GitHub
Cloudflare One allows your team to connect to your applications using their GitHub login. You do not need to have a GitHub organization to use the integration.
To configure GitHub access in both GitHub and Cloudflare One:
-
Log in to GitHub ↗.
-
Go to your account > Settings > Developer Settings.
-
In Developer Settings, select OAuth Apps and select New OAuth app.
-
On the Register a new OAuth application page, enter an Application name. Your users will see this application name on the login page.
-
In the Homepage URL field, enter your team domain:
https://<your-team-name>.cloudflareaccess.comYou can find your team name in Cloudflare One ↗ under Settings > Team name and domain > Team name.
-
In the GitHub Authorization callback URL field, enter the following URL:
https://<your-team-name>.cloudflareaccess.com/cdn-cgi/access/callback -
Select Register application.
-
Make note of the Client ID.
-
Select Generate a new client secret and copy the client secret to a safe place.
-
In Cloudflare One ↗, go to Integrations > Identity providers.
-
Select Add new identity provider and select GitHub.
-
In App ID, enter the Client ID obtained from GitHub (refer to step 8).
-
In Client secret, enter the Client secret obtained from GitHub (refer to step 9).
-
Select Save.
-
Select Finish setup to launch a GitHub authorization page. You will be asked to grant the following permissions to Cloudflare Access:
- Organizations and teams (read-only)
- Email addresses (read-only)
-
Select Authorize.
To test that your connection is working, go to Cloudflare One ↗ > Integrations > Identity providers and select Test next to your GitHub login method. If you have GitHub two-factor authentication enabled, you will need to first login to GitHub directly and return to Access.
{ "config": { "client_id": "<your client id>", "client_secret": "<your client secret>" }, "type": "github", "name": "my example idp"}