On this page

Creating a dedicated app for authenticationSetting your authentication settings in SonarQubeGitHub group synchronization


To allow users to log in with GitHub credentials, you must use a GitHub App. We highly recommend that you set up a dedicated one.

Creating a dedicated app for authentication

If you want to use a dedicated app for GitHub authentication, you can create a GitHub OAuth app. You'll find general instructions for creating a GitHub OAuth App here. Specify the following settings in your OAuth App:

  • Homepage URL – the public URL of your SonarQube server. For example, https://sonarqube.mycompany.com. For security reasons, HTTP is not supported, and you must use HTTPS. The public URL is configured in SonarQube at Administration > General > Server base URL.
  • Authorization callback URL – your instance's base URL. For example, https://yourinstance.sonarqube.com.

Setting your authentication settings in SonarQube

Navigate to Administration > Configuration > General Settings > Authentication > GitHub Authentication and update the following:

  1. Enabled – set the switch to true.
  2. Client ID – the client ID is found below the GitHub App ID on your GitHub App's page.
  3. Client Secret – the client secret is found below the client ID on your GitHub App's page.

Now, from the login page, your users can connect their GitHub accounts with the new Log in with GitHub button.

GitHub group synchronization

To associate GitHub Teams with existing SonarQube groups of the same name, enable Synchronize user groups by navigating to Administration > Configuration > General Settings > Authentication > GitHub 

See the Group synchronization section on the Overview page for more details about this feature’s general behavior.

© 2008-2023, SonarSource S.A, Switzerland. Except where otherwise noted, content in this space is licensed under a Creative Commons Attribution-NonCommercial 3.0 United States License. SONARQUBE is a trademark of SonarSource SA. All other trademarks and copyrights are the property of their respective owners.

Creative Commons License