/managing-saml-single-sign-on-for-your-organization/managing-team-synchronization-for-your-organization.md +++ b/content/organizations/managing-saml-single-sign-on-for-your-organization/managing-team-synchronization-for-your-organization.md @@ -35,7 +35,7 @@ You can enable team synchronization between your IdP and {% data variables.produ {% data reusables.identity-and-permissions.sync-team-with-idp-group %} -You can also enable team synchronization for all organizations owned by an enterprise account. If SAML is configured at the enterprise level, you cannot enable team synchronization on an individual organization. Instead, you must configure team synchronization for the entire enterprise. For more information, see "[AUTOTITLE](/enterprise-cloud@latest/admin/identity-and-access-management/using-saml-for-enterprise-iam/managing-team-synchronization-for-organizations-in-your-enterprise)." +You can also enable team synchronization for all organizations owned by an enterprise account. If SAML is configured at the enterprise level, you cannot enable team synchronization on an individual organization. Instead, you must configure team synchronization for the entire enterprise. For more information, see [AUTOTITLE](/enterprise-cloud@latest/admin/identity-and-access-management/using-saml-for-enterprise-iam/managing-team-synchronization-for-organizations-in-your-enterprise). {% data reusables.enterprise-accounts.team-sync-override %} @@ -49,12 +49,12 @@ The steps to enable team synchronization depend on the IdP you want to use. Ther {% data reusables.identity-and-permissions.team-sync-required-permissions %} -You must enable SAML single sign-on for your organization and your supported IdP. For more information, see "[AUTOTITLE](/organizations/managing-saml-single-sign-on-for-your-organization/enforcing-saml-single-sign-on-for-your-organization)." +You must enable SAML single sign-on for your organization and your supported IdP. For more information, see [AUTOTITLE](/organizations/managing-saml-single-sign-on-for-your-organization/enforcing-saml-single-sign-on-for-your-organization). -You must have a linked SAML identity. To create a linked identity, you must authenticate to your organization using SAML SSO and the supported IdP at least once. For more information, see "[AUTOTITLE](/authentication/authenticating-with-saml-single-sign-on)." +You must have a linked SAML identity. To create a linked identity, you must authenticate to your organization using SAML SSO and the supported IdP at least once. For more information, see [AUTOTITLE](/authentication/authenticating-with-saml-single-sign-on). > [!NOTE] -> For team synchronization to work, your SAML settings must contain a valid IdP URL for the "Issuer" field. For more information, see "[Enabling and testing SAML single sign-on for your organization](/organizations/managing-saml-single-sign-on-for-your-organization/enabling-and-testing-saml-single-sign-on-for-your-organization#enabling-and-testing-saml-single-sign-on-for-your-organization)." +> For team synchronization to work, your SAML settings must contain a valid IdP URL for the "Issuer" field. For more information, see [Enabling and testing SAML single sign-on for your organization](/organizations/managing-saml-single-sign-on-for-your-organization/enabling-and-testing-saml-single-sign-on-for-your-organization#enabling-and-testing-saml-single-sign-on-for-your-organization). ### Enabling team synchronization for Entra ID @@ -76,7 +76,7 @@ To avoid potential team synchronization errors with Okta, we recommend that you If an organization member does not have a linked SCIM identity, then team synchronization will not work as expected and the user may not be added or removed from teams as expected. If any of these users are missing a SCIM linked identity, you will need to re-provision them. -For help on provisioning users that have missing a missing SCIM linked identity, see "[AUTOTITLE](/organizations/managing-saml-single-sign-on-for-your-organization/troubleshooting-identity-and-access-management-for-your-organization)." +For help on provisioning users that have missing a missing SCIM linked identity, see [AUTOTITLE](/organizations/managing-saml-single-sign-on-for-your-organization/troubleshooting-identity-and-access-management-for-your-organization). {% data reusables.identity-and-permissions.team-sync-okta-requirements %} @@ -85,7 +85,7 @@ For help on provisioning users that have missing a missing SCIM linked identity, {% data reusables.organizations.security %} {% data reusables.identity-and-permissions.team-sync-confirm-saml %} {% data reusables.identity-and-permissions.team-sync-confirm-scim %} -1. Consider enforcing SAML in your organization to ensure that organization members link their SAML and SCIM identities. For more information, see "[AUTOTITLE](/organizations/managing-saml-single-sign-on-for-your-organization/enforcing-saml-single-sign-on-for-your-organization)." +1. Consider enforcing SAML in your organization to ensure that organization members link their SAML and SCIM identities. For more information, see [AUTOTITLE](/organizations/managing-saml-single-sign-on-for-your-organization/enforcing-saml-single-sign-on-for-your-organization). {% data reusables.identity-and-permissions.enable-team-sync-okta %} 1. Under your organization's name, in the "SSWS Token" field, type a valid SSWS token. 1. In the "URL" field, type the URL for your Okta instance. diff --git a/content/organizations/managing-saml-single-sign-on-for-your-organization/preparing-to-enforce-saml-single-sign-on-in-your-organization.md b/content/organizations/managing-saml-single-sign-on-for-your-organization/preparing-to-enforce-saml-single-sign-on-in-your-organization.md index c0de3c86f7fc..2d660b0d2979 100644 --- a/content/organizations/managing-saml-single-sign-on-for-your-organization/preparing-to-enforce-saml-single-sign-on-in-your-organization.md +++ b/content/organizations/managing-saml-single-sign-on-for-your-organization/preparing-to-enforce-saml-single-sign-on-in-your-organization.md @@ -18,10 +18,10 @@ shortTitle: Prepare to enforce SAML SSO | Task | More information | | :- | :- | -| Add or remove members from your organization | | -| Connect your IdP to your organization by enabling SAML SSO | | -| Ensure that your organization members have signed in and linked their accounts with the IdP | | +| Add or remove members from your organization | | +| Connect your IdP to your organization by enabling SAML SSO | | +| Ensure that your organization members have signed in and linked their accounts with the IdP | | -After you finish these tasks, you can enforce SAML SSO for your organization. For more information, see "[AUTOTITLE](/organizations/managing-saml-single-sign-on-for-your-organization/enforcing-saml-single-sign-on-for-your-organization)." +After you finish these tasks, you can enforce SAML SSO for your organization. For more information, see [AUTOTITLE](/organizations/managing-saml-single-sign-on-for-your-organization/enforcing-saml-single-sign-on-for-your-organization). {% data reusables.saml.outside-collaborators-exemption %} diff --git a/content/organizations/managing-saml-single-sign-on-for-your-organization/troubleshooting-identity-and-access-management-for-your-organization.md b/content/organizations/managing-saml-single-sign-on-for-your-organization/troubleshooting-identity-and-access-management-for-your-organization.md index 966d871b7879..2bbe8e09a4e7 100644 --- a/content/organizations/managing-saml-single-sign-on-for-your-organization/troubleshooting-identity-and-access-management-for-your-organization.md +++ b/content/organizations/managing-saml-single-sign-on-for-your-organization/troubleshooting-identity-and-access-management-for-your-organization.md @@ -48,8 +48,8 @@ As an organization owner, you can also query the SCIM REST API or GraphQL to lis The SCIM REST API will only return data for users that have SCIM metadata populated under their external identities. We recommend you compare a list of SCIM provisioned identities with a list of all your organization members. For more information, see: -* "[AUTOTITLE](/rest/scim/scim#list-scim-provisioned-identities)" -* "[AUTOTITLE](/rest/orgs/members#list-organization-members)" +* [AUTOTITLE](/rest/scim/scim#list-scim-provisioned-identities) +* [AUTOTITLE](/rest/orgs/members#list-organization-members) #### Using GraphQL @@ -85,17 +85,17 @@ curl -X POST -H "Authorization: Bearer YOUR_TOKEN" -H "Content-Type: application ``` For more information on using the GraphQL API, see: -* "[AUTOTITLE](/graphql/guides)" -* "[AUTOTITLE](/graphql/overview/explorer)" +* [AUTOTITLE](/graphql/guides) +* [AUTOTITLE](/graphql/overview/explorer) ### Re-provisioning SCIM for users through your identity provider -You can re-provision SCIM for users manually through your IdP. For example, to resolve provisioning errors for Okta, in the Okta admin portal, you can unassign and reassign users to the {% data variables.product.prodname_dotcom %} app. This should trigger Okta to make an API call to populate the SCIM metadata for these users on {% data variables.product.prodname_dotcom %}. For more information, see "[Unassign users from applications](https://help.okta.com/en/prod/Content/Topics/users-groups-profiles/usgp-unassign-apps.htm)" or "[Assign users to applications](https://help.okta.com/en/prod/Content/Topics/users-groups-profiles/usgp-assign-apps.htm)" in the Okta documentation. +You can re-provision SCIM for users manually through your IdP. For example, to resolve provisioning errors for Okta, in the Okta admin portal, you can unassign and reassign users to the {% data variables.product.prodname_dotcom %} app. This should trigger Okta to make an API call to populate the SCIM metadata for these users on {% data variables.product.prodname_dotcom %}. For more information, see [Unassign users from applications](https://help.okta.com/en/prod/Content/Topics/users-groups-profiles/usgp-unassign-apps.htm) or [Assign users to applications](https://help.okta.com/en/prod/Content/Topics/users-groups-profiles/usgp-assign-apps.htm) in the Okta documentation. -To confirm that a user's SCIM identity is created, we recommend testing this process with a single organization member whom you have confirmed doesn't have a SCIM external identity. After manually updating the users in your IdP, you can check if the user's SCIM identity was created using the SCIM API or on {% data variables.product.prodname_dotcom %}. For more information, see "[Auditing users for missing SCIM metadata](#auditing-users-for-missing-scim-metadata)" or "[AUTOTITLE](/rest/scim/scim#get-scim-provisioning-information-for-a-user)." +To confirm that a user's SCIM identity is created, we recommend testing this process with a single organization member whom you have confirmed doesn't have a SCIM external identity. After manually updating the users in your IdP, you can check if the user's SCIM identity was created using the SCIM API or on {% data variables.product.prodname_dotcom %}. For more information, see [Auditing users for missing SCIM metadata](#auditing-users-for-missing-scim-metadata) or [AUTOTITLE](/rest/scim/scim#get-scim-provisioning-information-for-a-user). If re-provisioning SCIM for users doesn't help, please contact {% data variables.product.prodname_dotcom %} Support. ## Further reading -* "[AUTOTITLE](/admin/identity-and-access-management/managing-iam-for-your-enterprise/troubleshooting-identity-and-access-management-for-your-enterprise)" +* [AUTOTITLE](/admin/identity-and-access-management/managing-iam-for-your-enterprise/troubleshooting-identity-and-access-management-for-your-enterprise) diff --git a/content/organizations/managing-user-access-to-your-organizations-repositories/managing-outside-collaborators/adding-outside-collaborators-to-repositories-in-your-organization.md b/content/organizations/managing-user-access-to-your-organizations-repositories/managing-outside-collaborators/adding-outside-collaborators-to-repositories-in-your-organization.md index efa0ed76b1e9..31239bb85a4d 100644 --- a/content/organizations/managing-user-access-to-your-organizations-repositories/managing-outside-collaborators/adding-outside-collaborators-to-repositories-in-your-organization.md +++ b/content/organizations/managing-user-access-to-your-organizations-repositories/managing-outside-collaborators/adding-outside-collaborators-to-repositories-in-your-organization.md @@ -26,21 +26,21 @@ permissions: People with admin access to a repository can add an outside collabo {% data reusables.organizations.outside-collaborators-use-seats %} {% ifversion fpt %} -Organizations that use {% data variables.product.prodname_ghe_cloud %} can restrict the ability to invite collaborators. For more information, see "[AUTOTITLE](/enterprise-cloud@latest/organizations/managing-organization-settings/setting-permissions-for-adding-outside-collaborators)" in the {% data variables.product.prodname_ghe_cloud %} documentation. +Organizations that use {% data variables.product.prodname_ghe_cloud %} can restrict the ability to invite collaborators. For more information, see [AUTOTITLE](/enterprise-cloud@latest/organizations/managing-organization-settings/setting-permissions-for-adding-outside-collaborators) in the {% data variables.product.prodname_ghe_cloud %} documentation. {% else %} -An organization owner can restrict the ability to invite collaborators. For more information, see "[AUTOTITLE](/organizations/managing-organization-settings/setting-permissions-for-adding-outside-collaborators)." +An organization owner can restrict the ability to invite collaborators. For more information, see [AUTOTITLE](/organizations/managing-organization-settings/setting-permissions-for-adding-outside-collaborators). {% endif %} {% ifversion ghes %} -Before you can add someone as an outside collaborator on a repository, the person must have a personal account on {% data variables.location.product_location %}. If your enterprise uses an external authentication system such as SAML or LDAP, the person you want to add must sign in through that system to create an account. If the person does not have access to the authentication system and built-in authentication is enabled for your enterprise, a site administrator can create an account for the person. For more information, see "[AUTOTITLE](/admin/identity-and-access-management/using-built-in-authentication/configuring-built-in-authentication)." +Before you can add someone as an outside collaborator on a repository, the person must have a personal account on {% data variables.location.product_location %}. If your enterprise uses an external authentication system such as SAML or LDAP, the person you want to add must sign in through that system to create an account. If the person does not have access to the authentication system and built-in authentication is enabled for your enterprise, a site administrator can create an account for the person. For more information, see [AUTOTITLE](/admin/identity-and-access-management/using-built-in-authentication/configuring-built-in-authentication). {% elsif ghec %} -Outside collaborators are not required to use SAML SSO to access resources in your organization. For more information, see "[AUTOTITLE](/admin/identity-and-access-management/using-saml-for-enterprise-iam/configuring-saml-single-sign-on-for-your-enterprise)." +Outside collaborators are not required to use SAML SSO to access resources in your organization. For more information, see [AUTOTITLE](/admin/identity-and-access-management/using-saml-for-enterprise-iam/configuring-saml-single-sign-on-for-your-enterprise). {% endif %} -If your organization requires two-factor authentication, all outside collaborators must enable two-factor authentication before accepting your invitation to collaborate on a repository. For more information, see "[AUTOTITLE](/organizations/keeping-your-organization-secure/managing-two-factor-authentication-for-your-organization/requiring-two-factor-authentication-in-your-organization)." +If your organization requires two-factor authentication, all outside collaborators must enable two-factor authentication before accepting your invitation to collaborate on a repository. For more information, see [AUTOTITLE](/organizations/keeping-your-organization-secure/managing-two-factor-authentication-for-your-organization/requiring-two-factor-authentication-in-your-organization). Outside collaborators cannot be added to a team, team membership is restricted to members of the organization. ## Adding outside collaborators to a repository -You can give outside collaborators access to a repository in your repository settings. For more information, see "[AUTOTITLE](/repositories/managing-your-repositorys-settings-and-features/managing-repository-settings/managing-teams-and-people-with-access-to-your-repository#inviting-a-team-or-person)." +You can give outside collaborators access to a repository in your repository settings. For more information, see [AUTOTITLE](/repositories/managing-your-repositorys-settings-and-features/managing-repository-settings/managing-teams-and-people-with-access-to-your-repository#inviting-a-team-or-person). diff --git a/content/organizations/managing-user-access-to-your-organizations-repositories/managing-outside-collaborators/converting-an-organization-member-to-an-outside-collaborator.md b/content/organizations/managing-user-access-to-your-organizations-repositories/managing-outside-collaborators/converting-an-organization-member-to-an-outside-collaborator.md index f1956875aea5..b29635d4581d 100644 --- a/content/organizations/managing-user-access-to-your-organizations-repositories/managing-outside-collaborators/converting-an-organization-member-to-an-outside-collaborator.md +++ b/content/organizations/managing-user-access-to-your-organizations-repositories/managing-outside-collaborators/converting-an-organization-member-to-an-outside-collaborator.md @@ -21,7 +21,7 @@ shortTitle: Convert member to collaborator ## About conversion of organization members to outside collaborators -You can convert a member of an organization to an outside collaborator. For more information about outside collaborators, see "[AUTOTITLE](/organizations/managing-user-access-to-your-organizations-repositories/managing-outside-collaborators/adding-outside-collaborators-to-repositories-in-your-organization)." +You can convert a member of an organization to an outside collaborator. For more information about outside collaborators, see [AUTOTITLE](/organizations/managing-user-access-to-your-organizations-repositories/managing-outside-collaborators/adding-outside-collaborators-to-repositories-in-your-organization). {% ifversion fpt or ghec %}If the organization is owned by an enterprise, converting{% elsif ghes %}Converting{% endif %} an organization member to an outside collaborator may be restricted. For more information, see "[Enforcing repository management policies in your enterprise]({% ifversion fpt %}/enterprise-cloud@latest{% endif %}/admin/policies/enforcing-policies-for-your-enterprise/enforcing-repository-management-policies-in-your-enterprise#enforcing-a-policy-for-inviting-{% ifversion fpt or ghec %}outside-{% endif %}collaborators-to-repositories){% ifversion ghec or ghes %}."