Configuring Flipt v2 to enable login with GitHub via OAuth 2.0
Settings
under the menu of your Profile icon
Developer Settings
OAuth Apps
as a menu option on the left, click on that and click New OAuth App
to start creating the application
Application Name
: Give your application a meaningful name like “Flipt”Homepage URL
: Usually Flipt will be used internally by organizations, so this value depends on how you plan to expose Flipt. When in doubt you can just use the URL to your organization’s home pageAuthorization callback URL
: For this value, you’ll need your Flipt URL followed by /auth/v1/method/github/callback
. Since we will be running Flipt in a Docker container locally, we will use http://localhost:8080/auth/v1/method/github/callback
instead of actual Flipt URL.localhost:8080
here for illustration purposes. In a production
setting, you would use whichever accessible domain name you have configured
for your Flipt deployment. These values can always be changed later after the
creation of the application.Client ID
and Client Secret
from the created OAuth 2.0 appGenerate a new client secret
button (it may ask you to authenticate again with GitHub).
config.yml
config.yml
with certain fields and values.
The configuration documentation goes into more detail on the configuration values available for authentication.
Configure your config.yml
file to enable the GitHub authentication method.
client_id
and client_secret
are going to be the values from your GitHub OAuth application. The redirect_address
will be http://localhost:8080
. The scopes
are entirely dependent on what level of access you would like the returned GitHub access token to have. The GitHub documentation describes a list of valid scopes.
The last bit of configuration is the session details. In order for the browser to establish a session to communicate with Flipt in an authenticated way, you must provide access details in an HTTP cookie whose value is a static token created by Flipt. This static token is created during the GitHub OAuth 2.0 flow, and associated with the GitHub metadata retrieved from the GitHub API with the access token. The domain
value will specify which host can receive the cookie.
config.yml
as a volume in the container, and Flipt will use that configuration as it’s provided as a command line flag option.
http://localhost:8080
URL in the address bar of a browser. You should see the following screen: