GitHub
Configure GitHub as a single sign-on (SSO) provider for Seqera Platform.
Prerequisites
Before you begin, you need:
- A GitHub organization
- Permission to create OAuth Apps in your organization
Ensure you know how to create a GitHub OAuth app. See GitHub's documentation on creating an OAuth app for more information.
Create a GitHub OAuth App
- In Profile > Settings > Developer settings, select OAuth Apps.
- Select New OAuth App.
- Complete the required fields. In the Authorization callback URL field, enter
https://<HOST>/oauth/callback/github(must be HTTPS) - replace<HOST>with your enterprise installation hostname. - Note your Client ID.
- Generate a client secret, then note your Client secret.
Configure Seqera
Add the following environment variables to your Seqera configuration:
| Variable | Description |
|---|---|
TOWER_GITHUB_CLIENT | The client ID from step 4 |
TOWER_GITHUB_SECRET | The client secret from step 5 |
Restrict access
To restrict access to specific email addresses or domains, configure an allow list in tower.yml:
tower:
auth:
github:
allow-list:
- "*@your-company.example.com"
- "specific-user@another-company.example.net"
See User access allow list for more information.