{% elsif fpt %}" in the {% data variables.product.prodname_ghe_cloud %} documentation.{% endif %} @@ -34,11 +34,11 @@ After converting an organization member to an outside collaborator, they'll only * @mention any visible team * Be a team maintainer -For more information, see "[AUTOTITLE](/organizations/managing-peoples-access-to-your-organization-with-roles/roles-in-an-organization)." +For more information, see [AUTOTITLE](/organizations/managing-peoples-access-to-your-organization-with-roles/roles-in-an-organization). -We recommend reviewing the organization member's access to repositories to ensure their access is as you expect. For more information, see "[AUTOTITLE](/organizations/managing-user-access-to-your-organizations-repositories/managing-repository-roles/managing-an-individuals-access-to-an-organization-repository)." +We recommend reviewing the organization member's access to repositories to ensure their access is as you expect. For more information, see [AUTOTITLE](/organizations/managing-user-access-to-your-organizations-repositories/managing-repository-roles/managing-an-individuals-access-to-an-organization-repository). -When you convert an organization member to an outside collaborator, their privileges as organization members are saved for three months so that you can restore their membership privileges if you{% ifversion fpt or ghec %} invite them to rejoin{% else %} add them back to{% endif %} your organization within that time frame. For more information, see "[AUTOTITLE](/organizations/managing-membership-in-your-organization/reinstating-a-former-member-of-your-organization)." +When you convert an organization member to an outside collaborator, their privileges as organization members are saved for three months so that you can restore their membership privileges if you{% ifversion fpt or ghec %} invite them to rejoin{% else %} add them back to{% endif %} your organization within that time frame. For more information, see [AUTOTITLE](/organizations/managing-membership-in-your-organization/reinstating-a-former-member-of-your-organization). ## Converting an organization member to an outside collaborator diff --git a/content/organizations/managing-user-access-to-your-organizations-repositories/managing-outside-collaborators/converting-an-outside-collaborator-to-an-organization-member.md b/content/organizations/managing-user-access-to-your-organizations-repositories/managing-outside-collaborators/converting-an-outside-collaborator-to-an-organization-member.md index c7a072a98a1c..c1c534465a97 100644 --- a/content/organizations/managing-user-access-to-your-organizations-repositories/managing-outside-collaborators/converting-an-outside-collaborator-to-an-organization-member.md +++ b/content/organizations/managing-user-access-to-your-organizations-repositories/managing-outside-collaborators/converting-an-outside-collaborator-to-an-organization-member.md @@ -20,7 +20,7 @@ shortTitle: Convert collaborator to member {% data reusables.enterprise-managed.repo-collaborators-note %} {% ifversion fpt or ghec %} -If your organization is on a paid per-user subscription, an unused license must be available before you can invite a new member to join the organization or reinstate a former organization member. For more information, see "[AUTOTITLE](/billing/managing-the-plan-for-your-github-account/about-per-user-pricing)." {% data reusables.organizations.org-invite-expiration %}{% endif %} +If your organization is on a paid per-user subscription, an unused license must be available before you can invite a new member to join the organization or reinstate a former organization member. For more information, see [AUTOTITLE](/billing/managing-the-plan-for-your-github-account/about-per-user-pricing). {% data reusables.organizations.org-invite-expiration %}{% endif %} If your organization [requires members to use two-factor authentication](/organizations/keeping-your-organization-secure/managing-two-factor-authentication-for-your-organization/requiring-two-factor-authentication-in-your-organization), users {% ifversion fpt or ghec %}you invite must [enable two-factor authentication](/authentication/securing-your-account-with-two-factor-authentication-2fa) before they can accept the invitation.{% else %}must [enable two-factor authentication](/authentication/securing-your-account-with-two-factor-authentication-2fa) before you can add them to the organization.{% endif %} diff --git a/content/organizations/managing-user-access-to-your-organizations-repositories/managing-outside-collaborators/reinstating-a-former-outside-collaborators-access-to-your-organization.md b/content/organizations/managing-user-access-to-your-organizations-repositories/managing-outside-collaborators/reinstating-a-former-outside-collaborators-access-to-your-organization.md index a168260dd0aa..5730956921f0 100644 --- a/content/organizations/managing-user-access-to-your-organizations-repositories/managing-outside-collaborators/reinstating-a-former-outside-collaborators-access-to-your-organization.md +++ b/content/organizations/managing-user-access-to-your-organizations-repositories/managing-outside-collaborators/reinstating-a-former-outside-collaborators-access-to-your-organization.md @@ -33,9 +33,9 @@ When you reinstate a former outside collaborator, you can restore: * Repository subscriptions (notification settings for watching, not watching, or ignoring a repository's activity) > [!TIP] -> * Only organization owners can reinstate outside collaborators' access to an organization.{% ifversion prevent-org-admin-add-outside-collaborator %} Enterprise owners may further restrict the ability to reinstate outside collaborators' access to enterprise owners only.{% endif %} For more information, see "[AUTOTITLE](/organizations/managing-peoples-access-to-your-organization-with-roles/roles-in-an-organization)." +> * Only organization owners can reinstate outside collaborators' access to an organization.{% ifversion prevent-org-admin-add-outside-collaborator %} Enterprise owners may further restrict the ability to reinstate outside collaborators' access to enterprise owners only.{% endif %} For more information, see [AUTOTITLE](/organizations/managing-peoples-access-to-your-organization-with-roles/roles-in-an-organization). > * The reinstating a member flow on {% data variables.location.product_location %} may use the term "member" to describe reinstating an outside collaborator but if you reinstate this person and keep their previous privileges, they will only have their previous [outside collaborator permissions](/organizations/managing-peoples-access-to-your-organization-with-roles/roles-in-an-organization#outside-collaborators).{% ifversion fpt or ghec %} -> * If your organization has a paid per-user subscription, an unused license must be available before you can invite a new member to join the organization or reinstate a former organization member. For more information, see "[AUTOTITLE](/billing/managing-the-plan-for-your-github-account/about-per-user-pricing)."{% endif %} +> * If your organization has a paid per-user subscription, an unused license must be available before you can invite a new member to join the organization or reinstate a former organization member. For more information, see [AUTOTITLE](/billing/managing-the-plan-for-your-github-account/about-per-user-pricing).{% endif %} {% data reusables.profile.access_org %} {% data reusables.user-settings.access_org %} @@ -66,4 +66,4 @@ When you reinstate a former outside collaborator, you can restore: ## Further reading -* "[AUTOTITLE](/organizations/managing-user-access-to-your-organizations-repositories/managing-repository-roles/repository-roles-for-an-organization)" +* [AUTOTITLE](/organizations/managing-user-access-to-your-organizations-repositories/managing-repository-roles/repository-roles-for-an-organization) diff --git a/content/organizations/managing-user-access-to-your-organizations-repositories/managing-outside-collaborators/removing-an-outside-collaborator-from-an-organization-repository.md b/content/organizations/managing-user-access-to-your-organizations-repositories/managing-outside-collaborators/removing-an-outside-collaborator-from-an-organization-repository.md index f7e370ef67df..dd4af86ece29 100644 --- a/content/organizations/managing-user-access-to-your-organizations-repositories/managing-outside-collaborators/removing-an-outside-collaborator-from-an-organization-repository.md +++ b/content/organizations/managing-user-access-to-your-organizations-repositories/managing-outside-collaborators/removing-an-outside-collaborator-from-an-organization-repository.md @@ -21,7 +21,7 @@ shortTitle: Remove collaborator {% ifversion fpt or ghec %} > [!WARNING] -> * When removing an outside collaborator from a private repository, the paid license count does not automatically downgrade. To pay for fewer licenses after removing users from your organization, follow the steps in "[AUTOTITLE](/billing/managing-the-plan-for-your-github-account/downgrading-your-accounts-plan)." +> * When removing an outside collaborator from a private repository, the paid license count does not automatically downgrade. To pay for fewer licenses after removing users from your organization, follow the steps in [AUTOTITLE](/billing/managing-the-plan-for-your-github-account/downgrading-your-accounts-plan). > * You are responsible for ensuring that people who have lost access to a repository delete any confidential information or intellectual property. {% endif %} @@ -57,4 +57,4 @@ If you only want to remove an outside collaborator from certain repositories in 1. To completely remove the outside collaborator's access to the repository, in the upper right corner, click **Remove access to this repository**. 1. To confirm, click **Remove access**. -You can also remove an outside collaborator from a repository in the access overview in your repository settings. For more information, see "[AUTOTITLE](/repositories/managing-your-repositorys-settings-and-features/managing-repository-settings/managing-teams-and-people-with-access-to-your-repository#removing-access-for-a-team-or-person)." +You can also remove an outside collaborator from a repository in the access overview in your repository settings. For more information, see [AUTOTITLE](/repositories/managing-your-repositorys-settings-and-features/managing-repository-settings/managing-teams-and-people-with-access-to-your-repository#removing-access-for-a-team-or-person). diff --git a/content/organizations/managing-user-access-to-your-organizations-repositories/managing-repository-roles/about-custom-repository-roles.md b/content/organizations/managing-user-access-to-your-organizations-repositories/managing-repository-roles/about-custom-repository-roles.md index acbfe7611734..72742a5cff76 100644 --- a/content/organizations/managing-user-access-to-your-organizations-repositories/managing-repository-roles/about-custom-repository-roles.md +++ b/content/organizations/managing-user-access-to-your-organizations-repositories/managing-repository-roles/about-custom-repository-roles.md @@ -17,27 +17,27 @@ redirect_from: To perform any actions on {% data variables.product.product_name %}, such as creating a pull request in a repository or changing an organization's billing settings, a person must have sufficient access to the relevant account or resource. This access is controlled by permissions. A permission is the ability to perform a specific action. For example, the ability to delete an issue is a permission. A role is a set of permissions you can assign to individuals or teams. -Within an organization, you can assign roles at the organization, team, and repository level. For more information about the different levels of roles, see "[AUTOTITLE](/organizations/managing-peoples-access-to-your-organization-with-roles/roles-in-an-organization)." +Within an organization, you can assign roles at the organization, team, and repository level. For more information about the different levels of roles, see [AUTOTITLE](/organizations/managing-peoples-access-to-your-organization-with-roles/roles-in-an-organization). -You can have more granular control over the permissions you grant at the repository level by creating up to {% ifversion authz-increased-custom-repo-roles %}five {% else %}three {% endif %} custom repository roles. {% data reusables.organizations.about-custom-repo-roles %} For more information, see "[AUTOTITLE](/organizations/managing-user-access-to-your-organizations-repositories/managing-repository-roles/managing-custom-repository-roles-for-an-organization)." +You can have more granular control over the permissions you grant at the repository level by creating up to {% ifversion authz-increased-custom-repo-roles %}five {% else %}three {% endif %} custom repository roles. {% data reusables.organizations.about-custom-repo-roles %} For more information, see [AUTOTITLE](/organizations/managing-user-access-to-your-organizations-repositories/managing-repository-roles/managing-custom-repository-roles-for-an-organization). -After you create a custom role, anyone with admin access to a repository can assign the role to an individual or team. For more information, see "[AUTOTITLE](/organizations/managing-user-access-to-your-organizations-repositories/managing-repository-roles/managing-an-individuals-access-to-an-organization-repository)" and "[AUTOTITLE](/organizations/managing-user-access-to-your-organizations-repositories/managing-repository-roles/managing-team-access-to-an-organization-repository)." +After you create a custom role, anyone with admin access to a repository can assign the role to an individual or team. For more information, see [AUTOTITLE](/organizations/managing-user-access-to-your-organizations-repositories/managing-repository-roles/managing-an-individuals-access-to-an-organization-repository) and [AUTOTITLE](/organizations/managing-user-access-to-your-organizations-repositories/managing-repository-roles/managing-team-access-to-an-organization-repository). {% ifversion custom-repo-role-api %} -You can also use the REST API to create and manage custom repository roles. For more information, see "[AUTOTITLE](/rest/orgs/custom-roles)." +You can also use the REST API to create and manage custom repository roles. For more information, see [AUTOTITLE](/rest/orgs/custom-roles). {% endif %} {% ifversion custom-org-roles %} -Custom repository roles manage access to specific repositories in your organization. To {% ifversion org-custom-role-with-repo-permissions %}grant access to all repositories, and to {% endif %}control access to your organization's administration settings, you can use custom organization roles. See "[AUTOTITLE](/organizations/managing-peoples-access-to-your-organization-with-roles/about-custom-organization-roles)." +Custom repository roles manage access to specific repositories in your organization. To {% ifversion org-custom-role-with-repo-permissions %}grant access to all repositories, and to {% endif %}control access to your organization's administration settings, you can use custom organization roles. See [AUTOTITLE](/organizations/managing-peoples-access-to-your-organization-with-roles/about-custom-organization-roles). Custom organization roles differ from repository roles by granting permissions across **all** current and future repositories in the organization. Custom repository roles, however, allow you to grant permissions to **specific** repositories within the organization. {% endif %} ## About the inherited role -When you create