search
githubEdit

OAuth Support for GitHub

hashtag
Register a GitHub Repository in ARM Using OAuth

hashtag
Overview

GitHub OAuth allows ARM to securely connect to GitHub repositories without using Personal Access Tokens (PATs). This method improves security by allowing scoped access and managed authentication through GitHub.

hashtag
Prerequisites

Before registering a repository in ARM, configure one of the following applications in GitHub.

hashtag
Option 1 — GitHub OAuth App

  1. Go to:

GitHub → Settings → Developer Settings → OAuth Apps → New OAuth App

  1. Enter the following details:

  • Application Name

  • Homepage URL Example: https://na15.autorabit.com/

  • Authorization Callback URL (Provided by ARM during repository registration)

  1. Click Register Application.

  2. After the application is created, copy:

  • Client ID

  • Client Secret (generate a new client secret if required)

hashtag
Option 2 — GitHub App (Recommended)

GitHub Apps are recommended for automation and integrations.

  1. Navigate to:

  1. Provide the following details:

  • Application Name

  • Homepage URL Example: https://na15.autorabit.com/

  • Authorization Callback URL (Provided by ARM)

  1. Enable:

  • Expire user authorization tokens

  1. Configure Repository Permissions:

Permission
Access

Contents

Read and Write

Pull Requests

Read and Write

  1. After creating the app:

  • Click Install App

  • Select your GitHub organization

  • Complete the installation

  1. Copy the following values:

  • Client ID

  • Client Secret

hashtag
Register a Repository in ARM Using OAuth

hashtag
Step 1 — Open Repository Registration

  1. Log in to ARM.

  2. Navigate to Repository Registration.

  3. Click Add Repository.

hashtag
Step 2 — Select Git Provider

In the repository configuration form:

Select:

ARM displays the available connection options.

hashtag
Step 3 — Select OAuth Connection

Choose:

The OAuth configuration section appears.

hashtag
Step 4 — Enter OAuth Configuration

Provide the following details:

Field
Description

Client ID

GitHub application client identifier

Client Secret

GitHub application client secret

OAuth URL

Auto-generated authorization URL

The OAuth URL is generated automatically and cannot be edited.

hashtag
Step 5 — Validate Configuration

Click Validate to verify the configuration and retrieve the repository default branch.

ARM validates:

  • Client ID

  • Client Secret

If a value is missing, validation messages appear.

Example:

hashtag
Step 6 — Authorize GitHub Access

After validation, ARM redirects you to the GitHub authorization page.

  1. Review the requested permissions.

  2. Click Authorize.

GitHub then redirects you back to ARM.

hashtag
Registration Confirmation

After authorization, ARM completes the repository connection.

The repository details are displayed:

Field
Value

Repository Name

Selected repository

Git Type

GitHub

Connection Type

OAuth

Connection Status

Connected

A confirmation message indicates that the repository has been successfully registered.

hashtag
Note

GitHub supports two integration methods: OAuth Apps Or GitHub Apps.

  • GitHub OAuth App The application accesses GitHub on behalf of a user. Permissions are granted using broader scopes such as repo or user.

  • GitHub App The application accesses GitHub as an application and uses fine-grained permissions that can be limited to specific repositories.

Key Difference: OAuth Apps access GitHub as a user, while GitHub Apps access GitHub as an application with controlled repository permissions, making them more secure for integrations and automation.

PreviousGIT TagNextSVN

Last updated

Was this helpful?