• caglararli@hotmail.com
  • 05386281520

What’s the point of users having to authorize their SSH keys and tokens they created themselves when SAML single sign-on is enabled on GitHub?

Çağlar Arlı      -    48 Views

What’s the point of users having to authorize their SSH keys and tokens they created themselves when SAML single sign-on is enabled on GitHub?

In GitHub's Enterprise Cloud docs it says:

To use an SSH key with an organization that uses SAML single sign-on (SSO), you must first authorize the key.

I understand that organization admins could have the power to invalidate individual SSH keys and tokens, but I don't understand why the users are supposed to authorize their own SSH key and tokens. They've just added them to their account, right, so why the additional step?