Add Github login

You can add Github login to your applications using Asgardeo and enable users to log in with their Github account.

Follow this guide for instructions.

Register Asgardeo on Github

You need to register Asgardeo as an OAuth app on Github.

You can follow the Github documentation (opens new window) for detailed instructions.

1. Log in to Github (opens new window), click your profile icon, and click Settings.

2. On the left panel of the Settings page, click Developer settings.

3. Under OAuth apps, click Register a new application.

4. Give the application a name and the following URLs:

   • Homepage URL

      https://api.asgardeo.io/t/{organization_name}
     

   • Authorization callback URL

     https://api.asgardeo.io/t/<organization_name>/commonauth
     

   

5. Click Register application.

6. Generate a new client secret and take note of the Client ID and Client secret.

Register the Github IdP

Now, let's register the Github IdP in Asgardeo.

1. On the Asgardeo Console, go to Connections.

2. Click New Connections and select Github.

3. Enter the following details and click Finish:

   

   Parameter	Description
   Name	A unique name for this Github identity provider.
   Client ID	The client ID obtained from Github.
   Client secret	The client secret obtained from Github.

4. If required, you can disable JIT user provisioning.

Claim syncing for JIT-provisioned users

JIT user provisioning is enabled by default for your external identity provider. If required, you can disable JIT user provisioning.

When a user with a local Asgardeo account uses the same email address to log in through an external identity provider, Asgardeo syncs the claims from the JIT-provisioned user account and the local account.

According to the default behavior of Asgardeo, when JIT user provisioning is enabled, the user claims of the local user account are overridden by the user claims received from the external identity provider.

You can use Asgardeo's identity provider APIs to configure claim syncing between the external identity provider and the local user accounts. This gives you the flexibility to customize the claim syncing behavior according to your specific requirements.

After the Github identity provider is created, go to the Settings tab and see the list of scopes to which Github has granted permissions.

• email: Grants read access to a user's primary email address.
• public_profile: Grants read access to a user's default public profile details.

Asgardeo needs these scopes to get user information. Asgardeo checks the attribute configurations of the application and sends the relevant attributes received from Github to the app. You can read the Github Documentation (opens new window) to learn more.

Enable Github login

Before you begin

You need to register an application with Asgardeo. You can register your own application or use one of the sample applications provided.

1. On the Asgardeo Console, go to Applications.

2. Select your application, go to its Sign-in Method tab and add Github login from your preferred editor:

   Recommendations

   Asgardeo recommends adding your social and enterprise connections to the first authentication step as they are used for identifying the user.

   Using the Classic Editor

   To add Github login using the classic editor:

   1. If you haven't already defined a sign-in flow, click Start with Default configuration to get started.

   2. Click Add Authentication on the step, select your Github identity provider, and click Add.

   Using the Visual Editor

   To add Github login using the Visual Editor:

   1. Switch to the Visual Editor tab, by default the Username & Password login flow will be added onto the Visual Editor's workspace.

   2. Click on + Add Sign In Option to add a new authenticator to the same step and select your Github connection.

      

3. Click Update to save the configurations.

Try it out

Follow the steps given below.

1. Access the application URL.

2. Click Login to open the Asgardeo login page.

3. On the Asgardeo login page, Sign in with Github.

4. Log in to Github with an existing user account.

When a user successfully logs in with Github for the first time, a user account is created in the Asgardeo Console with the Github username. This new user account will be managed by Github.

Map groups with Asgardeo

Follow the steps below to map the groups attribute of your connection with Asgardeo:

1. On the Asgardeo Console, go to Connections.
2. Select your connection and go to the Groups tab.

   Note that the Groups tab is only available for enterprise and social login connections.

3. Enter the name of the connection's group attribute you wish to map to the group attribute of Asgardeo.
4. Click Update.
5. Click + New Group and enter the group name. Ensure that the name matches the configuration in the federated connection.
6. Click Finish to add the group information.

Delete a connection

Before you begin

If your connection has applications associated with it, you will not be able to delete the connection.

Before deleting such connections:

1. Check the associated applications from the Connected Apps tab of the connection.
2. Click on an application that uses the connection and you will be redirected to the Sign-in Method tab of the respective application.
3. Remove the connection from the sign-in flow of the associated applications.
4. Repeat steps 2 and 3 for all listed applications.
5. Proceed to delete the connection.

To delete a connection that does not have any applications using it:

1. On the Asgardeo Console, go to Connections.

2. Click Set up and navigate to the General tab.

3. At the bottom of the page, click the button in the Delete connection.

   You cannot delete connections that are available by default.

4. Select the checkbox and confirm your action.