a custom repository role, you start by choosing an inherited role from a set of pre-defined options. The inherited role determines the initial set of permissions included in the custom role. Then, you can further customize the role by choosing additional permissions to give the role. For the full list of available permissions, see "[Additional permissions for custom roles](#additional-permissions-for-custom-roles)." +When you create a custom repository role, you start by choosing an inherited role from a set of pre-defined options. The inherited role determines the initial set of permissions included in the custom role. Then, you can further customize the role by choosing additional permissions to give the role. For the full list of available permissions, see [Additional permissions for custom roles](#additional-permissions-for-custom-roles). Your options for the inherited role are standardized for different types of contributors in your repository. diff --git a/content/organizations/managing-user-access-to-your-organizations-repositories/managing-repository-roles/managing-an-individuals-access-to-an-organization-repository.md b/content/organizations/managing-user-access-to-your-organizations-repositories/managing-repository-roles/managing-an-individuals-access-to-an-organization-repository.md index 5c84a15425f4..d730d7f50d00 100644 --- a/content/organizations/managing-user-access-to-your-organizations-repositories/managing-repository-roles/managing-an-individuals-access-to-an-organization-repository.md +++ b/content/organizations/managing-user-access-to-your-organizations-repositories/managing-repository-roles/managing-an-individuals-access-to-an-organization-repository.md @@ -27,9 +27,9 @@ When you remove a collaborator from a repository in your organization, the colla ## Managing an individual's access to an organization repository -You can give a person access to a repository or change a person's level of access to a repository in your repository settings. For more information, see "[AUTOTITLE](/repositories/managing-your-repositorys-settings-and-features/managing-repository-settings/managing-teams-and-people-with-access-to-your-repository)." +You can give a person access to a repository or change a person's level of access to a repository in your repository settings. For more information, see [AUTOTITLE](/repositories/managing-your-repositorys-settings-and-features/managing-repository-settings/managing-teams-and-people-with-access-to-your-repository). ## Further reading -{% ifversion fpt or ghec %}- "[AUTOTITLE](/communities/moderating-comments-and-conversations/limiting-interactions-in-your-repository)"{% endif %} -* "[AUTOTITLE](/organizations/managing-user-access-to-your-organizations-repositories/managing-repository-roles/repository-roles-for-an-organization)" +{% ifversion fpt or ghec %}- [AUTOTITLE](/communities/moderating-comments-and-conversations/limiting-interactions-in-your-repository){% endif %} +* [AUTOTITLE](/organizations/managing-user-access-to-your-organizations-repositories/managing-repository-roles/repository-roles-for-an-organization) diff --git a/content/organizations/managing-user-access-to-your-organizations-repositories/managing-repository-roles/managing-custom-repository-roles-for-an-organization.md b/content/organizations/managing-user-access-to-your-organizations-repositories/managing-repository-roles/managing-custom-repository-roles-for-an-organization.md index 387151dd8425..7a3879de291e 100644 --- a/content/organizations/managing-user-access-to-your-organizations-repositories/managing-repository-roles/managing-custom-repository-roles-for-an-organization.md +++ b/content/organizations/managing-user-access-to-your-organizations-repositories/managing-repository-roles/managing-custom-repository-roles-for-an-organization.md @@ -17,7 +17,7 @@ redirect_from: ## About custom repository roles -{% data reusables.organizations.about-custom-repo-roles %} For more information, see "[AUTOTITLE](/organizations/managing-user-access-to-your-organizations-repositories/managing-repository-roles/about-custom-repository-roles)." +{% data reusables.organizations.about-custom-repo-roles %} For more information, see [AUTOTITLE](/organizations/managing-user-access-to-your-organizations-repositories/managing-repository-roles/about-custom-repository-roles). ## Creating a repository role diff --git a/content/organizations/managing-user-access-to-your-organizations-repositories/managing-repository-roles/managing-team-access-to-an-organization-repository.md b/content/organizations/managing-user-access-to-your-organizations-repositories/managing-repository-roles/managing-team-access-to-an-organization-repository.md index 3f2a9d62e7d1..b532ed7365ea 100644 --- a/content/organizations/managing-user-access-to-your-organizations-repositories/managing-repository-roles/managing-team-access-to-an-organization-repository.md +++ b/content/organizations/managing-user-access-to-your-organizations-repositories/managing-repository-roles/managing-team-access-to-an-organization-repository.md @@ -21,15 +21,15 @@ People with admin access to a repository can manage team access to the repositor > [!WARNING] > * You can change a team's permission level if the team has direct access to a repository. If the team's access to the repository is inherited from a parent team, you must change the parent team's access to the repository. -> * If you add or remove repository access for a parent team, each of that parent's child teams will also receive or lose access to the repository. For more information, see "[AUTOTITLE](/organizations/organizing-members-into-teams/about-teams)." +> * If you add or remove repository access for a parent team, each of that parent's child teams will also receive or lose access to the repository. For more information, see [AUTOTITLE](/organizations/organizing-members-into-teams/about-teams). ## Giving a team access to a repository -You can give a team access to a repository or change a team's level of access to a repository in your repository settings. For more information, see "[AUTOTITLE](/repositories/managing-your-repositorys-settings-and-features/managing-repository-settings/managing-teams-and-people-with-access-to-your-repository#inviting-a-team-or-person)." +You can give a team access to a repository or change a team's level of access to a repository in your repository settings. For more information, see [AUTOTITLE](/repositories/managing-your-repositorys-settings-and-features/managing-repository-settings/managing-teams-and-people-with-access-to-your-repository#inviting-a-team-or-person). ## Removing a team's access to a repository -You can remove a team's access to an organization repository in your repository settings. For more information, see "[AUTOTITLE](/repositories/managing-your-repositorys-settings-and-features/managing-repository-settings/managing-teams-and-people-with-access-to-your-repository#removing-access-for-a-team-or-person)." +You can remove a team's access to an organization repository in your repository settings. For more information, see [AUTOTITLE](/repositories/managing-your-repositorys-settings-and-features/managing-repository-settings/managing-teams-and-people-with-access-to-your-repository#removing-access-for-a-team-or-person). If a team has direct access to a repository, you can remove that team's access to the repository. If a team's access to the repository is inherited from a parent team, you must remove the repository from the parent team in order to remove the repository from child teams. @@ -37,4 +37,4 @@ If a team has direct access to a repository, you can remove that team's access t ## Further reading -* "[AUTOTITLE](/organizations/managing-user-access-to-your-organizations-repositories/managing-repository-roles/repository-roles-for-an-organization)" +* [AUTOTITLE](/organizations/managing-user-access-to-your-organizations-repositories/managing-repository-roles/repository-roles-for-an-organization) diff --git a/content/organizations/managing-user-access-to-your-organizations-repositories/managing-repository-roles/repository-roles-for-an-organization.md b/content/organizations/managing-user-access-to-your-organizations-repositories/managing-repository-roles/repository-roles-for-an-organization.md index ead662e282b8..b53a7cc60334 100644 --- a/content/organizations/managing-user-access-to-your-organizations-repositories/managing-repository-roles/repository-roles-for-an-organization.md +++ b/content/organizations/managing-user-access-to-your-organizations-repositories/managing-repository-roles/repository-roles-for-an-organization.md @@ -30,16 +30,16 @@ From least access to most access, the roles for an organization repository are: * **Admin:** Recommended for people who need full access to the project, including sensitive and destructive actions like managing security or deleting a repository {% ifversion fpt %} -If your organization uses {% data variables.product.prodname_ghe_cloud %}, you can create custom repository roles. For more information, see "[AUTOTITLE](/enterprise-cloud@latest/organizations/managing-user-access-to-your-organizations-repositories/managing-repository-roles/managing-custom-repository-roles-for-an-organization)" in the {% data variables.product.prodname_ghe_cloud %} documentation. +If your organization uses {% data variables.product.prodname_ghe_cloud %}, you can create custom repository roles. For more information, see [AUTOTITLE](/enterprise-cloud@latest/organizations/managing-user-access-to-your-organizations-repositories/managing-repository-roles/managing-custom-repository-roles-for-an-organization) in the {% data variables.product.prodname_ghe_cloud %} documentation. {% elsif ghec or ghes %} -You can create custom repository roles. For more information, see "[AUTOTITLE](/organizations/managing-user-access-to-your-organizations-repositories/managing-repository-roles/managing-custom-repository-roles-for-an-organization)." +You can create custom repository roles. For more information, see [AUTOTITLE](/organizations/managing-user-access-to-your-organizations-repositories/managing-repository-roles/managing-custom-repository-roles-for-an-organization). {% endif %} -Organization owners can set base permissions that apply to all members of an organization when accessing any of the organization's repositories. For more information, see "[AUTOTITLE](/organizations/managing-user-access-to-your-organizations-repositories/managing-repository-roles/setting-base-permissions-for-an-organization#setting-base-permissions)." +Organization owners can set base permissions that apply to all members of an organization when accessing any of the organization's repositories. For more information, see [AUTOTITLE](/organizations/managing-user-access-to-your-organizations-repositories/managing-repository-roles/setting-base-permissions-for-an-organization#setting-base-permissions). -Organization owners can also choose to further limit access to certain settings and actions across the organization. For more information on options for specific settings, see "[AUTOTITLE](/organizations/managing-organization-settings)." +Organization owners can also choose to further limit access to certain settings and actions across the organization. For more information on options for specific settings, see [AUTOTITLE](/organizations/managing-organization-settings). -In addition to managing organization-level settings, organization owners have admin access to every repository owned by the organization. For more information, see "[AUTOTITLE](/organizations/managing-peoples-access-to-your-organization-with-roles/roles-in-an-organization)." +In addition to managing organization-level settings, organization owners have admin access to every repository owned by the organization. For more information, see [AUTOTITLE](/organizations/managing-peoples-access-to-your-organization-with-roles/roles-in-an-organization). > [!WARNING] > When someone adds a deploy key to a repository, any user who has the private key can read from or write to the repository (depending on the key settings), even if they're later removed from the organization. @@ -51,7 +51,7 @@ Some of the features listed below are limited to organizations using {% data var {% endif %} > [!NOTE] -> The roles required to use security features are listed in "[Access requirements for security features](#access-requirements-for-security-features)" below. +> The roles required to use security features are listed in [Access requirements for security features](#access-requirements-for-security-features) below. {% rowheaders %} @@ -90,7 +90,7 @@ Some of the features listed below are limited to organizations using {% data var | Push to (write) the person or team's assigned repositories | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "check" aria-label="Yes" %} | {% octicon "check" aria-label="Yes" %} | {% octicon "check" aria-label="Yes" %} | | Edit and delete anyone's comments on commits, pull requests, and issues | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "check" aria-label="Yes" %} | {% octicon "check" aria-label="Yes" %} | {% octicon "check" aria-label="Yes" %} | | [Hide anyone's comments](/communities/moderating-comments-and-conversations/managing-disruptive-comments) | {% octicon "x" aria-label="No" %} | {% ifversion discussions-moderators-control-who-can-report %}{% octicon "check" aria-label="Yes" %}{% endif %} | {% octicon "check" aria-label="Yes" %} | {% octicon "check" aria-label="Yes" %} | {% octicon "check" aria-label="Yes" %} || [Lock conversations](/communities/moderating-comments-and-conversations/locking-conversations) | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "check" aria-label="Yes" %} | {% octicon "check" aria-label="Yes" %} | {% octicon "check" aria-label="Yes" %} | -| Transfer issues (see "[AUTOTITLE](/issues/tracking-your-work-with-issues/transferring-an-issue-to-another-repository)" for details) | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "check" aria-label="Yes" %} | {% octicon "check" aria-label="Yes" %} | {% octicon "check" aria-label="Yes" %} | +| Transfer issues (see [AUTOTITLE](/issues/tracking-your-work-with-issues/transferring-an-issue-to-another-repository) for details) | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "check" aria-label="Yes" %} | {% octicon "check" aria-label="Yes" %} | {% octicon "check" aria-label="Yes" %} | | [Act as a designated code owner for a repository](/repositories/managing-your-repositorys-settings-and-features/customizing-your-repository/about-code-owners) | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "check" aria-label="Yes" %} | {% octicon "check" aria-label="Yes" %} | {% octicon "check" aria-label="Yes" %} | | [Mark a draft pull request as ready for review](/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/changing-the-stage-of-a-pull-request) | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "check" aria-label="Yes" %} | {% octicon "check" aria-label="Yes" %} | {% octicon "check" aria-label="Yes" %} | | [Convert a pull request to a draft](/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/changing-the-stage-of-a-pull-request) | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "check" aria-label="Yes" %} | {% octicon "check" aria-label="Yes" %} | {% octicon "check" aria-label="Yes" %} | @@ -130,26 +130,26 @@ Some of the features listed below are limited to organizations using {% data var | {% ifversion fpt or ghec %} | | Limit [interactions in a repository](/communities/moderating-comments-and-conversations/limiting-interactions-in-your-repository)| {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "check" aria-label="Yes" %} | {% octicon "check" aria-label="Yes" %} | | {% endif %} | -| Delete an issue (see "[AUTOTITLE](/issues/tracking-your-work-with-issues/deleting-an-issue)") | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "check" aria-label="Yes" %} | +| Delete an issue (see [AUTOTITLE](/issues/tracking-your-work-with-issues/deleting-an-issue)) | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "check" aria-label="Yes" %} | | [Define code owners for a repository](/repositories/managing-your-repositorys-settings-and-features/customizing-your-repository/about-code-owners) | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "check" aria-label="Yes" %} | {% octicon "check" aria-label="Yes" %} | {% octicon "check" aria-label="Yes" %} | -| Add a repository to a team (see "[AUTOTITLE](/organizations/managing-user-access-to-your-organizations-repositories/managing-team-access-to-an-organization-repository#giving-a-team-access-to-a-repository)" for details) | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "check" aria-label="Yes" %} | +| Add a repository to a team (see [AUTOTITLE](/organizations/managing-user-access-to-your-organizations-repositories/managing-team-access-to-an-organization-repository#giving-a-team-access-to-a-repository) for details) | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "check" aria-label="Yes" %} | | [Manage outside collaborator access to a repository](/organizations/managing-user-access-to-your-organizations-repositories/managing-outside-collaborators/adding-outside-collaborators-to-repositories-in-your-organization) | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "check" aria-label="Yes" %} | | [Change a repository's