Can an organisation (that uses SSO) set a repository to be viewable only after a user sign in to the organisation using its SSO? what about outside collaborators?
For the GitHub.com Enterprise Cloud product, each staff member needs to have their own individual GitHub.com login. Their personal GitHub.com login is then linked to an identity in your IdP the first time they access the Organization on GitHub.com. The individual account itself however remains with the user even after they leave your organization, although their access to your private repositories is then disabled.
As the GitHub login belongs to the individual, there is no way to prevent them from accessing other resources hosted on GitHub.com.
Alternatively identity integration via SAML, LDAP, or CAS is also available in our self-hosted GitHub Enterprise Server product. GitHub Enterprise Server is a standalone platform which only hosts your own users and repositories. It must be deployed either to your own virtualisation infrastructure, or a supported cloud hosting provider.
This is helpful. Thanks!