GitHub Authentication using GitHub Apps (CodeScan)

This integration has recently switched from using OAuth 2.0 to GitHub Apps.

If you are currently using the OAuth version of this integration, you do not have to change anything. AutoRABIT will continue to support all current projects of this type. However, all future connections must be made with the GitHub Apps flow below.

Connecting AutoRABIT (CodeScan) to GitHub Enterprise requires a secure handshake based on the GitHub Apps Framework.

Applies To

GitHub Enterprise Server (self-managed) deployments; not applicable to GitHub.

Generate Client ID and Client Secret

Log in to your GitHub Enterprise Server with an admin account.
To create a GitHub App, copy the URL below. https://your_ghes_hostname/settings/apps/new?name=codescan-enterprise-app&description=GitHub%20App%20for%20CodeScan%20integration&url=https://autorabit.com&callback_urls[]=https://YOUR_PUBLIC_BASE/_codescan/oauth2/authorize&request_oauth_on_install=true&public=true&contents=read&metadata=read&statuses=write&pull_requests=read&repository_hooks=write&setup_on_update=true&webhook_active=false
Edit the URL by replacing the following placeholders:
- YOUR_GHES_HOSTNAME → Your GitHub Enterprise Server URL (Example: github.company.com)
- YOUR_PUBLIC_BASE → URL of the CodeScan instance (Example: app.codescan.io)
NOTE: App name must remain exactly: codescan-enterprise-app (do not modify this).
Paste the URL into your browser.
Keep the app public by enabling Any Account.
Click Create GitHub App
After creation, copy the App ID, Client ID and Client Secret, and use our ALM Configuration Article to complete your setup.

PreviousEnterprise Git Connections NextGitLab Authentication using OAuth (CodeScan)

Last updated 8 days ago

Was this helpful?