Home ci 17. security: Directory Sync

17. security: Directory Sync

Last updated on Aug 05, 2025

Directory Sync

Directory Sync is a feature available on Epycbyte's Enterprise plans, designed to help teams manage organization membership from third-party identity providers like Google Directory or Okta. Similar to SAML Single Sign-On, Directory Sync is only accessible to Team Owners and requires configuration by the team owner.

Compliance Measures

  • Shared Responsibility: Ensure that at least one team member retains the owner role to avoid account lockout.
  • Firewall Access Control: Implement appropriate firewall rules to secure access to sensitive data.
  • SAML SSO/HTTPS/SSL: Enable SAML Single Sign-On and ensure HTTPS/SSL for secure communication.

Directory Sync Overview

Directory Sync automatically synchronizes changes from your directory provider (e.g., Okta) with your Epycbyte Team. This includes:

  • Adding new users: Automatically sends invitations to join the team.
  • Removing users: Automatically revokes access from the team.
  • Role mapping: Configures roles based on groups from your directory provider (e.g., Engineers as Members, Admins as Owners).

Configuration Steps

  1. Scope Selection: Ensure your team is selected in the scope selector.
  2. Access Settings: Navigate to the Settings tab under Security & Privacy.
  3. SAML Configuration: Select Configure under SAML Single Sign-On to start the setup process.
  4. Role Mapping: Map directory groups to Epycbyte roles (e.g., Okta Admins as Owners, Engineers as Members).
  5. Confirmation: Review the changes and click Confirm and Sync to finalize the configuration.

Preventing Account Lockout

  • Maintain at least one owner role within your team.
  • Use predefined group names for automatic role allocation:
    • epycbyte-role-owner: Owner
    • epycbyte-role-member: Member
    • epycbyte-role-developer: Developer
    • epycbyte-role-billing: Billing
    • epycbyte-role-viewer: Viewer
    • epycbyte-role-contributor: Contributor

Supported Providers

  • Okta
  • Google Directory
  • Other supported SAML providers (refer to SAML Single Sign-On documentation)

Conclusion

Configuring Directory Sync ensures seamless team management while maintaining security and compliance. For assistance, contact Epycbyte's sales team.