YouTrack Server
 
2019.2
Get YouTrack Standalone
You are viewing the documentation for an earlier version of YouTrack Server. View this page in the current documentation
  1. Administration
  2. Access Management
  3. Auth Modules
  4. GitHub Auth Module

GitHub Auth Module

Last modified: 17 December 2019

This authentication module lets users log in to YouTrack with their GitHub credentials.

Enable GitHub Authentication

To allow users with existing GitHub accounts to log in to YouTrack, enable the GitHub authentication module.

This procedure takes place in three steps:

  1. Generate a Callback URL in YouTrack. When you create an authentication module for GitHub, YouTrack generates a callback URL to use with this service. This URL identifies the source of each login request to GitHub.

  2. Generate a Client ID and Secret in GitHub. Every login request sent from YouTrack to GitHub includes a unique identifier. The ID and secret you store in the authentication module tell GitHub that each login request is authorized.

  3. Enable the Auth Module in YouTrack. When you have generated the information YouTrack uses to authenticate with GitHub, copy the values into YouTrack and enable the module.

note

In this procedure, you generate values in both YouTrack and GitHub.

The heading for each step tells you which application menu to follow.

Generate a Callback URL in YouTrack

To get started, open YouTrack and create an authentication module for GitHub accounts. When you create the authentication module, YouTrack generates a callback URL to use with the authorization service.

To generate a callback URL in YouTrack:

tip

Requires permissions: Low-level Admin Write

  1. In the Access Management section of the Administration menu, select Auth Modules.

  2. From the Add Module drop-down list, select GitHub.

    • The Auth Modules page displays the settings for a new GitHub authentication module.

    • YouTrack generates a callback URL for you to use in GitHub.

    Auth module github settings

  3. Copy the callback URL as instructed on the page.

  4. Click the link to access the New OAth Application page in GitHub.

    note

    This setup requires that you copy values from GitHub into input fields on this page in YouTrack.

    To simplify setup, open this link in a new browser tab or window.

Generate a Client ID and Secret in GitHub

  1. Log in to your GitHub account.

  2. Specify the general parameters to register a new OAuth application: Name, Homepage URL, and optional Application Description.

    note

    If you already have any registered GitHub application and it's not used to connect with another service, you can use its client ID and client secret

    In the sidebar, click Applications, then select the application in the Developer applications list.

  3. In the Authorization callback URL, paste the callback URL you copied from the Auth Module page in YouTrack.

  4. Click the Register application button.

    • GitHub generates the credentials you need to set up the YouTrack module and displays them at the top of the page.

Enable the Auth Module in YouTrack

  1. Copy the client ID from GitHub and paste it into the Client ID input field in YouTrack.

  2. Copy the client secret from GitHub and paste it into the Client Secret input field in YouTrack.

  3. Configure the optional settings for the authentication module. For more information, see Settings.

  4. Click the Enable module button.

    • The GitHub authentication module is enabled.

    • The icon stored in the Button Image setting is added to the login dialog window. Users can click this icon to authenticate with their GitHub accounts.

    Login dialog with GitHub

Settings

Field

Description

Type

Displays the name of the application or service that is enabled for third-party authentication in Hub.

Name

Stores the name of the authentication module. Use this setting to distinguish this module from other authentication modules in the Auth Modules list.

Button image

Displays the image used for the button that a user clicks to log in to YouTrack with a GitHub account.

Authorization callback URL

Displays the Authorization callback URL that is used to register the connection to YouTrack in GitHub.

Client ID

Stores the identifier GitHub uses to validate a login request. You generate this value in GitHub when you configure the authorization settings for an application and enter a callback URL.

Client secret

Stores the secret or password used to validate the client ID. You generate this value in GitHub together with the client ID.

Server URL

Displays the URL of the server to which YouTrack sends a login request when a user logs in with a GitHub account.

Scope

Displays the scope for the access request.

The information displayed below this field helps you configure the authentication module.

Allowed organizations

Restricts logins for this auth module to users who belong to specific organizations in GitHub. Enter a comma-separated list of organizations. If empty, any user with a GitHub account can log in using this auth module.

Additional Settings

The following options are located at the bottom of the page. Use these settings to manage YouTrack account creation and group membership, and to reduce the loss of processing resources consumed by idle connections.

Option

Description

User creation

Enables creation of Hub accounts for unregistered users who log in with an account that is stored in the connected authorization service. YouTrack uses the email address to determine whether the user has an existing account.

Auto-join groups

Adds users to a group when they log in with an account that is stored in the connected authorization service. You can select one or more groups. New users that auto-join a group inherit all of the permissions assigned to this group.
We recommend that you add users to at least one group. Otherwise, a new user is only granted the permissions that are currently assigned to the All Users group.

Connection timeout

Sets the period of time to wait to establish a connection to the authorization service. The default setting is 5000 milliseconds (5 seconds).

Read timeout

Sets the period of time to wait to read and retrieve user profile data from the authorization service. The default setting is 5000 milliseconds (5 seconds).

Audit

Links to the Audit Events page in YouTrack. There, you can view a list of changes that were applied to this authentication module.