# Configure GitHub OAuth Configure GitHub and Spinnaker to use GitHub as an OAuth2 authenticator. ### **Prerequisites** * Ability to modify developer settings for your GitHub organization * Access to Halyard * A Spinnaker deployment with DNS and SSL configured ### **Configure GitHub OAuth in GitHub** 1. Login to GitHub and go to **Settings > Developer Settings > OAuth Apps > New OAuth App** 2. Make note of the **Client ID / Client Secret** 3. Homepage URL: This would be the URL of your Spinnaker service e.g. 4. Authorization callback URL: This is going to match your `--pre-established-redirect-uri` in halyard and the URL needs login appended to your gate endpoint. Example **or** ### **Configure GitHub OAuth in Spinnaker** {% tabs %} {% tab title="Operator" %} Add the following snippet to your `SpinnakerService` manifest under the `spec.spinnakerConfig.config.security.authn` level: ``` oauth2: enabled: true client: clientId: a08xxxxxxxxxxxxx93 clientSecret: 6xxxaxxxxxxxxxxxxxxxxxxx59 # Secret Enabled Field scope: read:org,user:email preEstablishedRedirectUri: https://gate.spinnaker.acme.com/login provider: GITHUB ``` {% endtab %} {% tab title="Halyard" %} Run the following commands in Halyard with your Client ID and Client Secret. ``` CLIENT_ID=a08xxxxxxxxxxxxx93 CLIENT_SECRET=6xxxaxxxxxxxxxxxxxxxxxxx59 PROVIDER=GITHUB hal config security authn oauth2 edit \ --client-id $CLIENT_ID \ --client-secret $CLIENT_SECRET \ --provider $PROVIDER \ --scope read:org,user:email \ --pre-established-redirect-uri "https://gate.spinnaker.acme.com/login" hal config security authn oauth2 enable ``` {% endtab %} {% endtabs %} ### Additional OAuth resources * Spinnaker: [OAuth](https://www.spinnaker.io/setup/security/authentication/oauth/) * Github: [OAuth ](https://help.github.com/en/articles/authorizing-oauth-apps)and * SSL Spinnaker: [SSL](https://www.spinnaker.io/setup/security/ssl/) --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.opsmx.com/opsmx-1/opsmx-context-engine/additional-resources/spinnaker-reference/configure-github-oauth.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.