You can invite by email addr, so the workaround here is only invite corporate email addresses.

If the target user hasn't added their corp email to their profile then they can't be part of the org.

This can be vulnerable to "ticket trick" - often support/helpdesk sites are put on the main domain and have reply-to email addresses that will reflect the content back to the user requesting support. This can be used to sign up for slack, etc.

This is what I do but I really wish there was a better integration with auth providers and could use it for the invite. Would be nice to search my directory to type the email and confirm the name matches the email.

This is what GitLab does with their hosted AD/LDAP connector.

I’m in fear of mistyping something and inviting the wrong person.

So never type an email address in at all. Go to an extent email message, copy the bloke's email address, then paste it into the Github interface.

> Note: the invite input box actually autocompletes ALL github usernames.

I'm sorry, but that's wild. That's like, not even an easy engineering problem to solve necessarily, given their size!

It blew my mind after upgrading to enterprise that was still how it worked.

Sorry, but string prefix search over a few hundred million entries is something you can do with the same performance using just postgres on a single server with just a few hours of dev time.

I've done it before, it's not as impressive as it seems.

With trigrams you can even do precise substring search on this scale with good performance.

If you'd like, I can build a small demo.

Lol no thanks, once you hit the server I’m good, it’s more about the UI for me.

Not really. They only have 83-90 million users. That's not really a big table, at least in my world...

In my world 20 is a lot because finding customers is hard... :(

Org can be configured with SSO which would require Org members to login with your Co auth in order to access the Org.

Though it would still allow "collaborators" which don't have SSO requirement.