GitHub Authentication Module
This authentication module lets users log in to Hub with their GitHub credentials.
Enable GitHub Authentication
To allow users with existing GitHub accounts to log in to Hub, enable the GitHub authentication module.
This procedure takes place in three steps:
- Generate a Callback URL in Hub. When you create an authentication module for GitHub, Hub generates a callback URL to use with this service. This URL identifies the source of each login request to GitHub.
- Generate a Client ID and Secret in GitHub. Every login request sent from Hub to GitHub includes a unique identifier. The ID and secret you store in the authentication module tell GitHub that each login request is authorized.
- Enable the Auth Module in Hub. When you have generated the information Hub uses to authenticate with GitHub, copy the values into Hub and enable the module.
Before you start, verify the following requirements:
- You have Create Auth Module and Update Auth Module permissions in Hub.
- You have a registered GitHub OAuth application.
Generate a Callback URL in Hub
- From the More Settings menu, select Auth Modules.
- From the Add Module drop-down list, select GitHub.
- The Auth Modules page displays the settings for a new GitHub authentication module.
- Hub generates a callback URL for you to use in GitHub.
- Copy the callback URL as instructed on the page.
- Click the link to access the New OAth Application page inGitHub.
Generate a Client ID and Secret in GitHub
- Log in to your GitHub account.
- Specify the general parameters to register a new OAuth application: Name, Homepage URL, and optional Application Description.
- In the Authorization callback URL, paste the callback URL you copied from the Auth Module page in Hub.
- Click the Register application button.
- GitHub generates the credentials you need to set up the Hub module and displays them at the top of the page.
Enable the Auth Module in Hub
- Copy the client ID from GitHub and paste it into the Client ID input field in Hub.
- Copy the client secret from GitHub and paste it into the Client Secret input field in Hub.
- Configure the optional settings for the authentication module. For more information, see Settings.
- Click the Enable module button.
- The GitHub authentication module is enabled.
- The icon stored in the Button Image setting is added to the login dialog window. Users can click this icon to authenticate with their GitHub accounts.
|Type||Displays the name of the application or service that is enabled for third-party authentication in Hub.|
|Name||Stores the name of the authentication module. Use this setting to distinguish this module from other authentication modules in the Auth Modules list.|
|Authentication||Displays the current status of the module. This status indicates whether the module is currently enabled or disabled.|
|Audit||Links to the Audit Events page in Hub. There, you can view a list of changes that were applied to this authentication module.|
|Server URL||Displays the URL of the server to which Hub sends a login request when a user logs in with a GitHub account.|
The information displayed below this field helps you configure the authentication module.
|Client ID||Stores the identifier GitHub uses to validate a login request. You generate this value in GitHub when you configure the authorization settings for an application and enter a callback URL.|
|Client Secret||Stores the secret or password used to validate the client ID. You generate this value in GitHub together with the client ID.|
|Button Image||Displays the image used for the button that a user clicks to log in to Hub with a GitHub account.|
|Create Users||Enables creation of Hub accounts for unregistered users who log in with a GitHub account. Hub uses the email address to determine whether the user has an existing account.|
|Auto-join Groups||Adds users to a group when they log in with their GitHub accounts. You can select one or more groups.
New users that auto-join a group inherit all of the permissions assigned to this group. |
We recommend that you add users to at least one group. Otherwise, a new user is only granted the permissions that are currently assigned to the All Users group.