The definition of service accounts differ, but for the purposs of this document, a service account is any account that is not linked to a human. These are often used for automation tasks and the like.

GitHub handle single sign on (SSO) differently than most other providers, as such service accounts take a little bit of extra work to get running.

Prequisites

  1. A service account associated with the campus that controls the GitHub organization you wish to use as well as the associated password for that service account. As an example, for the Boulder campus to use the UCBoulder organization, you would need a service account in Boulder’s identity provider.

Creating a Service Account in GitHub

  1. Create a GitHub account.
  2. Once logged into your new GitHub account, single sign on to the GitHub organization you wish to use using the service account you already had for your campus (note, the account names of your GitHub service account and your campus service account do not have to be identical). The two accounts are now associated.
  3. Still signed in to GitHub with the service account, create a personal access token, SSH key, OAuth app or whatever you need.
  4. Ensure that the personal access token, SSH key are authorized with your campus’ organization.

The GitHub service account should now have access to the organization you need and be configured for automation via a personal access token, an SSH key, or the like.