Configure GitHub to Use Azure Active Directory (Azure AD) for Authentication

B

When you connect to a Git repository from your Git client for the first time, the credential manager prompts for credentials. Provide your Microsoft account or Azure

AD credentials.

Note: Git Credential Managers simplify authentication with your Azure Repos Git repositories. Credential managers let you use the same credentials that you use for the Azure DevOps Services web portal. Credential managers support multi-factor authentication through Microsoft account or Azure Active Directory (Azure

AD). Besides supporting multi-factor authentication with Azure Repos, credential managers also support two-factor authentication with GitHub repositories.

To configure GitHub to use Azure Active Directory (Azure AD) for authentication, the first step is to register GitHub in Azure AD.

Answer: B. Register GitHub in Azure AD.

Here's a detailed explanation of the steps you can follow to register GitHub in Azure AD:

1. Sign in to the Azure portal using an account that has the global administrator or owner role in Azure AD.

2. Select Azure Active Directory from the left-hand navigation menu.

3. Click on the App registrations tab and then click on the New registration button.

4. In the Register an application page, provide a name for the application, choose the option 'Accounts in any organizational directory (Any Azure AD directory - Multitenant) and personal Microsoft accounts (e.g. Skype, Xbox)' for Supported account types, and enter the following Redirect URI: https://github.com/login/oauth/authorize.

5. Click on the Register button to complete the registration process.

6. Once the registration is complete, you will be redirected to the application's Overview page. Copy the Application (client) ID and Directory (tenant) ID values. You will need these values to configure GitHub to use Azure AD for authentication.

7. Next, you need to create a client secret that will be used by GitHub to authenticate with Azure AD. Click on the Certificates & secrets tab and then click on the New client secret button.

8. In the Add a client secret dialog box, provide a description for the secret and select an expiration date.

9. Click on the Add button to create the client secret. Note down the value of the client secret. You will need this value to configure GitHub to use Azure AD for authentication.

10. Finally, you need to configure the GitHub application to use Azure AD for authentication. To do this, go to your GitHub organization's settings and select the OAuth Apps tab.

11. Click on the Register a new application button and provide the following details:

• Application name: The name of your application
• Homepage URL: The URL of your application
• Authorization callback URL: https://login.microsoftonline.com/common/oauth2/nativeclient

12. Click on the Register application button to create the application. Once the application is created, copy the Client ID and Client Secret values.

13. Go back to the Azure portal and select the application that you registered earlier.

14. Click on the API permissions tab and then click on the Add a permission button.

15. In the Add a permission dialog box, select the Microsoft Graph API and then select the Application permissions option.

16. Select the following permissions:

• User.Read.All
• User.ReadWrite.All

17. Click on the Add permissions button to add the permissions to the application.

18. Next, click on the Grant admin consent for [your tenant name] button to grant the permissions to the application.

19. Finally, go back to the GitHub organization settings and enter the Client ID and Client Secret values that you copied earlier.

Once you have completed these steps, GitHub will be configured to use Azure AD for authentication. Users will be prompted to authenticate with their Azure AD credentials when they sign in to GitHub.