GitHub OAuth
Appsmith allows you to integrate with GitHub OAuth, enabling end users to sign in to the Appsmith account using their GitHub authentication credentials.
Prerequisites
- A self-hosted Appsmith instance. See the installation guides for installing Appsmith.
- A GitHub account.
Register OAuth app on GitHub
To enable GitHub Sign in, log in to your GitHub Account and follow the steps below:
- In your profile drop-down, navigate to Settings > Developer Settings > OAuth Apps and click Register a new application to create and register a new OAuth App.
-
Configure the following OAuth Credentials for a web application:
-
Homepage URL: the domain on which you host Appsmith with HTTPS (Eg:
https://app.appsmith.com
). -
Authorization Callback URL: append
/login/oauth2/code/github
to the Homepage URL (Eg:https://app.appsmith.com/login/oauth2/code/github
).
-
Configure Appsmith instance
Test the Client ID and Client Secret before disabling Form login on Appsmith. This ensures that users can access Appsmith with their GitHub credentials. To fix an invalid GitHub configuration, update the environment variables.
There are two ways to configure the self-hosted Appsmith instance -
- Admin Settings
- Environment Variables
Admin settings
Click Admin Settings > Authentication > Enable(GitHub). Add the Client ID
and Client Secret
. Click the Save & Restart button at the bottom of the page.
If you have set values using environment variables for your instance, those values take precedence over values specified in the Admin Settings UI.
Environment variables
Update the values for the following keys in the instance configuration file, for example, in the docker.env
file for Docker installation (<PROJECT_ROOT>/stacks/configuration/
) and in the values.yaml
file for Kubernetes:
- Configure the
APPSMITH_OAUTH2_GITHUB_CLIENT_ID
andAPPSMITH_OAUTH2_GITHUB_CLIENT_SECRET
fields with the client ID and client secret generated in the preceding step. - Configure
APPSMITH_SIGNUP_ALLOWED_DOMAINS
with a second-level domain name (ex:abc.com
), to only allow users with an email address from that domain name to log in (ex:john@abc.com
). You can provide several domain names using a comma-separated list.# Example configuration in docker.env file
# ********* GitHub OAuth **********
APPSMITH_OAUTH2_GITHUB_CLIENT_ID=YOUR_GITHUB_CLIENT_ID
APPSMITH_OAUTH2_GITHUB_CLIENT_SECRET=YOUR_GITHUB_CLIENT_SECRET
APPSMITH_SIGNUP_ALLOWED_DOMAINS=exampledomain.com
# ****************************** - Restart the Appsmith instance.
If you're running Appsmith on a Kubernetes cluster with an HA configuration, after completing the setup, run the following command to ensure the new authentication settings are properly applied:
kubectl rollout restart deployment/appsmith -n
After these steps, your Appsmith installation should now enable GitHub Login.