| AccessGuard — IAM with JWT, MFA, RBAC & SSO (SAML/OIDC)…

AccessGuard — IAM with JWT, MFA, RBAC & SSO (SAML/OIDC) | Velaxe

AccessGuard

GitHub — Integration

Developer-friendly OIDC sign-in using GitHub identities, with org/team-based role mapping and optional domain restrictions.

View App All Integrations

Overview

Developer-friendly OIDC sign-in using GitHub identities, with org/team-based role mapping and optional domain restrictions.

Capabilities

OIDC login with GitHub accounts
Org/team membership → role mapping
Optional domain or org allowlists
Short-lived tokens and automatic JWKS rotation

Setup Steps (5)

1

Step 1

Create an OAuth App in GitHub (or use GitHub Apps with OIDC) and record Client ID/Secret.

Back to top
2

Step 2

In AccessGuard → Settings → SSO, add **GitHub** and paste credentials.

Back to top
3

Step 3

Configure team/org-to-role mapping (e.g., team: platform-admins → role: admin).

Back to top
4

Step 4

Optionally restrict to specific organizations.

Back to top
5

Step 5

Save and test sign-in from a user in the allowed org/team.

Back to top

Limitations

Team membership queries may require org admin consent or specific API scopes.
Personal accounts outside allowed orgs will be blocked by policy.

FAQs

Do you support GitHub Enterprise Server?

Yes. Provide the enterprise hostname as the OIDC issuer/authorize base.

Can we map multiple teams to one role?

Yes, add multiple mapping rules targeting the same role.

Is MFA required?

Enforce at GitHub org level and optionally require AccessGuard MFA for local fallback accounts.

Pricing

Free

Free

Great for trying the integration.

Pro

USD 9.99 / monthly

Enterprise

USD 49.99 / monthly