visibility](/organizations/managing-organization-settings/restricting-repository-visibility-changes-in-your-organization) | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "check" aria-label="Yes" %} | -| Make a repository a template (see "[AUTOTITLE](/repositories/creating-and-managing-repositories/creating-a-template-repository)") | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "check" aria-label="Yes" %} | +| Make a repository a template (see [AUTOTITLE](/repositories/creating-and-managing-repositories/creating-a-template-repository)) | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "check" aria-label="Yes" %} | | Change a repository's settings | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "check" aria-label="Yes" %} | | Manage team and collaborator access to the repository | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "check" aria-label="Yes" %} | | Edit the repository's default branch | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "check" aria-label="Yes" %} | -| Rename the repository's default branch (see "[AUTOTITLE](/repositories/configuring-branches-and-merges-in-your-repository/managing-branches-in-your-repository/renaming-a-branch)") | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "check" aria-label="Yes" %} | -| Rename a branch other than the repository's default branch (see "[AUTOTITLE](/repositories/configuring-branches-and-merges-in-your-repository/managing-branches-in-your-repository/renaming-a-branch)") | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "check" aria-label="Yes" %} | {% octicon "check" aria-label="Yes" %} | {% octicon "check" aria-label="Yes" %} | +| Rename the repository's default branch (see [AUTOTITLE](/repositories/configuring-branches-and-merges-in-your-repository/managing-branches-in-your-repository/renaming-a-branch)) | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "check" aria-label="Yes" %} | +| Rename a branch other than the repository's default branch (see [AUTOTITLE](/repositories/configuring-branches-and-merges-in-your-repository/managing-branches-in-your-repository/renaming-a-branch)) | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "check" aria-label="Yes" %} | {% octicon "check" aria-label="Yes" %} | {% octicon "check" aria-label="Yes" %} | | Manage webhooks and deploy keys | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "check" aria-label="Yes" %} | | [Manage the forking policy for a repository](/repositories/managing-your-repositorys-settings-and-features/managing-repository-settings/managing-the-forking-policy-for-your-repository) | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "check" aria-label="Yes" %} | | [Transfer repositories into the organization](/organizations/managing-organization-settings/restricting-repository-creation-in-your-organization) | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "check" aria-label="Yes" %} | | [Delete or transfer repositories out of the organization](/organizations/managing-organization-settings/setting-permissions-for-deleting-or-transferring-repositories) | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "check" aria-label="Yes" %} | | [Archive repositories](/repositories/archiving-a-github-repository/archiving-repositories) | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "check" aria-label="Yes" %} | | {% ifversion fpt or ghec %} | -| Display a sponsor button (see "[AUTOTITLE](/repositories/managing-your-repositorys-settings-and-features/customizing-your-repository/displaying-a-sponsor-button-in-your-repository)") | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "check" aria-label="Yes" %} | +| Display a sponsor button (see [AUTOTITLE](/repositories/managing-your-repositorys-settings-and-features/customizing-your-repository/displaying-a-sponsor-button-in-your-repository)) | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "check" aria-label="Yes" %} | | {% endif %} | -| Create autolink references to external resources, like Jira or Zendesk (see "[AUTOTITLE](/repositories/managing-your-repositorys-settings-and-features/managing-repository-settings/configuring-autolinks-to-reference-external-resources)") | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "check" aria-label="Yes" %} | +| Create autolink references to external resources, like Jira or Zendesk (see [AUTOTITLE](/repositories/managing-your-repositorys-settings-and-features/managing-repository-settings/configuring-autolinks-to-reference-external-resources)) | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "check" aria-label="Yes" %} | | [Enable {% data variables.product.prodname_discussions %}](/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/enabling-or-disabling-github-discussions-for-a-repository) in a repository | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "check" aria-label="Yes" %} | {% octicon "check" aria-label="Yes" %} | | [Create and edit categories](/discussions/managing-discussions-for-your-community/managing-categories-for-discussions) for {% data variables.product.prodname_discussions %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "check" aria-label="Yes" %} | {% octicon "check" aria-label="Yes" %} | {% octicon "check" aria-label="Yes" %} | | [Move a discussion to a different category](/discussions/managing-discussions-for-your-community/managing-discussions) | {% octicon "x" aria-label="No" %} | {% ifversion discussions-moderators-control-who-can-report %}{% octicon "check" aria-label="Yes" %}{% endif %} | {% octicon "check" aria-label="Yes" %} | {% octicon "check" aria-label="Yes" %} | {% octicon "check" aria-label="Yes" %} || [Transfer a discussion](/discussions/managing-discussions-for-your-community/managing-discussions) to a new repository| {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "check" aria-label="Yes" %} | {% octicon "check" aria-label="Yes" %} | {% octicon "check" aria-label="Yes" %} | @@ -185,7 +185,7 @@ In this section, you can find the access required for security features, such as | {% endif %} | | {% ifversion fpt or ghec %} | | Create [security advisories](/code-security/security-advisories/working-with-repository-security-advisories/about-repository-security-advisories) | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "check" aria-label="Yes" %} |{% endif %}{% ifversion ghes or ghec %} -| Manage access to {% data variables.product.prodname_GH_advanced_security %} features (see "[AUTOTITLE](/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-security-and-analysis-settings-for-your-organization)") | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "check" aria-label="Yes" %} |{% endif %}{% ifversion fpt or ghec %} +| Manage access to {% data variables.product.prodname_GH_advanced_security %} features (see [AUTOTITLE](/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-security-and-analysis-settings-for-your-organization)) | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "check" aria-label="Yes" %} |{% endif %}{% ifversion fpt or ghec %} | [Enable the dependency graph](/code-security/supply-chain-security/understanding-your-software-supply-chain/exploring-the-dependencies-of-a-repository) for a private repository | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "check" aria-label="Yes" %} | | {% endif %} | | {% ifversion ghes or ghec %} | @@ -204,6 +204,6 @@ In this section, you can find the access required for security features, such as ## Further reading -* "[AUTOTITLE](/organizations/managing-user-access-to-your-organizations-repositories)" -* "[AUTOTITLE](/organizations/managing-user-access-to-your-organizations-repositories/managing-outside-collaborators/adding-outside-collaborators-to-repositories-in-your-organization)"{% ifversion projects-v1 %} -* "[AUTOTITLE](/organizations/managing-access-to-your-organizations-project-boards/project-board-permissions-for-an-organization)"{% endif %} +* [AUTOTITLE](/organizations/managing-user-access-to-your-organizations-repositories) +* [AUTOTITLE](/organizations/managing-user-access-to-your-organizations-repositories/managing-outside-collaborators/adding-outside-collaborators-to-repositories-in-your-organization){% ifversion projects-v1 %} +* [AUTOTITLE](/organizations/managing-access-to-your-organizations-project-boards/project-board-permissions-for-an-organization){% endif %} diff --git a/content/organizations/managing-user-access-to-your-organizations-repositories/managing-repository-roles/setting-base-permissions-for-an-organization.md b/content/organizations/managing-user-access-to-your-organizations-repositories/managing-repository-roles/setting-base-permissions-for-an-organization.md index b524ecac01b6..b4d697d4f463 100644 --- a/content/organizations/managing-user-access-to-your-organizations-repositories/managing-repository-roles/setting-base-permissions-for-an-organization.md +++ b/content/organizations/managing-user-access-to-your-organizations-repositories/managing-repository-roles/setting-base-permissions-for-an-organization.md @@ -25,7 +25,7 @@ You can set base permissions that apply to all members of an organization when a If someone with admin access to an organization's repository grants a member a higher level of access for the repository, the higher level of access overrides the base permission. {% ifversion custom-repository-roles %} -If you've created a custom repository role with an inherited role that is lower access than your organization's base permissions, any members assigned to that role will default to the organization's base permissions rather than the inherited role. For more information, see "[AUTOTITLE](/organizations/managing-user-access-to-your-organizations-repositories/managing-repository-roles/managing-custom-repository-roles-for-an-organization)." +If you've created a custom repository role with an inherited role that is lower access than your organization's base permissions, any members assigned to that role will default to the organization's base permissions rather than the inherited role. For more information, see [AUTOTITLE](/organizations/managing-user-access-to-your-organizations-repositories/managing-repository-roles/managing-custom-repository-roles-for-an-organization). {% endif %} > [!NOTE] @@ -42,5 +42,5 @@ If you've created a custom repository role with an inherited role that is lower ## Further reading -* "[AUTOTITLE](/organizations/managing-user-access-to-your-organizations-repositories/managing-repository-roles/repository-roles-for-an-organization)" -* "[AUTOTITLE](/organizations/managing-user-access-to-your-organizations-repositories/managing-outside-collaborators/adding-outside-collaborators-to-repositories-in-your-organization)" +* [AUTOTITLE](/organizations/managing-user-access-to-your-organizations-repositories/managing-repository-roles/repository-roles-for-an-organization) +* [AUTOTITLE](/organizations/managing-user-access-to-your-organizations-repositories/managing-outside-collaborators/adding-outside-collaborators-to-repositories-in-your-organization) diff --git a/content/organizations/managing-user-access-to-your-organizations-repositories/managing-repository-roles/viewing-people-with-access-to-your-repository.md b/content/organizations/managing-user-access-to-your-organizations-repositories/managing-repository-roles/viewing-people-with-access-to-your-repository.md index e93680417c54..52d6bdf63579 100644 --- a/content/organizations/managing-user-access-to-your-organizations-repositories/managing-repository-roles/viewing-people-with-access-to-your-repository.md +++ b/content/organizations/managing-user-access-to-your-organizations-repositories/managing-repository-roles/viewing-people-with-access-to-your-repository.md @@ -27,7 +27,7 @@ Organizations that use {% data variables.product.prodname_ghe_cloud %} can also ## Viewing people with access to your repository -You can see a combined overview of teams and people with access to your repository in your repository settings. For more information, see "[AUTOTITLE](/repositories/managing-your-repositorys-settings-and-features/managing-repository-settings/managing-teams-and-people-with-access-to-your-repository#about-access-management-for-repositories)." +You can see a combined overview of teams and people with access to your repository in your repository settings. For more information, see [AUTOTITLE](/repositories/managing-your-repositorys-settings-and-features/managing-repository-settings/managing-teams-and-people-with-access-to-your-repository#about-access-management-for-repositories). {% ifversion ghec or ghes %} diff --git a/content/organizations/migrating-to-improved-organization-permissions/converting-an-admin-team-to-improved-organization-permissions.md b/content/organizations/migrating-to-improved-organization-permissions/converting-an-admin-team-to-improved-organization-permissions.md index 874a7d050208..d271cd593b16 100644 --- a/content/organizations/migrating-to-improved-organization-permissions/converting-an-admin-team-to-improved-organization-permissions.md +++ b/content/organizations/migrating-to-improved-organization-permissions/converting-an-admin-team-to-improved-organization-permissions.md @@ -17,7 +17,7 @@ shortTitle: Convert admin team You can remove the ability for members of legacy admin teams to create repositories by creating a new team for these members, ensuring that the team has necessary access to the organization's repositories, then deleting the legacy admin team. -For more information, see "[AUTOTITLE](/organizations/managing-user-access-to-your-organizations-repositories/managing-repository-roles/repository-roles-for-an-organization)." +For more information, see [AUTOTITLE](/organizations/managing-user-access-to-your-organizations-repositories/managing-repository-roles/repository-roles-for-an-organization). > [!WARNING] > * If there are members of your legacy Admin team who are not members of other teams, deleting the team will remove those members from the organization. Before deleting the team, ensure members are already direct members of the organization, or have collaborator access to necessary repositories. diff --git a/content/organizations/migrating-to-improved-organization-permissions/converting-an-owners-team-to-improved-organization-permissions.md b/content/organizations/migrating-to-improved-organization-permissions/converting-an-owners-team-to-improved-organization-permissions.md index c8caf05f5ead..449a83879ba4 100644 --- a/content/organizations/migrating-to-improved-organization-permissions/converting-an-owners-team-to-improved-organization-permissions.md +++ b/content/organizations/migrating-to-improved-organization-permissions/converting-an-owners-team-to-improved-organization-permissions.md @@ -24,7 +24,7 @@ You have a few options to convert your legacy Owners team: ## Give the Owners team a new name > [!NOTE] -> Because "admin" is a term for organization members with specific access to certain repositories in the organization, we recommend you avoid that term in any team name you decide on. For more information, see "[AUTOTITLE](/organizations/managing-user-access-to-your-organizations-repositories/managing-repository-roles/repository-roles-for-an-organization)." +> Because "admin" is a term for organization members with specific access to certain repositories in the organization, we recommend you avoid that term in any team name you decide on. For more information, see [AUTOTITLE](/organizations/managing-user-access-to-your-organizations-repositories/managing-repository-roles/repository-roles-for-an-organization). {% data reusables.profile.access_org %} {% data reusables.user-settings.access_org %} @@ -34,7 +34,7 @@ You have a few options to convert your legacy Owners team: * If very few members of your organization were members of the Owners team, you might name the team "Core". * If all members of your organization were members of the Owners team so that they could [@mention teams](/get-started/writing-on-github/getting-started-with-writing-and-formatting-on-github/basic-writing-and-formatting-syntax#mentioning-people-and-teams), you might name the team "Employees". 