You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: docs/guides/modules/orchestrate/pages/github-trigger-event-options.adoc
+5-4Lines changed: 5 additions & 4 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -97,10 +97,6 @@ All pipelines triggered by link:https://docs.github.com/en/webhooks/webhook-even
97
97
+
98
98
**Usage example**: To trigger a pipeline on _PR opened or pushed to, default branch and tag pushes_, but ensure that it never runs if the event is associated with a PR that is marked as draft, use the following filter.
99
99
+
100
-
** The condition `pipeline.event.github.pull_request.draft == false` excludes draft PRs from triggering the workflow.
101
-
** `pipeline.event.name == "api"` ensures that the workflow runs when triggered manually via the web app or API.
102
-
** `pipeline.event.name == "push"` ensures that the workflow runs when triggered via push to the default branch.
103
-
+
104
100
[,yaml]
105
101
----
106
102
workflows:
@@ -109,6 +105,11 @@ workflows:
109
105
jobs:
110
106
- myjob
111
107
----
108
+
+
109
+
** The condition `pipeline.event.github.pull_request.draft == false` excludes draft PRs from triggering the workflow.
110
+
** `pipeline.event.name == "api"` ensures that the workflow runs when triggered manually via the web app or API.
111
+
** `pipeline.event.name == "push"` ensures that the workflow runs when triggered via push to the default branch.
112
+
112
113
113
114
* `pipeline.event.github.pull_request.title`: the title of the pull request.
114
115
* `pipeline.event.github.pull_request.number`: the numeric identifier of the pull request.
Copy file name to clipboardExpand all lines: docs/guides/modules/permissions-authentication/pages/sso-overview.adoc
+19-6Lines changed: 19 additions & 6 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -32,7 +32,25 @@ Using SSO for authentication can result in improved security and user experience
32
32
* Adding and deleting users.
33
33
* Managing user permissions.
34
34
35
-
**For a member of an organization using SSO for authentication:** The process of authentication to access applications is simplified. Rather than authenticating separately for each application, SAML SSO enables the user to confirm their identity _once_ with an IdP and that authentication is communicated to the applications (such as CircleCI) that the user has access to. The user may then access these applications for the duration of their session.
35
+
**For a member of an organization using SSO for authentication:** The process of authentication to access applications is simplified. Rather than authenticating separately for each application, SAML SSO enables the user to confirm their identity _once_ with an IdP. This authentication is then communicated to all applications (such as CircleCI) that the user has access to. The user may then access these applications for the duration of their session.
36
+
37
+
== Personal API tokens with SSO
38
+
39
+
When your organization uses SSO, Personal API tokens require SSO authentication to access your organization's resources.
40
+
41
+
To use Personal API tokens with SSO-protected resources:
42
+
43
+
. Go to the link:https://app.circleci.com/home/[CircleCI web app].
44
+
. Select your profile from the upper right corner, then select menu:User Settings[].
45
+
. Select menu:Personal API Tokens[] from the sidebar.
46
+
. For each token you want to use with your SSO-enabled organization, select the organization from the dropdown in the SSO column.
47
+
. Once you select an organization, the token becomes SSO-authenticated and can access your organization's resources.
48
+
49
+
**Important notes:**
50
+
51
+
* The SSO authentication option for tokens is only available when you are actively signed in via SSO.
52
+
* SSO authentication is only required for tokens you intend to use with SSO-enabled organization resources.
53
+
* Tokens without SSO authentication still work with non-SSO protected resources.
36
54
37
55
[#prerequisites-and-limitations]
38
56
== Limitations
@@ -42,11 +60,6 @@ SSO for CircleCI currently has the following limitations:
42
60
* SSO requires all users to log into CircleCI either with an email and password or using social logins like GitHub, Bitbucket prior to the SSO login. The email used to log in to CircleCI does *not* need to match the email used to authenticate with the IdP.
43
61
* CircleCI supports SSO using one domain per organization.
44
62
* When the user logs in using social logins like GitHub or Bitbucket, then they need to authorize SSO in the VCS org along with SSO setup in CircleCI.
45
-
* Personal API tokens will not work against your organization after SSO is enabled. As a result **the following features are unavailable when using SSO**:
46
-
** The CircleCI VS Code plugin will **not** work against your organization after SSO is enabled.
47
-
** The CircleCI CLI will **not** work against your organization after SSO is enabled.
48
-
** API v2 endpoints will **not** be accessible for your organization after SSO is enabled.
49
-
** Config policies will **not** be usable/enforcable for your organization after SSO is enabled.
0 commit comments