From 097ecdfa3b0a3c6142b3c2b64d6b895e390f7b8b Mon Sep 17 00:00:00 2001 From: Vanessa Date: Tue, 18 Feb 2025 13:35:58 +1000 Subject: [PATCH] [Improvement]: Updating "Blocking a user in the organization settings" article to reflect the expected behavior when SAML SSO is applicable (#54430) --- .../blocking-a-user-from-your-organization.md | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/content/communities/maintaining-your-safety-on-github/blocking-a-user-from-your-organization.md b/content/communities/maintaining-your-safety-on-github/blocking-a-user-from-your-organization.md index 283e600b57da..5f2563b95ae0 100644 --- a/content/communities/maintaining-your-safety-on-github/blocking-a-user-from-your-organization.md +++ b/content/communities/maintaining-your-safety-on-github/blocking-a-user-from-your-organization.md @@ -51,6 +51,15 @@ In your organization's repositories, blocked users also cannot: ## Blocking a user in the organization settings +{% ifversion ghec %} + +> [!WARNING] +> To completely block a user when your enterprise or organization enforces SAML single sign-on (SSO) through an identity provider (IdP), in addition to blocking the user on {% data variables.product.github %}, you should also **remove the user's assignment to the {% data variables.product.github %} application in your IdP**. +> +> Not revoking access in your IdP configuration means the user could potentially regain access to the enterprise or organization via SSO. + +{% endif %} + 1. To block an organization member, first [remove the user](/organizations/managing-membership-in-your-organization/removing-a-member-from-your-organization) from the organization. {% data reusables.profile.access_org %}