JetBrains Space Help

GitHub Auth Module

GitHub authentication module allows users to log in to Space with their GitHub account credentials: username and password.

Enable GitHub authentication

The setup is performed in three steps, on both Space and GitHub sides:

  1. Get a callback URL from Space. This URL is generated by Space to identify the source of each login request to GitHub.

  2. Using the callback URL, generate a Client ID and Secret on GitHub. Every login request sent from Space to GitHub includes a unique identifier. The ID and secret you store in the authentication module tell GitHub that each login request is authorized.

  3. Provide the Client ID and Secret to Space and enable the Auth Module. When you have generated the Client ID and Secret on GitHub, provide these values to Space and enable the GitHub Auth Module.

Get a callback URL from the GitHub Auth Module in Space:

  1. Log in to Space as a System Administrator.

  2. On the navigation bar, click administration.png Administration and choose Auth Modules.

  3. Click New auth module. The New Auth Module dialog opens.

  4. From the Type drop-down list, select GitHub.

  5. Copy the callback URL that is displayed on the form under the Client ID field.

  6. Click the link to access the Register a new OAuth application page on GitHub (It will open in a new browser tab).

  7. Log in to your GitHub account (if not already). The Register a new OAuth application page will open.

Generate a Client ID and Secret on GitHub

  1. On the GitHub Register a new OAuth application page, specify the general parameters to register a new OAuth application:

    • Application name (Space)

    • Homepage URL (The entry page of your organizaton in Space)

    • Application description (Optional)

  2. In the Authorization callback URL field, paste the callback URL you copied from the GitHub Auth Module page in Space.

  3. Click the Register application button.

    • GitHub generates the credentials (client ID and secret) you need and displays them in a pop-up window.

Provide the credentials and enable the GitHub Auth Module in Space

  1. Copy the client ID from GitHub and paste it into the Client ID input field on the GitHub Auth Module form in Space.

  2. Copy the client secret from GitHub and paste it into the Client Secret input field on the GitHub Auth Module form in Space.

  3. Configure the optional settings for the authentication module.

  4. Switch the module status to Active.

    • The GitHub authentication module is enabled.

    • The GitHub icon is added to the login dialog window. Users can click this icon to authenticate and log in to Space with their GitHub credentials.

GitHub authentication settings

Setting Description
Type Name of the application or service that handles third-party authentication..
Status Choose Active to enable the module.
Key A unique identifier of the module. Keep the default key or specify a new one.
Name A human-readable name to distinguish this module from other authentication modules in the Auth Modules list. Keep the default name or enter a new one.
Server URL The URL of the server (GitHub or GitHub Enterprise) to which Space sends a login request for authentication when a user logs in with GitHub credentials.
Client ID Stores the identifier GitHub uses to validate a login request. This value is generated in the GitHub API Manager when you configure the authorization settings for a web application and enter the redirect URI copied from Space.
Client Secret Stores the secret or password used to validate the client ID. This value is generated in the GitHub API Manager along with the client ID.
User registration

On— Accounts in the Space organization will be created automatically for unregistered users who log in using GitHub authentication module.

Off— GitHub logins will be only available to users who already have an account in the Space organization.

Restrict authentication to users from the specified GitHub organizations

When selected, only the users from GitHub organizations you specified will be able to log in.

Enter a comma-separated list of allowed organizations. If not selected, any user with a GitHub account can log in using this auth module.

Last modified: 15 December 2020