Link Search Menu Expand Document

To configure an OAuth App for Github:

First note that you need to set up a “Github App”, not an “OAuth App”. The difference is subtle, but important.

  1. This link should take you directly to the page to create a new OAuth App: https://github.com/settings/apps/new

    Or you can navigate to it this way:

    • Go to the Settings page for your own github account
    • Find the tab down the left column that says “Developer Settings”
    • Click the tab for Github Apps
    • Click the button New Github App
  2. You now have a form to fill in that looks like this:

    The top of the form looks like this. Fill in a name such as: organic on localhost or organic-qa on dokku-07

    image

    Then scroll down to Homepage URL and fill in something like either http://localhost:8080 or https://organic-qa.dokku-07.cs.ucsb.edu

    image

    Then scroll down to Callback URL and fill in something like this.

    • For localhost, enter: http://localhost:8080/login/oauth2/code/github (Note: on localhost, must be http )
    • For Dokku, enter: https://myappname.dokku-xx.cs.ucsb.edu/login/oauth2/code/github (on dokku, must be https )
    • Note that you should substitute in your app name in place of my-app-name and your dokku number for xx

    image

    Be sure that the buttons just under Callback URL are click/unclicked exactly like this:

    image

    Scroll down to where it says Webhook, and unclick the button so that it looks like this:

    image

    Now scroll down to Account Permissions and click the triangle to open up the box. For proj-organic, you’ll need to select Read-Only next to Emails. Leave everything else as No access.

    image

    Finally, scroll to the bottom and select Any Account like this:

    image

    You are now finally ready to click Create Github App. When you do, you should see the client id, something like this:

    image

    To get the client secret, scroll down to this part of the page, and click the Generate a New Client Secret button.

    image

    After you do, you’ll see sometnhing like this:

    image

    (Note that the above client secret has been deleted, so don’t bother trying to use it to hack my account.)

    Keep this window open, since you’ll need these values in the next step.

  3. You now have a client id and a client secret for your .env file, or for the dokku config:set ... command.

    It is important to NOT put the client secret into a file that is committed to GitHub.