1. Under the team description, click **Save and continue**. -1. Optionally, make the team public. For more information, see "[AUTOTITLE](/organizations/organizing-members-into-teams/changing-team-visibility)." +1. Optionally, make the team public. For more information, see [AUTOTITLE](/organizations/organizing-members-into-teams/changing-team-visibility). ## Delete the legacy Owners team diff --git a/content/organizations/migrating-to-improved-organization-permissions/migrating-admin-teams-to-improved-organization-permissions.md b/content/organizations/migrating-to-improved-organization-permissions/migrating-admin-teams-to-improved-organization-permissions.md index ef1d5c1b9070..d67f970d7068 100644 --- a/content/organizations/migrating-to-improved-organization-permissions/migrating-admin-teams-to-improved-organization-permissions.md +++ b/content/organizations/migrating-to-improved-organization-permissions/migrating-admin-teams-to-improved-organization-permissions.md @@ -23,7 +23,7 @@ Legacy admin teams are teams that were created with the admin permission level u You can remove this ability by migrating your legacy admin teams to the improved organization permissions. -For more information, see "[AUTOTITLE](/organizations/managing-user-access-to-your-organizations-repositories/managing-repository-roles/repository-roles-for-an-organization)." +For more information, see [AUTOTITLE](/organizations/managing-user-access-to-your-organizations-repositories/managing-repository-roles/repository-roles-for-an-organization). > [!WARNING] > If your organization has disabled [repository creation permissions](/organizations/managing-organization-settings/restricting-repository-creation-in-your-organization) for all members, some members of legacy admin teams may lose repository creation permissions. If your organization has enabled member repository creation, migrating legacy admin teams to improved organization permissions will not affect team members' ability to create repositories. diff --git a/content/organizations/organizing-members-into-teams/about-teams.md b/content/organizations/organizing-members-into-teams/about-teams.md index 40067395ef65..96393171ed05 100644 --- a/content/organizations/organizing-members-into-teams/about-teams.md +++ b/content/organizations/organizing-members-into-teams/about-teams.md @@ -17,18 +17,18 @@ topics: You can use teams to manage access for people in an organization, and for sending notifications. Organization owners and team maintainers can give teams admin, read, or write access to organization repositories. Organization members can send a notification to an entire team by mentioning the team's name. Teams can only be made up of members of your organization, outside collaborators are unable to be on a team. -{% ifversion team-mentions-setting %}Organization owners and team maintainers can disable team notifications. For more information, see "[AUTOTITLE](/organizations/organizing-members-into-teams/configuring-team-notifications)."{% endif %} +{% ifversion team-mentions-setting %}Organization owners and team maintainers can disable team notifications. For more information, see [AUTOTITLE](/organizations/organizing-members-into-teams/configuring-team-notifications).{% endif %} Organization members can also send a notification to an entire team by requesting a review from that team. Organization members can request reviews from specific teams with read access to the repository where the pull request is opened. Teams can be designated as owners of certain types or areas of code in a CODEOWNERS file. For more information, see: -* "[AUTOTITLE](/organizations/managing-user-access-to-your-organizations-repositories/managing-repository-roles/managing-team-access-to-an-organization-repository)" -* "[AUTOTITLE](/get-started/writing-on-github/getting-started-with-writing-and-formatting-on-github/basic-writing-and-formatting-syntax#mentioning-people-and-teams)" -* "[AUTOTITLE](/repositories/managing-your-repositorys-settings-and-features/customizing-your-repository/about-code-owners)" +* [AUTOTITLE](/organizations/managing-user-access-to-your-organizations-repositories/managing-repository-roles/managing-team-access-to-an-organization-repository) +* [AUTOTITLE](/get-started/writing-on-github/getting-started-with-writing-and-formatting-on-github/basic-writing-and-formatting-syntax#mentioning-people-and-teams) +* [AUTOTITLE](/repositories/managing-your-repositorys-settings-and-features/customizing-your-repository/about-code-owners) {% ifversion ghes %} -You can also use LDAP Sync to synchronize {% data variables.location.product_location %} team members and team roles against your established LDAP groups. This lets you establish role-based access control for users from your LDAP server instead of manually within {% data variables.location.product_location %}. For more information, see "[AUTOTITLE](/admin/identity-and-access-management/using-ldap-for-enterprise-iam/using-ldap#enabling-ldap-sync)." +You can also use LDAP Sync to synchronize {% data variables.location.product_location %} team members and team roles against your established LDAP groups. This lets you establish role-based access control for users from your LDAP server instead of manually within {% data variables.location.product_location %}. For more information, see [AUTOTITLE](/admin/identity-and-access-management/using-ldap-for-enterprise-iam/using-ldap#enabling-ldap-sync). {% endif %} @@ -38,14 +38,14 @@ You can also use LDAP Sync to synchronize {% data variables.location.product_loc {% data reusables.organizations.types-of-team-visibility %} -You can view all the teams you belong to on your personal dashboard. For more information, see "[AUTOTITLE](/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-personal-account-settings/about-your-personal-dashboard#finding-your-top-repositories-and-teams)." +You can view all the teams you belong to on your personal dashboard. For more information, see [AUTOTITLE](/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-personal-account-settings/about-your-personal-dashboard#finding-your-top-repositories-and-teams). ## Team pages Each team has its own page within an organization. On a team's page, you can view team members, child teams, and the team's repositories. Organization owners and team maintainers can access team settings and update the team's description and profile picture from the team's page. {% ifversion team-discussions %} -Organization members can create and participate in discussions with the team. For more information, see "[AUTOTITLE](/organizations/collaborating-with-your-team/about-team-discussions)." +Organization members can create and participate in discussions with the team. For more information, see [AUTOTITLE](/organizations/collaborating-with-your-team/about-team-discussions). {% else %} {% data reusables.organizations.team-discussions-deprecation %} {% endif %} @@ -60,7 +60,7 @@ For example, if your team structure is Employees > Engineering > Application Eng To easily understand who shares a parent team's permissions and mentions, you can see all of the members of a parent team's child teams on the Members tab of the parent team's page. Members of a child team are not direct members of the parent team. -You can choose a parent when you create the team, or you can move a team in your organization's hierarchy later. For more information see, "[AUTOTITLE](/organizations/organizing-members-into-teams/moving-a-team-in-your-organizations-hierarchy)." +You can choose a parent when you create the team, or you can move a team in your organization's hierarchy later. For more information see, [AUTOTITLE](/organizations/organizing-members-into-teams/moving-a-team-in-your-organizations-hierarchy). {% data reusables.enterprise_user_management.ldap-sync-nested-teams %} @@ -77,5 +77,5 @@ At the top of the team hierarchy, you should give parent teams repository access ## Further reading -* "[AUTOTITLE](/organizations/organizing-members-into-teams/creating-a-team)" -* "[AUTOTITLE](/organizations/organizing-members-into-teams/adding-organization-members-to-a-team)" +* [AUTOTITLE](/organizations/organizing-members-into-teams/creating-a-team) +* [AUTOTITLE](/organizations/organizing-members-into-teams/adding-organization-members-to-a-team) diff --git a/content/organizations/organizing-members-into-teams/adding-organization-members-to-a-team.md b/content/organizations/organizing-members-into-teams/adding-organization-members-to-a-team.md index b382e81644e5..19ab2716e781 100644 --- a/content/organizations/organizing-members-into-teams/adding-organization-members-to-a-team.md +++ b/content/organizations/organizing-members-into-teams/adding-organization-members-to-a-team.md @@ -43,9 +43,9 @@ shortTitle: Add members to a team ## Mapping teams to LDAP groups (for instances using LDAP Sync for user authentication) -You can create a team with LDAP Sync enabled. See "[AUTOTITLE](/organizations/organizing-members-into-teams/creating-a-team#creating-teams-with-ldap-sync-enabled)." +You can create a team with LDAP Sync enabled. See [AUTOTITLE](/organizations/organizing-members-into-teams/creating-a-team#creating-teams-with-ldap-sync-enabled). -A team that's synced to an LDAP group is indicated with a special LDAP badge. The member list for an LDAP synced team can only be managed from the LDAP group it's mapped to. See "[AUTOTITLE](/admin/identity-and-access-management/using-ldap-for-enterprise-iam/using-ldap#enabling-ldap-sync)." +A team that's synced to an LDAP group is indicated with a special LDAP badge. The member list for an LDAP synced team can only be managed from the LDAP group it's mapped to. See [AUTOTITLE](/admin/identity-and-access-management/using-ldap-for-enterprise-iam/using-ldap#enabling-ldap-sync). To add a new member to a team synced to an LDAP group, add the user as a member of the LDAP group, or contact your LDAP administrator. @@ -53,4 +53,4 @@ To add a new member to a team synced to an LDAP group, add the user as a member ## Further reading -* "[AUTOTITLE](/organizations/managing-user-access-to-your-organizations-repositories/managing-repository-roles/managing-team-access-to-an-organization-repository)" +* [AUTOTITLE](/organizations/managing-user-access-to-your-organizations-repositories/managing-repository-roles/managing-team-access-to-an-organization-repository) diff --git a/content/organizations/organizing-members-into-teams/assigning-the-team-maintainer-role-to-a-team-member.md b/content/organizations/organizing-members-into-teams/assigning-the-team-maintainer-role-to-a-team-member.md index 95a34ea377bd..5a0f99232c62 100644 --- a/content/organizations/organizing-members-into-teams/assigning-the-team-maintainer-role-to-a-team-member.md +++ b/content/organizations/organizing-members-into-teams/assigning-the-team-maintainer-role-to-a-team-member.md @@ -37,7 +37,7 @@ People with the team maintainer role can manage team membership and settings. {% ifversion ghec %} > [!NOTE] -> If your enterprise uses {% data variables.enterprise.prodname_managed_users %} and manages a team's membership with an identity provider (IdP) group, you cannot assign the team maintainer role manually for that team. For more information, see "[AUTOTITLE](/admin/identity-and-access-management/using-enterprise-managed-users-for-iam/managing-team-memberships-with-identity-provider-groups)." +> If your enterprise uses {% data variables.enterprise.prodname_managed_users %} and manages a team's membership with an identity provider (IdP) group, you cannot assign the team maintainer role manually for that team. For more information, see [AUTOTITLE](/admin/identity-and-access-management/using-enterprise-managed-users-for-iam/managing-team-memberships-with-identity-provider-groups). {% endif %} diff --git a/content/organizations/organizing-members-into-teams/creating-a-team.md b/content/organizations/organizing-members-into-teams/creating-a-team.md index d7756ab445bd..fe807daedd30 100644 --- a/content/organizations/organizing-members-into-teams/creating-a-team.md +++ b/content/organizations/organizing-members-into-teams/creating-a-team.md @@ -12,7 +12,7 @@ versions: fpt: '*' ghes: '*' ghec: '*' -permissions: 'Organization owners can create teams and can control whether all organization members can also create teams. For more information, see "[AUTOTITLE](/organizations/managing-organization-settings/setting-team-creation-permissions-in-your-organization)."' +permissions: 'Organization owners can create teams and can control whether all organization members can also create teams. For more information, see [AUTOTITLE](/organizations/managing-organization-settings/setting-team-creation-permissions-in-your-organization).' topics: - Organizations - Teams @@ -34,19 +34,19 @@ topics: {% data reusables.organizations.create-team-choose-parent %} {% ifversion ghec %} 1. Optionally, if your organization or enterprise account uses team synchronization or your enterprise uses {% data variables.product.prodname_emus %}, connect an identity provider group to your team. - * If your enterprise uses {% data variables.product.prodname_emus %}, use the "Identity Provider Groups" drop-down menu, and select a single identity provider group to connect to the new team. For more information, "[AUTOTITLE](/enterprise-cloud@latest/admin/identity-and-access-management/using-enterprise-managed-users-for-iam/managing-team-memberships-with-identity-provider-groups)." - * If your organization or enterprise account uses team synchronization, under "Identity Provider Groups," select the **Select Groups** dropdown menu, and click up to five identity provider groups to connect to the new team. For more information, see "[AUTOTITLE](/organizations/organizing-members-into-teams/synchronizing-a-team-with-an-identity-provider-group)." + * If your enterprise uses {% data variables.product.prodname_emus %}, use the "Identity Provider Groups" drop-down menu, and select a single identity provider group to connect to the new team. For more information, [AUTOTITLE](/enterprise-cloud@latest/admin/identity-and-access-management/using-enterprise-managed-users-for-iam/managing-team-memberships-with-identity-provider-groups). + * If your organization or enterprise account uses team synchronization, under "Identity Provider Groups," select the **Select Groups** dropdown menu, and click up to five identity provider groups to connect to the new team. For more information, see [AUTOTITLE](/organizations/organizing-members-into-teams/synchronizing-a-team-with-an-identity-provider-group). {% endif %} {% data reusables.organizations.team_visibility %} {% data reusables.organizations.team-notifications %} {% data reusables.organizations.create_team %} -1. Optionally, give the team access to organization repositories. For more information, see "[AUTOTITLE](/organizations/managing-user-access-to-your-organizations-repositories/managing-repository-roles/managing-team-access-to-an-organization-repository)." +1. Optionally, give the team access to organization repositories. For more information, see [AUTOTITLE](/organizations/managing-user-access-to-your-organizations-repositories/managing-repository-roles/managing-team-access-to-an-organization-repository). {% ifversion ghes %} ## Creating teams with LDAP Sync enabled -Instances using LDAP for user authentication can use LDAP Sync to manage a team's members. Setting the group's **Distinguished Name** (DN) in the **LDAP group** field will map a team to an LDAP group on your LDAP server. If you use LDAP Sync to manage a team's members, you won't be able to manage your team within {% data variables.location.product_location %}. The mapped team will sync its members in the background and periodically at the interval configured when LDAP Sync is enabled. For more information, see "[AUTOTITLE](/admin/identity-and-access-management/using-ldap-for-enterprise-iam/using-ldap#enabling-ldap-sync)." +Instances using LDAP for user authentication can use LDAP Sync to manage a team's members. Setting the group's **Distinguished Name** (DN) in the **LDAP group** field will map a team to an LDAP group on your LDAP server. If you use LDAP Sync to manage a team's members, you won't be able to manage your team within {% data variables.location.product_location %}. The mapped team will sync its members in the background and periodically at the interval configured when LDAP Sync is enabled. For more information, see [AUTOTITLE](/admin/identity-and-access-management/using-ldap-for-enterprise-iam/using-ldap#enabling-ldap-sync). You must be a site admin and an organization owner to create a team with LDAP sync enabled. diff --git a/content/organizations/organizing-members-into-teams/deleting-a-team.md b/content/organizations/organizing-members-into-teams/deleting-a-team.md index c96c4d6ceb40..b8664c6c8123 100644 --- a/content/organizations/organizing-members-into-teams/deleting-a-team.md +++ b/content/organizations/organizing-members-into-teams/deleting-a-team.md @@ -14,7 +14,7 @@ topics: --- > [!TIP] -> Only organization owners can delete parent teams. For more information, see "[AUTOTITLE](/organizations/organizing-members-into-teams/about-teams)." +> Only organization owners can delete parent teams. For more information, see [AUTOTITLE](/organizations/organizing-members-into-teams/about-teams). {% data reusables.profile.access_org %} {% data reusables.user-settings.access_org %} diff --git a/content/organizations/organizing-members-into-teams/disabling-team-discussions-for-your-organization.md b/content/organizations/organizing-members-into-teams/disabling-team-discussions-for-your-organization.md index 7b0e37195247..aea531034f94 100644 --- a/content/organizations/organizing-members-into-teams/disabling-team-discussions-for-your-organization.md +++ b/content/organizations/organizing-members-into-teams/disabling-team-discussions-for-your-organization.md @@ -16,7 +16,7 @@ shortTitle: Disable team discussions {% data reusables.organizations.team-discussions-migration %} {% endif %} -{% data reusables.organizations.team-discussions-default %} For more information on team discussions, see "[AUTOTITLE](/organizations/collaborating-with-your-team/about-team-discussions)." +{% data reusables.organizations.team-discussions-default %} For more information on team discussions, see [AUTOTITLE](/organizations/collaborating-with-your-team/about-team-discussions). {% data reusables.profile.access_org %} {% data reusables.profile.org_settings %} diff --git a/content/organizations/organizing-members-into-teams/managing-code-review-settings-for-your-team.md b/content/organizations/organizing-members-into-teams/managing-code-review-settings-for-your-team.md index cac2a918fdfe..5991080bc0d6 100644 --- a/content/organizations/organizing-members-into-teams/managing-code-review-settings-for-your-team.md +++ b/content/organizations/organizing-members-into-teams/managing-code-review-settings-for-your-team.md @@ -26,7 +26,7 @@ To reduce noise for your team and clarify individual responsibility for pull req ## About team notifications -When you choose to only notify requested team members, you disable sending notifications to the entire team when the team is requested to review a pull request if a specific member of that team is also requested for review. This is especially useful when a repository is configured with teams as code owners, but contributors to the repository often know a specific individual that would be the correct reviewer for their pull request. For more information, see "[AUTOTITLE](/repositories/managing-your-repositorys-settings-and-features/customizing-your-repository/about-code-owners)." +When you choose to only notify requested team members, you disable sending notifications to the entire team when the team is requested to review a pull request if a specific member of that team is also requested for review. This is especially useful when a repository is configured with teams as code owners, but contributors to the repository often know a specific individual that would be the correct reviewer for their pull request. For more information, see [AUTOTITLE](/repositories/managing-your-repositorys-settings-and-features/customizing-your-repository/about-code-owners). ## About auto assignment @@ -44,7 +44,7 @@ The round robin algorithm chooses reviewers based on who's received the least re The load balance algorithm chooses reviewers based on each member's total number of recent review requests and considers the number of outstanding reviews for each member. The load balance algorithm tries to ensure that each team member reviews an equal number of pull requests in any 30 day period. -Any team members that have set their status to "Busy" will not be selected for review. If all team members are busy, the pull request will remain assigned to the team itself. For more information about user statuses, see "[AUTOTITLE](/account-and-profile/setting-up-and-managing-your-github-profile/customizing-your-profile/personalizing-your-profile#setting-a-status)." +Any team members that have set their status to "Busy" will not be selected for review. If all team members are busy, the pull request will remain assigned to the team itself. For more information about user statuses, see [AUTOTITLE](/account-and-profile/setting-up-and-managing-your-github-profile/customizing-your-profile/personalizing-your-profile#setting-a-status). {% ifversion only-notify-requested-members %} @@ -68,7 +68,7 @@ Any team members that have set their status to "Busy" will not be selected for r 1. In the left sidebar, click **{% octicon "code-review" aria-hidden="true" %} Code review**. 1. Select **Enable auto assignment**. 1. Under "How many team members should be assigned to review?", select the dropdown menu and choose a number of reviewers to be assigned to each pull request. -1. Under "Routing algorithm", use the dropdown menu and choose which algorithm you'd like to use. For more information, see "[Routing algorithms](#routing-algorithms)." +1. Under "Routing algorithm", use the dropdown menu and choose which algorithm you'd like to use. For more information, see [Routing algorithms](#routing-algorithms). 1. Optionally, to always skip certain members of the team, select **Never assign certain team members**. Then, select one or more team members you'd like to always skip. 1. Optionally, to include members of child teams as potential reviewers when assigning requests, select **Child team members**. 1. Optionally, to count any members whose review has already been requested against the total number of members to assign, select **Count existing requests**. diff --git a/content/organizations/organizing-members-into-teams/managing-scheduled-reminders-for-your-team.md b/content/organizations/organizing-members-into-teams/managing-scheduled-reminders-for-your-team.md index f82409e4e47a..977d1b3cc9b3 100644 --- a/content/organizations/organizing-members-into-teams/managing-scheduled-reminders-for-your-team.md +++ b/content/organizations/organizing-members-into-teams/managing-scheduled-reminders-for-your-team.md @@ -17,7 +17,7 @@ shortTitle: Scheduled reminders {% data reusables.reminders.about-scheduled-reminders-teams-orgs %} -Team maintainers and organization owners can set scheduled reminders for any pull requests that a team has been requested to review. Before you can create a scheduled reminder for your team, an organization owner must authorize your Slack workspace. For more information, see "[AUTOTITLE](/organizations/managing-organization-settings/managing-scheduled-reminders-for-your-organization)." +Team maintainers and organization owners can set scheduled reminders for any pull requests that a team has been requested to review. Before you can create a scheduled reminder for your team, an organization owner must authorize your Slack workspace. For more information, see [AUTOTITLE](/organizations/managing-organization-settings/managing-scheduled-reminders-for-your-organization). {% data reusables.reminders.scheduled-reminders-limitations %} @@ -70,5 +70,5 @@ Team maintainers and organization owners can set scheduled reminders for any pul ## Further reading * [Getting started](https://github.com/integrations/slack?tab=readme-ov-file#getting-started) in the Slack integrations documentation -* "[AUTOTITLE](/organizations/managing-organization-settings/managing-scheduled-reminders-for-your-organization)" -* "[AUTOTITLE](/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-your-membership-in-organizations/managing-your-scheduled-reminders)" +* [AUTOTITLE](/organizations/managing-organization-settings/managing-scheduled-reminders-for-your-organization) +* [AUTOTITLE](/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-your-membership-in-organizations/managing-your-scheduled-reminders) diff --git a/content/organizations/organizing-members-into-teams/moving-a-team-in-your-organizations-hierarchy.md b/content/organizations/organizing-members-into-teams/moving-a-team-in-your-organizations-hierarchy.md index 5b0cbe51b87b..6c17c703d342 100644 --- a/content/organizations/organizing-members-into-teams/moving-a-team-in-your-organizations-hierarchy.md +++ b/content/organizations/organizing-members-into-teams/moving-a-team-in-your-organizations-hierarchy.md @@ -16,12 +16,12 @@ topics: shortTitle: Move a team --- -Organization owners can change the parent of any team. Team maintainers can change a team's parent if they are maintainers in both the child team and the parent team. Team maintainers without maintainer permissions in the child team can request to add a parent or child team. For more information, see "[AUTOTITLE](/organizations/organizing-members-into-teams/requesting-to-add-or-change-a-parent-team)" and "[AUTOTITLE](/organizations/organizing-members-into-teams/requesting-to-add-a-child-team)." +Organization owners can change the parent of any team. Team maintainers can change a team's parent if they are maintainers in both the child team and the parent team. Team maintainers without maintainer permissions in the child team can request to add a parent or child team. For more information, see [AUTOTITLE](/organizations/organizing-members-into-teams/requesting-to-add-or-change-a-parent-team) and [AUTOTITLE](/organizations/organizing-members-into-teams/requesting-to-add-a-child-team). {% data reusables.organizations.child-team-inherits-permissions %} > [!TIP] -> * You cannot change a team's parent to a secret team. For more information, see "[AUTOTITLE](/organizations/organizing-members-into-teams/about-teams)." +> * You cannot change a team's parent to a secret team. For more information, see [AUTOTITLE](/organizations/organizing-members-into-teams/about-teams). > * You cannot nest a parent team beneath one of its child teams. {% data reusables.profile.access_org %} @@ -36,4 +36,4 @@ Organization owners can change the parent of any team. Team maintainers can chan ## Further reading -* "[AUTOTITLE](/organizations/organizing-members-into-teams/about-teams)" +* [AUTOTITLE](/organizations/organizing-members-into-teams/about-teams) diff --git a/content/organizations/organizing-members-into-teams/requesting-to-add-a-child-team.md b/content/organizations/organizing-members-into-teams/requesting-to-add-a-child-team.md index db51afddff72..b194e7d2e11b 100644 --- a/content/organizations/organizing-members-into-teams/requesting-to-add-a-child-team.md +++ b/content/organizations/organizing-members-into-teams/requesting-to-add-a-child-team.md @@ -16,7 +16,7 @@ shortTitle: Add a child team When you request to add a team as a child, a request is sent to the maintainers of the child team. Once a maintainer of the child team approves your request, the child team is nested under the parent team in your organization's hierarchy. -If you're an organization owner or you have team maintainer permissions in both the child team and the parent team, you can add the child team without requesting approval or change the child team's parent from the child team's settings page. For more information, see "[AUTOTITLE](/organizations/organizing-members-into-teams/moving-a-team-in-your-organizations-hierarchy)." +If you're an organization owner or you have team maintainer permissions in both the child team and the parent team, you can add the child team without requesting approval or change the child team's parent from the child team's settings page. For more information, see [AUTOTITLE](/organizations/organizing-members-into-teams/moving-a-team-in-your-organizations-hierarchy). {% data reusables.organizations.child-team-inherits-permissions %} @@ -42,6 +42,6 @@ If you're an organization owner or you have team maintainer permissions in both ## Further reading -* "[AUTOTITLE](/organizations/organizing-members-into-teams/about-teams)" -* "[AUTOTITLE](/organizations/organizing-members-into-teams/moving-a-team-in-your-organizations-hierarchy)" -* "[AUTOTITLE](/organizations/organizing-members-into-teams/requesting-to-add-or-change-a-parent-team)" +* [AUTOTITLE](/organizations/organizing-members-into-teams/about-teams) +* [AUTOTITLE](/organizations/organizing-members-into-teams/moving-a-team-in-your-organizations-hierarchy) +* [AUTOTITLE](/organizations/organizing-members-into-teams/requesting-to-add-or-change-a-parent-team) diff --git a/content/organizations/organizing-members-into-teams/requesting-to-add-or-change-a-parent-team.md b/content/organizations/organizing-members-into-teams/requesting-to-add-or-change-a-parent-team.md index 1b5e016f5dec..201fec97e0b6 100644 --- a/content/organizations/organizing-members-into-teams/requesting-to-add-or-change-a-parent-team.md +++ b/content/organizations/organizing-members-into-teams/requesting-to-add-or-change-a-parent-team.md @@ -16,7 +16,7 @@ shortTitle: Add or change parent team When you request to add or change your team's parent, a request is sent to the maintainers of the parent team. When a maintainer of the new parent team approves your request, your team is nested as a child team under the parent team in your organization's hierarchy. -If you're an organization owner or you have team maintainer permissions in the child team and the parent team, you can add the parent team without requesting approval or change your team's parent from your team's settings page. For more information, see "[AUTOTITLE](/organizations/organizing-members-into-teams/moving-a-team-in-your-organizations-hierarchy)." +If you're an organization owner or you have team maintainer permissions in the child team and the parent team, you can add the parent team without requesting approval or change your team's parent from your team's settings page. For more information, see [AUTOTITLE](/organizations/organizing-members-into-teams/moving-a-team-in-your-organizations-hierarchy). {% data reusables.organizations.child-team-inherits-permissions %} @@ -32,6 +32,6 @@ If you're an organization owner or you have team maintainer permissions in the c ## Further reading -* "[AUTOTITLE](/organizations/organizing-members-into-teams/about-teams)" -* "[AUTOTITLE](/organizations/organizing-members-into-teams/moving-a-team-in-your-organizations-hierarchy)" -* "[AUTOTITLE](/organizations/organizing-members-into-teams/requesting-to-add-a-child-team)" +* [AUTOTITLE](/organizations/organizing-members-into-teams/about-teams) +* [AUTOTITLE](/organizations/organizing-members-into-teams/moving-a-team-in-your-organizations-hierarchy) +* [AUTOTITLE](/organizations/organizing-members-into-teams/requesting-to-add-a-child-team) diff --git a/content/organizations/organizing-members-into-teams/synchronizing-a-team-with-an-identity-provider-group.md b/content/organizations/organizing-members-into-teams/synchronizing-a-team-with-an-identity-provider-group.md index 520c98b69a5d..e183fe270183 100644 --- a/content/organizations/organizing-members-into-teams/synchronizing-a-team-with-an-identity-provider-group.md +++ b/content/organizations/organizing-members-into-teams/synchronizing-a-team-with-an-identity-provider-group.md @@ -17,7 +17,7 @@ shortTitle: Synchronize with an IdP ## About team synchronization -{% data reusables.identity-and-permissions.about-team-sync %} {% ifversion ghec %}For more information, see "[AUTOTITLE](/organizations/managing-saml-single-sign-on-for-your-organization/managing-team-synchronization-for-your-organization)" and "[AUTOTITLE](/admin/identity-and-access-management/managing-iam-for-your-enterprise/managing-team-synchronization-for-organizations-in-your-enterprise)."{% endif %} +{% data reusables.identity-and-permissions.about-team-sync %} {% ifversion ghec %}For more information, see [AUTOTITLE](/organizations/managing-saml-single-sign-on-for-your-organization/managing-team-synchronization-for-your-organization) and [AUTOTITLE](/admin/identity-and-access-management/managing-iam-for-your-enterprise/managing-team-synchronization-for-organizations-in-your-enterprise).{% endif %} {% ifversion ghec %}You can connect up to five IdP groups to a {% data variables.product.product_name %} team.{% endif %} You can assign an IdP group to multiple {% data variables.product.product_name %} teams. @@ -28,19 +28,19 @@ Once a {% data variables.product.prodname_dotcom %} team is connected to an IdP {% ifversion ghec %}{% data reusables.enterprise-accounts.team-sync-override %}{% endif %} {% ifversion team-sync-manage-org-invites %} -{% data reusables.identity-and-permissions.team-sync-org-invites %} For more information, see "[AUTOTITLE](/organizations/managing-saml-single-sign-on-for-your-organization/managing-team-synchronization-for-your-organization#managing-whether-team-synchronization-can-invite-non-members-to-your-organization)" and "[AUTOTITLE](/admin/identity-and-access-management/using-saml-for-enterprise-iam/managing-team-synchronization-for-organizations-in-your-enterprise#managing-whether-team-synchronization-can-invite-non-members-to-organizations)." +{% data reusables.identity-and-permissions.team-sync-org-invites %} For more information, see [AUTOTITLE](/organizations/managing-saml-single-sign-on-for-your-organization/managing-team-synchronization-for-your-organization#managing-whether-team-synchronization-can-invite-non-members-to-your-organization) and [AUTOTITLE](/admin/identity-and-access-management/using-saml-for-enterprise-iam/managing-team-synchronization-for-organizations-in-your-enterprise#managing-whether-team-synchronization-can-invite-non-members-to-organizations). {% endif %} {% ifversion ghec %} All team membership changes made through your IdP will appear in the audit log on {% data variables.product.product_name %} as changes made by the team synchronization bot. Team synchronization will fetch group information from your IdP at least once every hour, and reflect any changes in IdP group membership into {% data variables.product.product_name %}. -Connecting a team to an IdP group may remove some team members. For more information, see "[Requirements for members of synchronized teams](#requirements-for-members-of-synchronized-teams)." +Connecting a team to an IdP group may remove some team members. For more information, see [Requirements for members of synchronized teams](#requirements-for-members-of-synchronized-teams). {% endif %} -Parent teams cannot synchronize with IdP groups. If the team you want to connect to an IdP group is a parent team, we recommend creating a new team or removing the nested relationships that make your team a parent team. For more information, see "[AUTOTITLE](/organizations/organizing-members-into-teams/about-teams#nested-teams)," "[AUTOTITLE](/organizations/organizing-members-into-teams/creating-a-team)," and "[AUTOTITLE](/organizations/organizing-members-into-teams/moving-a-team-in-your-organizations-hierarchy)." +Parent teams cannot synchronize with IdP groups. If the team you want to connect to an IdP group is a parent team, we recommend creating a new team or removing the nested relationships that make your team a parent team. For more information, see [AUTOTITLE](/organizations/organizing-members-into-teams/about-teams#nested-teams), [AUTOTITLE](/organizations/organizing-members-into-teams/creating-a-team), and [AUTOTITLE](/organizations/organizing-members-into-teams/moving-a-team-in-your-organizations-hierarchy). -To manage repository access for any {% data variables.product.prodname_dotcom %} team, including teams connected to an IdP group, you must make changes with {% data variables.product.product_name %}. For more information, see "[AUTOTITLE](/organizations/organizing-members-into-teams/about-teams)" and "[AUTOTITLE](/organizations/managing-user-access-to-your-organizations-repositories/managing-repository-roles/managing-team-access-to-an-organization-repository)." +To manage repository access for any {% data variables.product.prodname_dotcom %} team, including teams connected to an IdP group, you must make changes with {% data variables.product.product_name %}. For more information, see [AUTOTITLE](/organizations/organizing-members-into-teams/about-teams) and [AUTOTITLE](/organizations/managing-user-access-to-your-organizations-repositories/managing-repository-roles/managing-team-access-to-an-organization-repository). -{% ifversion ghec %}You can also manage team synchronization with the API. For more information, see "[AUTOTITLE](/rest/teams/team-sync)."{% endif %} +{% ifversion ghec %}You can also manage team synchronization with the API. For more information, see [AUTOTITLE](/rest/teams/team-sync).{% endif %} {% ifversion ghec %} @@ -54,11 +54,11 @@ After you connect a team to an IdP group, team synchronization will add each mem * The person has already logged in with their personal account on {% data variables.product.product_name %} and authenticated to the organization or enterprise account via SAML single sign-on at least once. * The person's SSO identity is a member of the IdP group. -Existing teams or group members who do not meet these criteria will be automatically removed from the team on {% data variables.product.product_name %} and lose access to repositories. Revoking a user's linked identity will also remove the user from any teams mapped to IdP groups. For more information, see "[AUTOTITLE](/organizations/granting-access-to-your-organization-with-saml-single-sign-on/viewing-and-managing-a-members-saml-access-to-your-organization#viewing-and-revoking-a-linked-identity)" and "[AUTOTITLE](/enterprise-cloud@latest/admin/user-management/managing-users-in-your-enterprise/viewing-and-managing-a-users-saml-access-to-your-enterprise#viewing-and-revoking-a-linked-identity)." +Existing teams or group members who do not meet these criteria will be automatically removed from the team on {% data variables.product.product_name %} and lose access to repositories. Revoking a user's linked identity will also remove the user from any teams mapped to IdP groups. For more information, see [AUTOTITLE](/organizations/granting-access-to-your-organization-with-saml-single-sign-on/viewing-and-managing-a-members-saml-access-to-your-organization#viewing-and-revoking-a-linked-identity) and [AUTOTITLE](/enterprise-cloud@latest/admin/user-management/managing-users-in-your-enterprise/viewing-and-managing-a-users-saml-access-to-your-enterprise#viewing-and-revoking-a-linked-identity). A removed team member can be added back to a team automatically once they have authenticated to the organization or enterprise account using SSO and are moved to the connected IdP group. -To avoid unintentionally removing team members, we recommend enforcing SAML SSO in your organization or enterprise account, creating new teams to synchronize membership data, and checking IdP group membership before synchronizing existing teams. For more information, see "[AUTOTITLE](/organizations/managing-saml-single-sign-on-for-your-organization/enforcing-saml-single-sign-on-for-your-organization)" and "[AUTOTITLE](/enterprise-cloud@latest/admin/identity-and-access-management/using-saml-for-enterprise-iam/configuring-saml-single-sign-on-for-your-enterprise)." +To avoid unintentionally removing team members, we recommend enforcing SAML SSO in your organization or enterprise account, creating new teams to synchronize membership data, and checking IdP group membership before synchronizing existing teams. For more information, see [AUTOTITLE](/organizations/managing-saml-single-sign-on-for-your-organization/enforcing-saml-single-sign-on-for-your-organization) and [AUTOTITLE](/enterprise-cloud@latest/admin/identity-and-access-management/using-saml-for-enterprise-iam/configuring-saml-single-sign-on-for-your-enterprise). {% endif %} @@ -67,14 +67,14 @@ To avoid unintentionally removing team members, we recommend enforcing SAML SSO {% data reusables.identity-and-permissions.team-and-idp-group %} {% ifversion ghec %} -Before you can connect a {% data variables.product.product_name %} team with an IdP group, an organization or enterprise owner must enable team synchronization for your organization or enterprise account. For more information, see "[AUTOTITLE](/organizations/managing-saml-single-sign-on-for-your-organization/managing-team-synchronization-for-your-organization)" and "[AUTOTITLE](/enterprise-cloud@latest/admin/identity-and-access-management/using-saml-for-enterprise-iam/managing-team-synchronization-for-organizations-in-your-enterprise)." +Before you can connect a {% data variables.product.product_name %} team with an IdP group, an organization or enterprise owner must enable team synchronization for your organization or enterprise account. For more information, see [AUTOTITLE](/organizations/managing-saml-single-sign-on-for-your-organization/managing-team-synchronization-for-your-organization) and [AUTOTITLE](/enterprise-cloud@latest/admin/identity-and-access-management/using-saml-for-enterprise-iam/managing-team-synchronization-for-organizations-in-your-enterprise). To avoid unintentionally removing team members, visit the administrative portal for your IdP and confirm that each current team member is also in the IdP groups that you want to connect to this team. If you don't have this access to your identity provider, you can reach out to your IdP administrator. -You must authenticate using SAML SSO. For more information, see "[AUTOTITLE](/authentication/authenticating-with-saml-single-sign-on)." +You must authenticate using SAML SSO. For more information, see [AUTOTITLE](/authentication/authenticating-with-saml-single-sign-on). {% elsif ghes %} -You must configure user provisioning with SCIM for {% data variables.location.product_location %}. For more information, see "[AUTOTITLE](/admin/identity-and-access-management/using-saml-for-enterprise-iam/configuring-user-provisioning-with-scim-for-your-enterprise)." +You must configure user provisioning with SCIM for {% data variables.location.product_location %}. For more information, see [AUTOTITLE](/admin/identity-and-access-management/using-saml-for-enterprise-iam/configuring-user-provisioning-with-scim-for-your-enterprise). {% data reusables.scim.ghes-beta-note %} {% endif %} From f2f7634b28f97953f80767f2df1c9de89280bcf6 Mon Sep 17 00:00:00 2001 From: mc <42146119+mchammer01@users.noreply.github.com> Date: Fri, 13 Dec 2024 09:42:44 +0000 Subject: [PATCH 2/2] Remove double quotes in internal links for the "Securing your enterprise" maptopic (#53623) --- .../about-security-configurations.md | 4 +- ...curity-configuration-to-your-enterprise.md | 2 +- ...t-scanning-settings-for-your-enterprise.md | 2 +- ...urity-configuration-for-your-enterprise.md | 40 +++++++++---------- ...eleting-a-custom-security-configuration.md | 2 +- ...editing-a-custom-security-configuration.md | 2 +- .../security-features-use-actions.md | 2 +- 7 files changed, 27 insertions(+), 27 deletions(-) diff --git a/content/admin/managing-code-security/securing-your-enterprise/about-security-configurations.md b/content/admin/managing-code-security/securing-your-enterprise/about-security-configurations.md index 2fe9b205ee3d..6d380faeb990 100644 --- a/content/admin/managing-code-security/securing-your-enterprise/about-security-configurations.md +++ b/content/admin/managing-code-security/securing-your-enterprise/about-security-configurations.md @@ -17,11 +17,11 @@ topics: {% ifversion security-configurations-cloud %} -We recommend securing your enterprise with the {% data variables.product.prodname_github_security_configuration %}, then evaluating the security findings on your repositories before configuring {% data variables.product.prodname_custom_security_configurations %}. For more information, see "[AUTOTITLE](/admin/managing-code-security/securing-your-enterprise/applying-the-github-recommended-security-configuration-to-your-enterprise)." +We recommend securing your enterprise with the {% data variables.product.prodname_github_security_configuration %}, then evaluating the security findings on your repositories before configuring {% data variables.product.prodname_custom_security_configurations %}. For more information, see [AUTOTITLE](/admin/managing-code-security/securing-your-enterprise/applying-the-github-recommended-security-configuration-to-your-enterprise). {% endif %} -With {% data variables.product.prodname_custom_security_configurations %}, you can create collections of enablement settings for {% data variables.product.company_short %}'s security products to meet the specific security needs of your enterprise. For example, you can create a different {% data variables.product.prodname_custom_security_configuration %} for each organization or group of similar organizations to reflect their different levels of security requirements and compliance obligations. For more information, see "[AUTOTITLE](/admin/managing-code-security/securing-your-enterprise/creating-a-custom-security-configuration-for-your-enterprise)." +With {% data variables.product.prodname_custom_security_configurations %}, you can create collections of enablement settings for {% data variables.product.company_short %}'s security products to meet the specific security needs of your enterprise. For example, you can create a different {% data variables.product.prodname_custom_security_configuration %} for each organization or group of similar organizations to reflect their different levels of security requirements and compliance obligations. For more information, see [AUTOTITLE](/admin/managing-code-security/securing-your-enterprise/creating-a-custom-security-configuration-for-your-enterprise). {% ifversion security-configurations-ghes-only %} diff --git a/content/admin/managing-code-security/securing-your-enterprise/applying-a-custom-security-configuration-to-your-enterprise.md b/content/admin/managing-code-security/securing-your-enterprise/applying-a-custom-security-configuration-to-your-enterprise.md index 273542c686ae..daf0bab708d5 100644 --- a/content/admin/managing-code-security/securing-your-enterprise/applying-a-custom-security-configuration-to-your-enterprise.md +++ b/content/admin/managing-code-security/securing-your-enterprise/applying-a-custom-security-configuration-to-your-enterprise.md @@ -31,4 +31,4 @@ After you create a {% data variables.product.prodname_custom_security_configurat ## Next steps -To learn how to edit your {% data variables.product.prodname_custom_security_configuration %}, see "[AUTOTITLE](/admin/managing-code-security/securing-your-enterprise/editing-a-custom-security-configuration)." +To learn how to edit your {% data variables.product.prodname_custom_security_configuration %}, see [AUTOTITLE](/admin/managing-code-security/securing-your-enterprise/editing-a-custom-security-configuration). diff --git a/content/admin/managing-code-security/securing-your-enterprise/configuring-additional-secret-scanning-settings-for-your-enterprise.md b/content/admin/managing-code-security/securing-your-enterprise/configuring-additional-secret-scanning-settings-for-your-enterprise.md index a9fbe5614810..0fb5137fb9fb 100644 --- a/content/admin/managing-code-security/securing-your-enterprise/configuring-additional-secret-scanning-settings-for-your-enterprise.md +++ b/content/admin/managing-code-security/securing-your-enterprise/configuring-additional-secret-scanning-settings-for-your-enterprise.md @@ -44,6 +44,6 @@ To provide context for developers when {% data variables.product.prodname_secret {% data reusables.secret-scanning.copilot-secret-scanning-generic-secrets-subscription-note %} -To learn more about generic secrets, see "[AUTOTITLE](/code-security/secret-scanning/copilot-secret-scanning/responsible-ai-generic-secrets)." +To learn more about generic secrets, see [AUTOTITLE](/code-security/secret-scanning/copilot-secret-scanning/responsible-ai-generic-secrets). {% endif %} diff --git a/content/admin/managing-code-security/securing-your-enterprise/creating-a-custom-security-configuration-for-your-enterprise.md b/content/admin/managing-code-security/securing-your-enterprise/creating-a-custom-security-configuration-for-your-enterprise.md index 71becce1f1bc..628c55033a88 100644 --- a/content/admin/managing-code-security/securing-your-enterprise/creating-a-custom-security-configuration-for-your-enterprise.md +++ b/content/admin/managing-code-security/securing-your-enterprise/creating-a-custom-security-configuration-for-your-enterprise.md @@ -15,7 +15,7 @@ topics: {% ifversion security-configurations-cloud %} -We recommend securing your enterprise with the {% data variables.product.prodname_github_security_configuration %}, then evaluating the security findings on your repositories before configuring {% data variables.product.prodname_custom_security_configurations %}. For more information, see "[AUTOTITLE](/admin/managing-code-security/securing-your-enterprise/applying-the-github-recommended-security-configuration-to-your-enterprise)." +We recommend securing your enterprise with the {% data variables.product.prodname_github_security_configuration %}, then evaluating the security findings on your repositories before configuring {% data variables.product.prodname_custom_security_configurations %}. For more information, see [AUTOTITLE](/admin/managing-code-security/securing-your-enterprise/applying-the-github-recommended-security-configuration-to-your-enterprise). {% endif %} @@ -43,22 +43,22 @@ When creating a security configuration, keep in mind that: 1. In the left sidebar, click **Code security**. 1. In the "Configurations" section, click **New configuration**. 1. To help identify your {% data variables.product.prodname_custom_security_configuration %} and clarify its purpose on the "Configurations" page, name your configuration and create a description. -1. In the "{% data variables.product.prodname_GH_advanced_security %} features" row, choose whether to include or exclude {% data variables.product.prodname_GH_advanced_security %} (GHAS) features. If you plan to apply a {% data variables.product.prodname_custom_security_configuration %} with GHAS features to private repositories, you must have available GHAS licenses for each active unique committer to those repositories, or the features will not be enabled. See "[AUTOTITLE](/billing/managing-billing-for-your-products/managing-billing-for-github-advanced-security/about-billing-for-github-advanced-security)." +1. In the "{% data variables.product.prodname_GH_advanced_security %} features" row, choose whether to include or exclude {% data variables.product.prodname_GH_advanced_security %} (GHAS) features. If you plan to apply a {% data variables.product.prodname_custom_security_configuration %} with GHAS features to private repositories, you must have available GHAS licenses for each active unique committer to those repositories, or the features will not be enabled. See [AUTOTITLE](/billing/managing-billing-for-your-products/managing-billing-for-github-advanced-security/about-billing-for-github-advanced-security). 1. In the "Dependency graph and {% data variables.product.prodname_dependabot %}" section of the security settings table, choose whether you want to enable, disable, or keep the existing settings for the following security features: - * Dependency graph. To learn about dependency graph, see "[AUTOTITLE](/code-security/supply-chain-security/understanding-your-software-supply-chain/about-the-dependency-graph)."{%- ifversion maven-transitive-dependencies %} - * Automatic dependency submission. To learn about automatic dependency submission, see "[AUTOTITLE](/code-security/supply-chain-security/understanding-your-software-supply-chain/configuring-automatic-dependency-submission-for-your-repository)."{%- endif %} - * {% data variables.product.prodname_dependabot_alerts %}. To learn about {% data variables.product.prodname_dependabot_alerts %}, see "[AUTOTITLE](/code-security/dependabot/dependabot-alerts/about-dependabot-alerts)." - * Security updates. To learn about security updates, see "[AUTOTITLE](/code-security/dependabot/dependabot-security-updates/about-dependabot-security-updates)." + * Dependency graph. To learn about dependency graph, see [AUTOTITLE](/code-security/supply-chain-security/understanding-your-software-supply-chain/about-the-dependency-graph).{%- ifversion maven-transitive-dependencies %} + * Automatic dependency submission. To learn about automatic dependency submission, see [AUTOTITLE](/code-security/supply-chain-security/understanding-your-software-supply-chain/configuring-automatic-dependency-submission-for-your-repository).