Skip to main content
Version: 1.19

Use GitHub as your Authentication Provider

This guide will walk you through the steps necessary to configure GitHub as the authentication provider for Okteto.

Please refer to GitHub's official documentation on how to create an OAuth App for more information.

Prerequisites

  • A working installation of Okteto
  • Helm 3.0+ installed in your local machine
  • Access to a GitHub account with permissions to create an OAuth App

If you are planning on using our GitHub Integration for accessing private repositories, you should follow the guide to configure our GitHub App. You'll then use the same Github Application for the Integration as the one from Oauth.

Create the OAuth App

When creating the OAuth App, you will need to provide the following values:

Homepage URL:

https://okteto.DOMAIN

Authorization callback URL:

https://okteto.DOMAIN/auth/callback

Copy the Cliend ID and Client Secret values. You'll need them to configure Okteto.

Configure Okteto

Once you have the GitHub OAuth App ready, update the auth section of your Helm configuration file with the following values:

config.yaml
auth:
  github:
    enabled: true
    clientId: "REPLACE_ME_WITH_YOUR_OAUTH_APP_CLIEND_ID"
    clientSecret: "REPLACE_ME_WITH_YOUR_OAUTH_APP_CLIEND_SECRET"
    organization: "REPLACE_ME_WITH_YOUR_GITHUB_ORGANIZATION"

You can also use a secret to store the sensitive part of these credentials.

Upgrade your Okteto instance for the new configuration to be applied. We recommend that you upgrade to the same version that you already have to minimize the changes and help you troubleshoot any issues.

The organization field is optional. Only members of the organization will be allowed to log in into your Okteto instance. An empty organization field permits any user to log in.

If you want to provide access to users outside of your GitHub organization, you can additionally use the allowList key to list the GitHub accounts you want to allow.

config.yaml
auth:
  github:
    enabled: true
    clientId: "REPLACE_ME_WITH_YOUR_OAUTH_APP_CLIEND_ID"
    clientSecret: "REPLACE_ME_WITH_YOUR_OAUTH_APP_CLIEND_SECRET"
    organization: "REPLACE_ME_WITH_YOUR_GITHUB_ORGANIZATION"
    allowList: ["acct1","acct2","acct3"]

We also have a video walking you through the steps on configuring GitHub as an authentication provider for your Okteto installation: