GitHub
Set up GitHub as a social login provider in SecureAuth Connect so users can sign in with their GitHub account.
Register GitHub as a provider
-
In your workspace, go to Authentication > Providers.
-
Click Create Connection.
-
Filter by Social Providers and select GitHub.
-
Choose a registration mode:
Mode Description Embedded Uses a client application registered by SecureAuth. No developer portal registration required. Bring your Own Uses a client application registered by your organization. Requires registering an OAuth application in your GitHub developer settings to obtain a Client ID and Client Secret. 
Configuration
| Setting | Description |
|---|---|
| Name | Display name for this provider. Default: GitHub. |
| Display order | Controls the position of this provider on the sign-in page. Default: 0. |
Use Try Sign-in to test the GitHub sign-in flow. Use Delete Identity to remove this provider.
Attributes
GitHub returns the following attributes after authentication:
| Connector name | Friendly name | Data type | Scope |
|---|---|---|---|
login | Login | String | GitHub Authenticated User Data |
id | ID | Number | GitHub Authenticated User Data |
site_admin | Site admin | Boolean | GitHub Authenticated User Data |
name | Name | String | GitHub Authenticated User Data |
company | Company | String | GitHub Authenticated User Data |
email | String | GitHub Authenticated User Data | |
first_name | First name | String | GitHub Authenticated User Data |
last_name | Last name | String | GitHub Authenticated User Data |
groups | Groups | List of strings | Custom |
GitHub returns more attributes than most social providers, including login (GitHub username), company, site_admin (whether the user is a GitHub site administrator), and groups (organization or team memberships).
To add custom attributes, click + Add attribute.
Mappings
Default attribute mappings from GitHub to the SecureAuth authentication context:
| Source | GitHub source name | SecureAuth target name |
|---|---|---|
| GitHub Authenticated User Data | Name | Name |
| GitHub Authenticated User Data | ||
| GitHub Authenticated User Data | First name | Given name |
| GitHub Authenticated User Data | Last name | Family name |
| Custom | Groups | List of groups that user belongs to |
To customize, click + Add mapping or + Add static mapping.
Provisioning
Provisioning controls what happens when a user authenticates through GitHub.
Disabled
Users are not persisted in the user store. Authentication succeeds but no user record is created.
Just-in-Time Provisioning
Users are persisted in the user store on first login.
Identifier Correlation
Maps the incoming GitHub identity to an existing user. Default: GitHub Email ↔ Users Email.
Attribute Provisioning
Maps GitHub attributes to user profile fields. Defaults:
Email→EmailGiven name→First nameFamily name→Last name
Pre provisioning mode
Users must already exist in the user store before they can authenticate. New users are not auto-created at login; they must be added via an offline process.
Authentication flow control
Select what happens when no matching user is found:
- Deny – Terminate the authentication flow.
- Allow – Proceed with the authentication flow.
Identifier Correlation
Maps the incoming GitHub identity to an existing user. Default: GitHub Email ↔ Users Email.
Attribute Provisioning
Maps GitHub attributes to user profile fields. Defaults:
Email→EmailGiven name→First nameFamily name→Last name
Extensions
| Extension | Description |
|---|---|
| Post Authentication script | A server-side script that runs after GitHub authentication completes. Click Manage Script to configure. |
| Post Authentication application | A custom application that receives a callback after GitHub authentication completes. Click Manage Custom App to configure. |