Getting asked to sign-in using SSO even after leaving the organisation

[fourpointfour]

Select Topic Area

Question

Body

Hi folks,

I was a part of an organisation before and have forked a few public repositories from there, I had the Okta SSO enabled so whenever I used to open a PR or commit in those repositories, I needed to authenticate using SSO.

Now I have left the organisation but when I open the pull requests tab for any of those public repositories, I am still being asked to authenticate using SSO, which I cannot do because I do not have any access to my previous organisation's SSO tool. Funny enough, I can copy the link and open the link in an incognito window properly where my GitHub account is not logged in so the issue is definitely connected somewhere with my account.

My question is, how do I resolve this? I am no longer a part of the organisation and I do not have any links with it now and yet somewhere, some connections seems to be active.

For example, I can open yugabyte/debezium#184 without logging to my account, but when I am logged in, I am being asked to authenticate. What could I be missing here?

[yoter-k]

This happens because your GitHub account still has an active SSO link to your old organization.
Go to Settings → Organizations and remove or “Leave” that org, then in Settings → Applications → Authorized OAuth Apps, revoke any Okta or org-related access.
After signing out and back in, the SSO prompt will disappear ✅

[fourpointfour]

I did all this and I am still getting the prompt and I am not sure why. The only link I see now is that I am an Unaffiliated Member of an Enterprise by the name of my old company.

I do want to remove that as well but there seems to be no option.

[github-actions[bot]]

🕒 Discussion Activity Reminder 🕒

This Discussion has been labeled as dormant by an automated system for having no activity in the last 60 days. Please consider one the following actions:

1️⃣ Close as Out of Date: If the topic is no longer relevant, close the Discussion as out of date at the bottom of the page.

2️⃣ Provide More Information: Share additional details or context — or let the community know if you've found a solution on your own.

3️⃣ Mark a Reply as Answer: If your question has been answered by a reply, mark the most helpful reply as the solution.

Note: This dormant notification will only apply to Discussions with the Question label. To learn more, see our recent announcement.

Thank you for helping bring this Discussion to a resolution! 💬

[fourpointfour]

I tried everything mentioned in the comments above but the issue still persists.

[ZacharyWallace]

I am running into a similar issue where I am the owner of an Enterprise that is setup with SSO and in order to manage the enterprise to remove myself I would need to have access to SSO system (Okta) which I no longer have.

I have already successfully removed myself from the organization, but cannot do anything to remove the enterprise from my account. How can I rectify this?

[dlavrenuek]

Had the same problem. I've found out that I still had the org added through Settings -> Enterprises. After "leaving" it from that page there is no more SSO prompt

[ZacharyWallace]

How did you "leave" it from that page? The only button I have is "settings" which begins the SSO loop. Perhaps the behavior is different for enterprise owners, which causes this entire issue?

[ZacharyWallace]

[eshandineth]

The Fix

Go to your GitHub Settings.

Click Organizations (in the left sidebar).

Find your previous employer and click Leave.

The Reason Your account is still listed as a "member," which forces GitHub to check for SSO. Leaving the organization downgrades you to a "public user," allowing you to view the public repos without logging in to Okta.

[ZacharyWallace]

This does not work as expected. The organization does not show under "Organizations" because I already left it. It only shows under "Enterprises", where it lists me as an "Owner" and has a "settings" button that when clicked begins the SSO loop.

[eshandineth]

This is a known "deadlock" scenario on GitHub.

Because you are listed as an Enterprise Owner (a higher tier than Organization Member), GitHub requires you to access the Enterprise Settings to remove yourself. However, accessing those settings triggers the SSO check, which you cannot pass.

Here is the structured solution to break the loop:

1. The "Hidden" Link Method (Try this first)
   Sometimes you can bypass the main dashboard redirect by going directly to the "People" tab of the enterprise to remove yourself.

Copy your Enterprise slug (the name as it appears in the URL, e.g., github.com/enterprises/company-name).

Try navigating directly to: https://github.com/enterprises//people

If this page loads without SSO, find your username and select Remove from enterprise.

2. The Support Ticket (Most Likely Required)
   If the link above also triggers the SSO loop, you cannot remove yourself manually. You are effectively locked out of the admin panel required to downgrade your status.

Action: Open a ticket with GitHub Support.

What to say:

"I am listed as an Owner of the enterprise account [Name/Slug], but I have left the company and no longer have SSO access. I am stuck in an SSO loop and cannot access the Enterprise Settings to remove myself. Please remove my account from this Enterprise."

3. Check for Recovery Codes
   If you were the original creator of the Enterprise account, you might have downloaded Recovery Codes when you set up SAML.

If you have them, when the SSO prompt appears, look for a link that says "Use a recovery code". This will bypass the SSO and let you access settings to remove yourself.

[ZacharyWallace]

The hidden links just inject me directly into the SSO loop, which for security reasons is what I would expect. I do not have the recovery codes for the enterprise. I have submitted a ticket, so will see what support has to say.