For latest instructions on how to configuring the Github authenticator, see Github Authenticator.
This page provides instructions on how to configure the Github authenticator and Identity Server using a sample app. You can find more information in the following sections.
Github Authenticator is supported by Identity Server 5.1.0 upwards.
Deploying Github artifacts
Download the artifacts for this authenticator from the store.
Place the org.wso2.carbon.identity.authenticator.github-1.0.0.jar file into the
<IS_HOME>/repository/components/dropins
directory.If you want to upgrade the Github Authenticator (.jar) in your existing IS pack, please refer upgrade instructions.
Configuring the Github App
- Go to https://www.github.com/, and create a github account.
- Register your app at https://github.com/settings/applications/new.
- Use
https://localhost:9443/commonauth
as the authorization callback URL when you register the client. - Now you can get the clientId and clientSecret of your created app.
Deploying travelocity.com sample app
The next step is to deploy the sample app in order to use it in this scenario.
Once this is done, the next step is to configure the WSO2 Identity Server by adding an identity provider and service provider.
Configuring the identity provider
Now you have to configure WSO2 Identity Server by adding a new identity provider.
Download the WSO2 Identity Server from here.
- Run the WSO2 Identity Server.
- Log in to the management console as an administrator.
- In the Identity Providers section under the Main tab of the management console, click Add.
- Give a suitable name for Identity Provider Name.
Navigate to Github Configuration under Federated Authenticators.
Enter the values as given in the above figure.
- Client Id: Client Id for your app.
- Client Secret: Client Secret for your app.
- Scope: Scope of the authorize token. For information on available scopes, see Scopes.
- Callback URL: Service Provider's URL where code needs to be sent .
Select both checkboxes to Enable the Github authenticator and make it the Default.
Click Register.
You have now added the identity provider.
Configuring the service provider
The next step is to configure the service provider.
Return to the management console.
In the Service Providers section, click Add under the Main tab.
Since you are using travelocity as the sample, enter travelocity.com in the Service Provider Name text box and click Register .
In the Inbound Authentication Configuration section, click Configure under the SAML2 Web SSO Configuration section.
Now set the configuration as follows:
Issuer: travelocity.com
Assertion Consumer URL:
http://localhost:8080/travelocity.com/home.jsp
- Select the following check-boxes:
Enable Response Signing.
Enable Single Logout.
Enable Attribute Profile.
- Include Attributes in the Response Always.
Click Update to save the changes. Now you will be sent back to the Service Providers page.
Navigate to the Local and Outbound Authentication Configuration section.
Select the identity provider you created from the drop-down list under Federated Authentication.
Ensure that the Federated Authentication radio button is selected and click Update to save the changes.
You have now added and configured the service provider.
Testing the sample
To test the sample, go to the following URL:
http://<TOMCAT_HOST>:<TOMCAT_PORT>/travelocity.com/index.jsp
. E.g.,http://localhost:8080/travelocity.com
Login with SAML from the WSO2 Identity Server.
Enter your Github credentials in the prompted login page of Github. Once you log in successfully you will be taken to the home page of the travelocity.com app.