/
GitHub

GitHub

Use your organization’s owner account to set up the OAuth app, authenticate it, and log in through the same account when syncing data to Zilla. The owner account is also required to get outside collaborators.

Create GitHub Connector

  1. Sign in to GitHub and go to Profile > Settings.

  1. Click Developer settings.

  1. Click OAuth Apps and then click Register a new application.

  1. Copy and securely save the Client ID and Client Secret to use when creating the integration.

  2. Name your connector.

  3. Add the following values in the corresponding fields:

    1. Homepage URL: https://app.zillasecurity.com

    2. Redirect URL: https://app.zillasecurity.com/api/auth/callback/github

    3. Authorization callback URL: https://app.zillasecurity.com/api/auth/callback/github

  1. Click Register application.

Set Up Github Application Integration

  1. Add the GitHub application in Zilla. For more information on how to add an application, see Adding applications to Zilla.

  2. Click Sync now, enable API Integration and add the following values to the corresponding fields:

Zilla field

GitHub value

Zilla field

GitHub value

GitHub Organization Id

GitHub organization name (located in Profile > Your Organizations)

GitHub OAuth Client Id

Client ID (copied from a previous step)

GitHub OAuth Client Secret

Client secret (copied from a previous step)

  1. In the Sync repositories as resource permissions field, the default value is No. If necessary, type Yes if the integration should sync user access for each repository in the organization.

  2. In the Enable account modifications field, the default value is No. If necessary, type Yes to automatically revoke group membership, users' repository permissions, outside collaborators, outside collaborators' permissions to a repo, and organization membership and permissions that have been flagged for revocation after an access review.

Requested Scopes

The GitHub integration automatically requests scopes with least privilege required. By default, read:org, read:user, and user:email scopes are requested.

If Sync repositories as resource permissions is set to Yes, repo is also requested.

If Enable account modifications is set to Yes, admin:org is also requested.

Note:

  • When Sync repositories as resource permissions is set to Yes, you must revoke all user tokens in GitHub.

  • Revoking membership for an organization removes that user from the organization.

  • GitHub has a concept of an orphan organization, for example, an organization with no owner. Make sure there are more than one owner if you are revoking ownership of an organization for a user.

  • Revoking an outside collaborators' repository permission will remove them from the organization also only if they not a member of any other repository.

  • Organization ownership revocation is not supported and must be manually revoked directly in GitHub.

  1. Click Sync Now/ Next and then click Next.

  2. If prompted, log in to GitHub.

If Enable account modifications set to Yes, you are prompted to authorize access.

image-20250617-085736.png

  1. Review the data that was synced and confirm it is correct.

Troubleshoot GitHub Integration

  • Error 401 - This error could occur due to expired access token or attempting to perform a sync without admin or owner access to GitHub. Reauthenticate the GitHub instance, and if the issue persists, contact your admin for the correct access.

  • Error 403 - This error could occur due to insufficient scopes. Ensure that the scopes provided for the connector are same as listed in this topic. The error could also occur if your organization has enabled OAuth app access restrictions, and disabling the restriction fixes the issue. See GitHub documentation for more information on disabling OAuth app access restrictions.

  • Error 422 - This error could occur because your organization has enabled OAuth app access restrictions. See GitHub documentation for more information on disabling OAuth app access restrictions.

  • Error 400 - This error could occur due to an API error. Contact our support team for assistance.

  • Error 404 - This error could occur non-owner of the organization tries to access repositories. Ensure you are logged in as an owner of the organization.