Overview

Pre-built tooling

Pre-built integrations

Not seeing the integration you need? Build your own independently.

Access requirements

Pre-RequisitesStatusComment
Paid dev account✅ Not requiredFree, self-signup for a GitHub account.
Paid test account✅ Not requiredFree GitHub account can be used for testing.
Partnership✅ Not required
App review⚠️ ConditionalRequired only if you want to publish your app to the GitHub Marketplace.
Security audit✅ Not required

Setup guide

1

Create a GitHub account

If you don’t already have one, sign up for a GitHub account.

2

Create a new OAuth App

  1. In the upper-right corner of any GitHub page, click your profile photo, then click Settings.
  2. Scroll down and click Developer settings.
  3. In the left sidebar, click OAuth Apps.
  4. Click New OAuth App.
3

Register your app

  1. Under Application name, enter a name for your app. Choose a clear and short name (maximum 34 characters).
  2. Under Homepage URL, type the full URL to your app’s website. If you don’t have a dedicated URL, you can use your GitHub repository URL or organization URL.
  3. Optionally, under Description, type a description of your app. Users will see this when installing your app.
  4. Authorization callback URL: Enter https://api.nango.dev/oauth/callback.
4

Save your Client ID and Client Secret

After registration:

  1. Note your Client ID (visible).
  2. Click Generate a new client secret to reveal your Client Secret.
  3. Store both securely; you’ll need them in Nango.
5

Creating a GitHub App

If you don’t already have a GitHub App, please follow the steps to create one.

6

Next

Follow the Quickstart.

Need help getting started? Get help in the community.
Contribute improvements to the setup guide by editing this page
TopicLinks
GeneralGitHub Developer Documentation
GitHub Apps Documentation
GitHub Marketplace
DeveloperHow to register a GitHub App
How to register a GitHub OAuth app
GitHub App Permissions
GitHub App Authentication
GitHub OAuth app Authentication
Using Webhooks with GitHub Apps
Webhook Events and Payloads
GitHub REST API Documentation
GitHub GraphQL API Documentation
Differences between GitHub Apps and OAuth Apps
Best Practices for GitHub Apps
Contribute useful links by editing this page

API gotchas

  • When setting up a GitHub App OAuth:
    • The App ID is made of numbers (e.g. 401953)
    • The App Public Link is the URL to your Github App public page (e.g. https://github.com/apps/nango-github-app)
    • The App Private Key needs to be generated in your GitHub App settings and starts with -----BEGIN RSA PRIVATE KEY----- (not to be confused with the Client Secrets)
    • The “Callback URL” needs to be filled in with the callback URL which unless customized will be https://api.nango.dev/oauth/callback and the checkbox “Request user authorization (OAuth) during installation” should be checked
    • The checkbox “Redirect on update” under “Post installation” should NOT be checked and the “Setup URL (optional)” should not be accessible
  • The GitHub App OAuth flow is a hybrid between a GitHub App and an OAuth App. It is recommended when your GitHub App needs approval before being installed into an organization.
  • There are certain API methods that only work with an OAuth App that will not work with an App. Please check the Github documentation and look for a “Works with Github Apps” header under the endpoint.
  • Nango supports initiating a connection with a GitHub App using the frontend SDK, but not directly from the GitHub Marketplace. Therefore, you should encourage users to install your GitHub App from your product, rather than from the GitHub Marketplace directly. This is a limitation we plan to fix in the future.
  • Just like GitHub Apps, OAuth Apps can access GitHub’s REST and GraphQL APIs, though the endpoints they can use are limited by the OAuth scopes granted by the user during authorization.
  • GitHub App OAuth authentication uses a user access token, rather than an installation token.
  • Webhook payloads are signed with the webhook secret you configured. Always verify the signature to ensure the webhook is legitimate.
Contribute API gotchas by editing this page