Article Intended For
Penn State faculty and staff using the Penn State GitHub Service and is interested in using a service account in the Penn State GitHub Service.
Introduction
Service accounts in GitHub are essential for automating tasks like CI/CD pipelines and integrations while ensuring security and compliance. Unlike personal accounts, they provide clear audit trails and reduce risks tied to individual access.
This article outlines the step-by-step process for creating and configuring a service account in Penn State’s GitHub organization. Only an Organization Owner and Penn State's GitHub Service Administrator can complete these steps.
How to add a service account to Penn State GitHub
Step 1: Organization Owner – Create the Service Account in IIQ
- Follow KB0016055 to create a new service account in IIQ.
- Service Account Name Prefix: Use "GitHub" as the prefix.
- Record the following details:
- UserID
- Display Name
- Send the UserID and Display Name to the Penn State's GitHub Service Administrator at github-support@psu.edu
Step 2: GitHub Service Administrator – Add the Service Account to the GitHub Users UMG
- Penn State's GitHub Support will add the service account to the appropriate group.
- Wait approximately 30 minutes for the account to propagate into Microsoft Entra ID.
- They will notify the organization owner when then can proceed to Step 3
Step 3: Organization Owner – Create a GitHub Account for the Service Account
- Open a private browser window and go to GitHub Sign Up.
- Register a new account with an email address that is not already associated with GitHub.
- ⚠️ Do not use the service account’s email address, as it does not have email access.
- Tip: Use plus addressing to create a unique email alias (e.g., zxy23+service@psu.edu).
- Choose a username that is easy to remember and search for.
- Complete any verification puzzles.
- Enter the confirmation code sent to the provided email address to verify the account (It might be in your junk folder).
Step 4: Organization Owner – Invite the GitHub Account to the Organization
- In a new browser window, log into GitHub with an organization owner account.
- Navigate to the organization settings and invite the newly created GitHub service account using its GitHub username.
Step 5: Newly Created GitHub Account – Accept the Invitation
- Make sure you are on the VPN for this section.
- Open a private browser window and log in to the newly created GitHub service account.
- Click on your profile picture in the upper-right corner and select "Your Organizations".
- Accept the invitation to join the organization.
- Click on the “Authenticate to join” button
- Authenticate with your service account
- Username: <UserID>@psu.edu
- Password: <service account password>
Once the invitation is accepted, the service account is now a member of the Penn State GitHub organization.
How to add a service account to a repository
Follow this KB article on how to add the service account:
Additional Links
- Signing up for Penn State's GitHub Service
- Penn State GitHub Frequently Asked Questions
- Penn State Github - Creating and managing teams in GitHub
- Alternate User IDs