Skip to main content
This guide walks you through creating a GitHub OAuth app and configuring ngrok to use it for user authentication.

What you’ll need

  • A GitHub account with permission to create OAuth apps.
  • Your ngrok authtoken and an endpoint with the OAuth action in its Traffic Policy.

Create a GitHub OAuth application

  1. Follow GitHub’s documentation for creating an OAuth app until the final step of submitting the registration form.
  2. Set the Authorization callback URL to https://idp.ngrok.com/oauth2/callback.
  3. Submit the form.
  4. From the application overview, save your Client ID and Client secret for use in ngrok.

Update your ngrok endpoint Traffic Policy

  1. Access the ngrok Dashboard Endpoints page and locate an existing endpoint you’d like to add this to or create a new one.
  2. In your traffic policy, add the following configuration:
You may add any scopes that are required by your application with the following caveats.
on_http_request:
  - actions:
      - type: oauth
        config:
          provider: github
          client_id: '{your app''s oauth client id}'
          client_secret: '{your app''s oauth client secret}'
          scopes:
            - read:user
            - read:org
Click Save to validate and update your traffic policy.

Configure access control

Optionally, configure access control to your service by only allowing specific users or domains. 
on_http_request:
  - expressions:
      - '!(actions.ngrok.oauth.identity.email in [''me@example.com''])'
    actions:
      - type: deny

Known limitations