Overview
This document provides instructions on how to connect to an API to import data from this application into your instance of Zilla.
In this guide, you will:
Launch your application from inside Zilla
Set up an API configuration
Send your data securely to Zilla
Step-by-Step Instructions
Note: You must use organization’s owner account to setup the OAuth app and authenticate it. The owner account is also required to get outside collaborators.
Steps To Create a Github Connector
1. Sign in to Github. In the upper-right corner of any page, click your profile photo, then click Settings.
2. In the left sidebar, click Developer settings.
3. In the left sidebar, click OAuth Apps, then click Register a new application
.
4. Name your Zilla connector then click Register application
.
Homepage URL should be https://app.zillasecurity.com/
Redirect URL should be https://app.zillasecurity.com/api/auth/callback/github
For the Authorization callback URL simply copy and paste https://app.zillasecurity.com/api/auth/callback/github into the text box.
5. Copy your Client ID and Client secret to a place you may access again (you will need these credentials to connect from Zilla in a future step).
Setup Github Application Integration on Zilla
Locate your desired Github application instance on Zilla, click
Sync now
in the top right and enable API Integration.Client Id - Copied from the previous steps.
Client Secret - Copied from the previous steps.
Organization Id - Name of the organization on GitHub (located at Your Organizations tab when you click profile image at upper right corner).
Sync repositories as resource permissions -
Yes
if the integration should sync user access for each repository within the organization, defaults toNo
.Enable account modifications? (Yes/No) -
Yes
will automatically revoke group memberships, repository permissions for a user, outside collaborators, outside collaborators' permissions to a repo and organization membership/inside collaborators and permissions (except for owner permissions) that have been flagged for revocation after an access review during a sync. Default value isNo
Scopes Requested:
The Github integration automatically requests scopes with least privilege required
By default, the following scopes are requested
read:org, read:user, user:email
If the setting “Sync repositories as resource permissions” , then the following scope is additionally requested
repo
If the setting “Enable account modifications” is set to “Yes, then the following scope is additionally requested
write:org
Note:
When updating the “Sync repositories as resource permissions” setting from No to Yes, you must revoke all user tokens in Github.
Revoking membership for an organization will remove that user from organization.
GitHub has a concept of orphan organization i.e. organization with no owner. Make sure there are more than one owner if you are revoking ownership of an organization for a user.
Revoking an outside collaborators' repository permission will remove him/her from the organization also only if he/she is not a member of any other repository.
Zilla does not support organization’s ownership revocation. User will have to manually revoke the ownership directly in Github.
Click
Sync Now
orNext
.Click
Next
.
If required, grant access. Your sync will start once you have granted Zilla access.
Once complete you may view the data in Zilla.
If “Sync repositories as resource permissions” is Yes, on the Permissions tab additional permissions are displayed for each account (e.g., “admin: repo1“, “maintain: repo2”, “read: repo3”, “triage: repo4”, “write: repo5”).
Troubleshooting GitHub Integration:
Error 401 - This could due to expired access token or the user trying to sync does not have admin or owner access to GitHub’s account. Try reauthenticating the GitHub instance will resolve the error and if the issue still persist contact your admin for right access.
Error 403 - This error could be due to insufficient scopes, please ensure that the scopes provided for zilla connector should be same as mentioned in these document. Error 403 could also occur if the organization has enabled OAuth App Access Restrictions, disabling the restriction would fix the issue. Refer this document for disabling the OAuth app access restrictions.
Error 422 - This could also occur because your organization has enabled OAuth App Access Restrictions. Refer this document for disabling the OAuth app access restrictions.
Error 400 - This could be due to API error please contact support@zillasecurity.com.
When you have finished with all the steps above, review the information in Zilla that was synced.
Having trouble? Try our Troubleshooting articles or contact support@zillasecurity.com.