Use GitHub as your Authentication Provider
This guide will walk you through the steps necessary to configure GitHub as the authentication provider for Okteto.
Please refer to GitHub's official documentation on how to create an OAuth App for more information.
Prerequisites
- A working installation of Okteto
- Helm 3.0+ installed in your local machine
- Access to a GitHub account with permissions to create an OAuth App
If you are planning on using our GitHub Integration for accessing private repositories, you should follow the guide to configure our GitHub App. You'll then use the same Github Application for the Integration as the one from Oauth.
Create the OAuth App
When creating the OAuth App, you will need to provide the following values:
Homepage URL:
https://okteto.DOMAIN
Authorization callback URL:
https://okteto.DOMAIN/auth/callback
Copy the Cliend ID
and Client Secret
values. You'll need them to configure Okteto.
Configure Okteto
Once you have the GitHub OAuth App ready, update the auth
section of your Helm configuration file with the following values:
auth:
github:
enabled: true
clientId: "REPLACE_ME_WITH_YOUR_OAUTH_APP_CLIEND_ID"
clientSecret: "REPLACE_ME_WITH_YOUR_OAUTH_APP_CLIEND_SECRET"
organization: "REPLACE_ME_WITH_YOUR_GITHUB_ORGANIZATION"
You can also use a secret to store the sensitive part of these credentials.
Upgrade your Okteto instance for the new configuration to be applied. We recommend that you upgrade to the same version that you already have to minimize the changes and help you troubleshoot any issues.
The organization
field is optional. Only members of the organization will be allowed to log in into your Okteto instance. An empty organization
field permits any user to log in.
If you want to provide access to users outside of your GitHub organization, you can additionally use the allowList
key to list the GitHub accounts you want to allow.
auth:
github:
enabled: true
clientId: "REPLACE_ME_WITH_YOUR_OAUTH_APP_CLIEND_ID"
clientSecret: "REPLACE_ME_WITH_YOUR_OAUTH_APP_CLIEND_SECRET"
organization: "REPLACE_ME_WITH_YOUR_GITHUB_ORGANIZATION"
allowList: ["acct1","acct2","acct3"]
We also have a video walking you through the steps on configuring GitHub as an authentication provider for your Okteto installation: