Corsair
PluginsGitHub

Get Credentials

Step-by-step instructions for obtaining GitHub credentials

This guide walks you through obtaining all required credentials for the GitHub plugin.

Authentication Methods

The GitHub plugin supports both API key (Personal Access Token) and OAuth 2.0 authentication methods.

  • api_key - Personal Access Token authentication
  • oauth_2 - OAuth App authentication

API Key Authentication (Personal Access Token)

Step 1: Create Personal Access Token

  1. Go to GitHub Settings → Developer settings → Personal access tokens → Tokens (classic)
  2. Click Generate new tokenGenerate new token (classic)
  3. Give your token a descriptive name
  4. Set an expiration (or select "No expiration" for long-lived tokens)
  5. Select the required scopes:
    • repo - Full control of private repositories
    • read:org - Read org and team membership
    • read:user - Read user profile data
    • workflow - Update GitHub Action workflows
    • Add any other scopes your application needs
  6. Click Generate token
  7. Important: Copy the token immediately - you won't be able to see it again
  8. Store the token securely

Storing Credentials:

Store the token with the Corsair CLI:

pnpm corsair setup --github api_key=your-personal-access-token

Verify it was saved:

pnpm corsair auth --plugin=github --credentials

OAuth 2.0 Authentication

Step 1: Register OAuth App

  1. Go to GitHub Settings → Developer settings → OAuth Apps
  2. Click New OAuth App
  3. Fill in the application details:
    • Application name: Your app name
    • Homepage URL: Your application URL
    • Authorization callback URL: Your OAuth callback URL (e.g., https://yourapp.com/auth/github/callback)
  4. Click Register application

Step 2: Get Client Credentials

  1. After registration, you'll see your Client ID
  2. Click Generate a new client secret
  3. Copy the Client ID and Client Secret
  4. Store these securely

Storing Credentials:

Store your OAuth app credentials, then start the flow:

pnpm corsair setup --github client_id=your-client-id client_secret=your-client-secret
pnpm corsair auth --plugin=github

The CLI prints an authorization URL — open it in a browser. Once you approve, tokens are saved automatically.

To verify credentials were stored:

pnpm corsair auth --plugin=github --credentials

Webhook Secret

Step 1: Create Webhook

  1. Go to your repository on GitHub
  2. Navigate to SettingsWebhooks
  3. Click Add webhook
  4. Configure the webhook:
    • Payload URL: Your webhook endpoint (e.g., https://yourapp.com/api/webhook)
    • Content type: application/json
    • Secret: Generate a random secret string (save this)
    • Events: Select the events you want to receive:
      • Pull requests
      • Pushes
      • Issues
      • Stars
      • Releases
  5. Click Add webhook

Step 2: Store Webhook Secret

Copy the secret you generated and store it using the CLI:

pnpm corsair setup --github webhook_signature=your-webhook-secret

Required Credentials Summary

CredentialRequired ForWhere to Find
Personal Access TokenAPI Key authSettings → Developer settings → Personal access tokens
Client IDOAuth 2.0Settings → Developer settings → OAuth Apps
Client SecretOAuth 2.0Settings → Developer settings → OAuth Apps
Webhook SecretWebhooksRepository Settings → Webhooks → Secret

For general information about how Corsair handles authentication, see Authentication.

Basics

Previous Page

API Endpoints

Next Page

On this page

Authentication Methods
API Key Authentication (Personal Access Token)
Step 1: Create Personal Access Token
OAuth 2.0 Authentication
Step 1: Register OAuth App
Step 2: Get Client Credentials
Webhook Secret
Step 1: Create Webhook
Step 2: Store Webhook Secret
Required Credentials Summary