Create a GitHub Cloud integration with Flow using OAuth or Personal access tokens.
Who can use this?
Important: Use a service account to create this integration. See How to Create a Service Account for instructions to create a service account, and to learn why service accounts are recommended here.
Git host permission requirements
In order to use all integration services which include repo, pull request, ticket and webhooks, the service account owner needs to be an owner on the GitHub organization.
Flow only requires read access to your repositories. This permission is needed to process the metadata used to generate our reports. GitHub does not offer the ability to narrow permissions down to just read-only access to private profile information and repositories. GitHub's standard Oauth permissions include write plus full admin permissions, which are never used by our system. These access levels are required in order to use GitHub APIs.
Access token permissions
In addition to the minimum access token scopes, the service account holder needs to be an owner on the GitHub organization in order to utilize all integration services and webhooks.
If the service account holder is only a member of the organization, all services except webhooks will be available in Flow.
In order to enable webhooks, the service account needs to be a GitHub organization owner and at least one repo needs to be imported from the organization.
Connect via OAuth
Connecting via OAuth is the fastest and easiest way to connect your repos and import your data, including pull requests and tickets.
- Click Settings on Flow's top navigation.
- On the left navigation under Integrations, click Integrations.
- Click Add Integration in the top right hand corner of the integrations page.
- Click GitHub on the Integration Provider list.
- Under the OAuth tab, click Connect to GitHub.
- If you are already logged into your GitHub account, a pop-up will appear prompting you to confirm access.
Note: If you're not already logged in, you'll be prompted to log in and then authorize the connection.
Once you've successfully connected, proceed to the Finishing up section of this document to complete the integration process.
Connect via username and password
New integrations from Flow to GitHub can no longer be made using username and password. Please use OAuth, or connect via Access Token.
Existing integrations can continue to use username and password authentication.
At this time, Flow does not support two-factor authentication via username and password. If your account has two-factor authentication enabled, you need to use OAuth or a personal access token.
If you try to connect via username and password when you have two-factor authentication enabled, you'll see this message: Two-factor authentication is enabled. Please use a personal access token or app password to continue.
Connect via access token
To connect via an access token, please use the Access token authentication method outlined in this GitHub Help Center article (opens in new tab).
Now that you've generated a new token, these are the scopes Flow needs in order to import and process your repos and projects and to enable webhooks:
- repo (all)
- admin:repo_hook (all)
Once you've created your token, copy and paste it into your the Personal Access Token box on the Access Token tab of the GitHub integration screen in Flow and click Test connection.
If the connection was successful you'll see the following message: Successfully connected via username.
Note: If SSO is configured for your GitHub organization, you must authorize the token in GitHub to proceed (external site, opens in new tab). If you refresh your token and update it in Flow, you must reauthorize SSO for the token for Flow to correctly ingest your data.
Once you have a successful connection, finalize your integration and begin importing repos.
- Click Next.
- Select the services you want turned on for this integration. If you would like Flow to ingest ticket data and pull request data in addition to repo data, then leave all three services on. You can turn services on and off at any time.
- Click Next.
- Name your integration so you can identify the account you connected with.
- Click Create.
Next, make sure your data is processing correctly. If you're not already on the Integration details page for your new GitHub integration:
- Click on Settings in the top navigation.
- In the left navigation, click Integrations.
- Click on the integration you just created.
- Go to the Repos tab.
Make sure all the expected groups and projects appear in the Repos tab.
Begin importing repos by clicking the repo import page.
To learn more about managing your new integration settings, see Managing integrations.
If you’re unable to see your GitHub group in the Repo tab after you’ve successfully connected by account, there are two likely reasons:
- Permissions: If you're a member of the organization, send a request to the owner of the organization to grant permissions to Flow.
- Organization access: Organization access may not have been granted during the setup of your GitHub integration.
To provide permissions:
- In GitHub, under Settings, click Applications. Click Authorized OAuth Apps. Next, click on the Flow application.
- Here, you can see which organizations Flow has access to. As seen below, Flow does not have access to the myorgsname organization.
Note: If you're a member of the organization and not the owner, click the Request button next to your organization name. An owner of the organization will receive your request and will be able to grant or deny it. If you don’t see a Grant or Request button, see the section below.
To give Flow organization access:
- Click the Grant button next to the organization’s name. If you don't see a red x next to the organization, you need to grant permissions at the organization level in GitHub, as shown below.
- Under your GitHub Settings, click on the organization you want to give Flow access to.
- Under the organization’s settings click Third-party access and click the edit button next to the Flow application.
- Click Grant access. This gives Flow access to your GitHub organization.
Now that you have granted Flow access, return to Flow. Under your GitHub integration, select the Repos tab. If you do not see all your GitHub organizations you may need to refresh the page.
If you need help, please contact Pluralsight Support.