Skip to main content
All CollectionsSetup & ConfigurationIntegrationsSource Control
GitHub integration using GitHub App
GitHub integration using GitHub App

Use this integration option when choosing to run a self-hosted Axiom Runner

Updated over 5 months ago

Note!

If you do not intend to use a self-hosted Axiom Runner for your GitHub integration, we recommend that you use the OAuth based integration method, which is much simpler.

Overview

In order to start managing access to GitHub using Axiom, you first need to integrate your GitHub organization to Axiom. Learn more about integrations

Integration summary:

  1. Create a GitHub app in the GitHub console.

  2. Configure the integration in the Axiom console.

  3. Wait for the initial Scan to complete.

Detailed guide

GitHub

  1. Go to the GitHub dashboard, and select your organization

  2. Go to https://github.com/settings/apps/new
    (or go to Settings -> Developer Settings -> New GitHub App)

  3. Name the app (for example “Axiom Integration), give it a description, and enter https://app.axiom.security/ in the “Homepage URL” field

  4. Scroll down, and uncheck the “Active” checkbox under Webhook

  5. Scroll down to the Permissions section

  6. Under “Repository permissions”

    1. For “Administration”, select “Read and write”

    2. For “Metadata”, select “Read-only"

  7. Under “Organization permissions”

    1. For “Administration”, select “Read-only”

    2. For “Members”, select “Read and write”

  8. Under “Account Permissions"

    1. For “Email addresses”, select “Read-only”

    2. For “Profile”, select “Read and write”

  9. Scroll down, to “Where can this GitHub App be installed?”

    1. Ensure that “Only on this account” is selected.

    2. Press the “Create GitHub App” button

  10. In the app’s “About” page (this is where you get to after pressing Create)

    1. Generate a new client secret

    2. Scroll down to the “Private keys” section, and press the “Generate a private key” button

      This will download a pem file to your computer.

  11. Now scroll back to the top of the “About” page, copy the “App ID”, and choose “Install App” from the left side menu

  12. Press “Install”

  13. Press “Install” again

  14. Grab the Application installation ID from the URL of the page on which you landed

How to find your Application installation ID later

  1. Go to https://github.com/settings/apps, and press Edit next to the application name

  2. Press "Install App"

  3. Press the cogwheel button

Axiom

  1. Go to https://app.axiom.security/integrations/new/github

  2. Enter the information:

    1. Name: The name you want to give this integration (will appear in Axiom).

    2. Organization name: the GitHub organization name, as it appears in the GitHub console.

    3. Application ID: The App ID you copied in step 11 above.

    4. App installation ID: the ID you copied from the URL in step 14 above.

  3. Select the pem file you downloaded in step 10b above, and press the Integrate button

Congratulations!

Your GitHub integration will now appear under the GitHub card in the Axiom console’s Integrations page

Before you can start managing access to GitHub you need to wait for the initial scan to complete.

  • Scan is the Axiom process of traversing all resources in an integration and creating a map (graph) of these resources, and their relationships. For GitHub we traverse your organization and repos, groups, users, and roles. The initial Scan can several minutes, or longer, depending on how many repos and users you have.

  • Learn how to check Scan progress

Related Articles
Axiom Runner - Setup and Secret Configuration
Setup PostgreSQL Integration
Integrations Overview
GitHub integration
Updating your GitHub integration
Did this answer your question?