Configuring Authentication using GitHub

This post will show you how to configure GitHub and Spinnaker to use GitHub as an OAuth2 authenticator. This post assumes you have the ability to modify developer settings for your GitHub organization, access to Halyard and configured DNS and SSL for your Spinnaker instance.

Configuring GitHub OAuth

  1. Login to GitHub and go to Settings > Developer Settings > OAuth Apps > New OAuth App
  2. Note the Client ID / Client Secret
  3. Homepage URL: This would be the URL of your Spinnaker service e.g.
  4. Authorization callback URL: This is going to match your --pre-established-redirect-uri in halyard and the URL needs login appended to your gate endpoint e.g. or

Configuring Spinnaker w/ Halyard

Run the following commands in Halyard with your Client ID and Client Secret.


hal config security authn oauth2 edit \
  --client-id $CLIENT_ID \
  --client-secret $CLIENT_SECRET \
  --provider $PROVIDER \
  --scope read:org,user:email \
  --pre-established-redirect-uri ""

hal config security authn oauth2 enable

Related Links:



The latest tutorials sent straight to your inbox.