{%- endif %} + * {% data variables.product.prodname_dependabot_alerts %}. To learn about {% data variables.product.prodname_dependabot_alerts %}, see [AUTOTITLE](/code-security/dependabot/dependabot-alerts/about-dependabot-alerts). + * Security updates. To learn about security updates, see [AUTOTITLE](/code-security/dependabot/dependabot-security-updates/about-dependabot-security-updates). > [!NOTE] > You cannot manually change the enablement settings for vulnerable function calls. If {% data variables.product.prodname_GH_advanced_security %} features and {% data variables.product.prodname_dependabot_alerts %} are enabled, vulnerable function calls is also enabled. Otherwise, it is disabled. -1. In the "{% data variables.product.prodname_code_scanning_caps %}" section of the security settings table, choose whether you want to enable, disable, or keep the existing settings for {% data variables.product.prodname_code_scanning %} default setup. To learn about default setup, see "[AUTOTITLE](/code-security/code-scanning/enabling-code-scanning/configuring-default-setup-for-code-scanning#about-default-setup)." +1. In the "{% data variables.product.prodname_code_scanning_caps %}" section of the security settings table, choose whether you want to enable, disable, or keep the existing settings for {% data variables.product.prodname_code_scanning %} default setup. To learn about default setup, see [AUTOTITLE](/code-security/code-scanning/enabling-code-scanning/configuring-default-setup-for-code-scanning#about-default-setup). 1. In the "{% data variables.product.prodname_secret_scanning_caps %}" section of the security settings table, choose whether you want to enable, disable, or keep the existing settings for the following security features: - * Alerts. To learn about {% data variables.product.prodname_secret_scanning %}, see "[AUTOTITLE](/code-security/secret-scanning/introduction/about-secret-scanning)."{% ifversion org-npp-enablement-security-configurations %} - * Non-provider patterns. To learn more about scanning for non-provider patterns, see "[AUTOTITLE](/code-security/secret-scanning/introduction/supported-secret-scanning-patterns#non-provider-patterns)" and "[AUTOTITLE](/code-security/secret-scanning/managing-alerts-from-secret-scanning/viewing-alerts)."{% endif %} - * Push protection. To learn about push protection, see "[AUTOTITLE](/code-security/secret-scanning/introduction/about-push-protection)." -1. In the "Private vulnerability reporting" section of the security settings table, choose whether you want to enable, disable, or keep the existing settings for private vulnerability reporting. To learn about private vulnerability reporting, see "[AUTOTITLE](/code-security/security-advisories/working-with-repository-security-advisories/configuring-private-vulnerability-reporting-for-a-repository)." + * Alerts. To learn about {% data variables.product.prodname_secret_scanning %}, see [AUTOTITLE](/code-security/secret-scanning/introduction/about-secret-scanning).{% ifversion org-npp-enablement-security-configurations %} + * Non-provider patterns. To learn more about scanning for non-provider patterns, see [AUTOTITLE](/code-security/secret-scanning/introduction/supported-secret-scanning-patterns#non-provider-patterns) and [AUTOTITLE](/code-security/secret-scanning/managing-alerts-from-secret-scanning/viewing-alerts).{% endif %} + * Push protection. To learn about push protection, see [AUTOTITLE](/code-security/secret-scanning/introduction/about-push-protection). +1. In the "Private vulnerability reporting" section of the security settings table, choose whether you want to enable, disable, or keep the existing settings for private vulnerability reporting. To learn about private vulnerability reporting, see [AUTOTITLE](/code-security/security-advisories/working-with-repository-security-advisories/configuring-private-vulnerability-reporting-for-a-repository). 1. Optionally, in the "Policy" section, you can choose to automatically apply the {% data variables.product.prodname_security_configuration %} to newly created repositories depending on their visibility. Select the **None** {% octicon "triangle-down" aria-hidden="true" %} dropdown menu, then click **Public**, **Private and internal**, or **All repositories**. 1. Optionally, in the "Policy" section, you can enforce the configuration and block repository owners from changing features that are enabled or disabled by the configuration (features that are not set aren't enforced). Next to "Enforce configuration", select **Enforce** from the dropdown menu. @@ -76,20 +76,20 @@ When creating a security configuration, keep in mind that: 1. In the left sidebar, click **Code security**. 1. In the "Configurations" section, click **New configuration**. 1. To help identify your {% data variables.product.prodname_custom_security_configuration %} and clarify its purpose on the "Configurations" page, name your configuration and create a description. -1. In the "{% data variables.product.prodname_GH_advanced_security %} features" row, choose whether to include or exclude {% data variables.product.prodname_GH_advanced_security %} (GHAS) features. If you plan to apply a {% data variables.product.prodname_custom_security_configuration %} with GHAS features to private repositories, you must have available GHAS licenses for each active unique committer to those repositories, or the features will not be enabled. See "[AUTOTITLE](/billing/managing-billing-for-your-products/managing-billing-for-github-advanced-security/about-billing-for-github-advanced-security)." +1. In the "{% data variables.product.prodname_GH_advanced_security %} features" row, choose whether to include or exclude {% data variables.product.prodname_GH_advanced_security %} (GHAS) features. If you plan to apply a {% data variables.product.prodname_custom_security_configuration %} with GHAS features to private repositories, you must have available GHAS licenses for each active unique committer to those repositories, or the features will not be enabled. See [AUTOTITLE](/billing/managing-billing-for-your-products/managing-billing-for-github-advanced-security/about-billing-for-github-advanced-security). 1. In the "Dependency graph and {% data variables.product.prodname_dependabot %}" section of the security settings table, choose whether you want to enable, disable, or keep the existing settings for the following security features: * {% data variables.product.prodname_dependabot_alerts %}. To learn about {% data variables.product.prodname_dependabot %}, see "[AUTOTITLE](/code-security/dependabot/dependabot-alerts/about-dependabot-alerts)." > [!NOTE] {% data variables.dependabot.auto_triage_rules %} are not available to set at enterprise level. If an enterprise-level security configuration is applied to a repository, it can still have {% data variables.dependabot.auto_triage_rules %} enabled, but you can't turn off these rules at the level of the enterprise. - * Security updates. To learn about security updates, see "[AUTOTITLE](/code-security/dependabot/dependabot-security-updates/about-dependabot-security-updates)." + * Security updates. To learn about security updates, see [AUTOTITLE](/code-security/dependabot/dependabot-security-updates/about-dependabot-security-updates). > [!NOTE] > You cannot manually change the enablement setting for the dependency graph. This setting is installed and managed by a site administrator at the instance level. -1. In the "{% data variables.product.prodname_code_scanning_caps %}" section of the security settings table, choose whether you want to enable, disable, or keep the existing settings for {% data variables.product.prodname_code_scanning %} default setup. To learn about default setup, see "[AUTOTITLE](/code-security/code-scanning/enabling-code-scanning/configuring-default-setup-for-code-scanning#about-default-setup)." +1. In the "{% data variables.product.prodname_code_scanning_caps %}" section of the security settings table, choose whether you want to enable, disable, or keep the existing settings for {% data variables.product.prodname_code_scanning %} default setup. To learn about default setup, see [AUTOTITLE](/code-security/code-scanning/enabling-code-scanning/configuring-default-setup-for-code-scanning#about-default-setup). 1. In the "{% data variables.product.prodname_secret_scanning_caps %}" section of the security settings table, choose whether you want to enable, disable, or keep the existing settings for the following security features: - * Alerts. To learn about {% data variables.secret-scanning.alerts %}, see "[AUTOTITLE](/code-security/secret-scanning/introduction/about-secret-scanning)."{% ifversion org-npp-enablement-security-configurations %} - * Non-provider patterns. To learn more about scanning for non-provider patterns, see "[AUTOTITLE](/code-security/secret-scanning/introduction/supported-secret-scanning-patterns#non-provider-patterns)" and "[AUTOTITLE](/code-security/secret-scanning/managing-alerts-from-secret-scanning/viewing-alerts)."{% endif %} - * Push protection. To learn about push protection, see "[AUTOTITLE](/code-security/secret-scanning/introduction/about-push-protection)." + * Alerts. To learn about {% data variables.secret-scanning.alerts %}, see [AUTOTITLE](/code-security/secret-scanning/introduction/about-secret-scanning).{% ifversion org-npp-enablement-security-configurations %} + * Non-provider patterns. To learn more about scanning for non-provider patterns, see [AUTOTITLE](/code-security/secret-scanning/introduction/supported-secret-scanning-patterns#non-provider-patterns) and [AUTOTITLE](/code-security/secret-scanning/managing-alerts-from-secret-scanning/viewing-alerts).{% endif %} + * Push protection. To learn about push protection, see [AUTOTITLE](/code-security/secret-scanning/introduction/about-push-protection). {% ifversion push-protection-delegated-bypass-configurations %} -1. Optionally, under "Push protection", choose whether you want to assign bypass privileges to selected actors in your organization. By assigning bypass privileges, selected organization members can bypass push protection, and there is a review and approval process for all other contributors. For further guidance on how to configure this setting, see "[AUTOTITLE](/code-security/secret-scanning/using-advanced-secret-scanning-and-push-protection-features/delegated-bypass-for-push-protection/enabling-delegated-bypass-for-push-protection#configuring-delegated-bypass-for-an-organization)." +1. Optionally, under "Push protection", choose whether you want to assign bypass privileges to selected actors in your organization. By assigning bypass privileges, selected organization members can bypass push protection, and there is a review and approval process for all other contributors. For further guidance on how to configure this setting, see [AUTOTITLE](/code-security/secret-scanning/using-advanced-secret-scanning-and-push-protection-features/delegated-bypass-for-push-protection/enabling-delegated-bypass-for-push-protection#configuring-delegated-bypass-for-an-organization). {% endif %} 1. Optionally, in the "Policy" section, you can choose to automatically apply the {% data variables.product.prodname_security_configuration %} to newly created repositories depending on their visibility. Select the **None** {% octicon "triangle-down" aria-hidden="true" %} dropdown menu, then click **Public**, or **Private and internal**, or **All repositories**. @@ -103,8 +103,8 @@ When creating a security configuration, keep in mind that: ## Next steps -To optionally configure additional {% data variables.product.prodname_secret_scanning %} settings for the enterprise, see "[AUTOTITLE](/admin/managing-code-security/securing-your-enterprise/configuring-additional-secret-scanning-settings-for-your-enterprise)." +To optionally configure additional {% data variables.product.prodname_secret_scanning %} settings for the enterprise, see [AUTOTITLE](/admin/managing-code-security/securing-your-enterprise/configuring-additional-secret-scanning-settings-for-your-enterprise). -To apply your {% data variables.product.prodname_custom_security_configuration %} to repositories in your organization, see "[AUTOTITLE](/code-security/securing-your-organization/enabling-security-features-in-your-organization/applying-a-custom-security-configuration)." +To apply your {% data variables.product.prodname_custom_security_configuration %} to repositories in your organization, see [AUTOTITLE](/code-security/securing-your-organization/enabling-security-features-in-your-organization/applying-a-custom-security-configuration). {% data reusables.security-configurations.edit-configuration-next-step %} diff --git a/content/admin/managing-code-security/securing-your-enterprise/deleting-a-custom-security-configuration.md b/content/admin/managing-code-security/securing-your-enterprise/deleting-a-custom-security-configuration.md index 204fa3ac1e5e..1519913e556a 100644 --- a/content/admin/managing-code-security/securing-your-enterprise/deleting-a-custom-security-configuration.md +++ b/content/admin/managing-code-security/securing-your-enterprise/deleting-a-custom-security-configuration.md @@ -13,7 +13,7 @@ topics: ## About deleting a {% data variables.product.prodname_custom_security_configuration %} -If you no longer need a {% data variables.product.prodname_custom_security_configuration %}, you can delete that configuration to ensure it will not be applied to any repositories in the future. If you want to delete a {% data variables.product.prodname_custom_security_configuration %} because you want to change the security enablement settings in that configuration, consider editing the configuration instead. For more information, see "[AUTOTITLE](/admin/managing-code-security/securing-your-enterprise/editing-a-custom-security-configuration)." +If you no longer need a {% data variables.product.prodname_custom_security_configuration %}, you can delete that configuration to ensure it will not be applied to any repositories in the future. If you want to delete a {% data variables.product.prodname_custom_security_configuration %} because you want to change the security enablement settings in that configuration, consider editing the configuration instead. For more information, see [AUTOTITLE](/admin/managing-code-security/securing-your-enterprise/editing-a-custom-security-configuration). > [!WARNING] > Deleting a {% data variables.product.prodname_custom_security_configuration %} will detach all repositories that are linked to that configuration. The existing security settings for those repositories will be unchanged, but you must apply a different {% data variables.product.prodname_security_configuration %} or manage their security settings at the repository level to keep their settings up to date. diff --git a/content/admin/managing-code-security/securing-your-enterprise/editing-a-custom-security-configuration.md b/content/admin/managing-code-security/securing-your-enterprise/editing-a-custom-security-configuration.md index 908d536c5875..1632c7fab3ca 100644 --- a/content/admin/managing-code-security/securing-your-enterprise/editing-a-custom-security-configuration.md +++ b/content/admin/managing-code-security/securing-your-enterprise/editing-a-custom-security-configuration.md @@ -18,7 +18,7 @@ After creating and applying a {% data variables.product.prodname_custom_security {% ifversion security-configurations-cloud %} > [!NOTE] -> The {% data variables.product.prodname_github_security_configuration %} is managed by {% data variables.product.github %} and cannot be edited. If you would like to customize your security enablement settings, you need to create a {% data variables.product.prodname_custom_security_configuration %}. For more information, see "[AUTOTITLE](/admin/managing-code-security/securing-your-enterprise/creating-a-custom-security-configuration-for-your-enterprise)." +> The {% data variables.product.prodname_github_security_configuration %} is managed by {% data variables.product.github %} and cannot be edited. If you would like to customize your security enablement settings, you need to create a {% data variables.product.prodname_custom_security_configuration %}. For more information, see [AUTOTITLE](/admin/managing-code-security/securing-your-enterprise/creating-a-custom-security-configuration-for-your-enterprise). {% endif %} diff --git a/data/reusables/security-configurations/security-features-use-actions.md b/data/reusables/security-configurations/security-features-use-actions.md index 183b3099331f..4878fababbcc 100644 --- a/data/reusables/security-configurations/security-features-use-actions.md +++ b/data/reusables/security-configurations/security-features-use-actions.md @@ -1 +1 @@ ->[!NOTE] Some features enabled in {% data variables.product.prodname_security_configurations %} may require Actions minutes to work. {% data variables.product.prodname_dotcom %} will let you know if that's the case when you apply the configuration to a repository. For more information about billing for {% data variables.product.prodname_actions %}, see "[AUTOTITLE](/billing/managing-billing-for-github-actions/about-billing-for-github-actions)." +>[!NOTE] Some features enabled in {% data variables.product.prodname_security_configurations %} may require Actions minutes to work. {% data variables.product.prodname_dotcom %} will let you know if that's the case when you apply the configuration to a repository. For more information about billing for {% data variables.product.prodname_actions %}, see [AUTOTITLE](/billing/managing-billing-for-github-actions/about-billing-for-github-actions).