Skip to main content

GitHub Authentication

In order to:

  1. Sync data from private GitHub repositories
  2. Automatically import repos from a GitHub org
  3. Run any sync that uses the GitHub API

You will need to authenticate your GitHub Git Source. Currently, the only supported authentication mechanism is with a classic Personal Access Token (PAT) (though we are working on alternatives).

Create a GitHub PAT in GitHub

You may set the GitHub authentication on the detail view of a GitHub Git Source.

Set a GitHub PAT for a Git Source

Sync Types

Without a Github PAT

If you do not supply a GitHub PAT, the following sync types will work or not work, depending on if the repo is public or private:

Sync TypePublic RepoPrivate Repo
git-blame
git-commits
git-commit-stats
git-files
git-refs
github-pull-request-commits
github-pull-request-reviews
github-issues
github-repo-info
github-pull-requests
github-repo-stargazers
scan-syft
scan-trivy
scan-yelp-detect-secrets
scan-gosec
scan-gitleaks

With a GitHub PAT

If you do supply a GitHub PAT, the following sync types will work with no scopes (✅) or with some required scopes (✴️):

Sync TypePublic RepoPrivate RepoRequired Scopes for a Public RepoRequired Scopes for a Private Repo
git-blame✴️-repo
git-commits✴️-repo
git-commit-stats✴️-repo
git-files✴️-repo
github-pull-request-commits✴️-repo
github-pull-request-reviews✴️-repo
github-issues✴️-repo
github-repo-info✴️-repo
github-pull-requests✴️-repo
github-repo-stargazers✴️✴️user:email OR read:user(user:email OR read:user) AND repo
git-refs✴️-repo
scan-syft✴️-repo
scan-trivy✴️-repo

Repo Auto Imports

Learn more about repo auto imports here.

No GitHub PATWith GitHub PATRequired Scopes
Org✴️read:org
User-