You are viewing version v2.0-2.19 of the documentation, which is no longer maintained. For up-to-date documentation, see the latest version.

Configuring GitHub OAuth for Spinnaker

This post describes how to configure GitHub and Spinnaker to use GitHub as an OAuth2 authenticator.


  • Ability to modify developer settings for your GitHub organization
  • Access to Halyard
  • A Spinnaker deployment with DNS and SSL configured

Configuring GitHub OAuth

  1. Login to GitHub and go to Settings > Developer Settings > OAuth Apps > New OAuth App
  2. Note the Client ID / Client Secret
  3. Homepage URL: This would be the URL of your Spinnaker service e.g.
  4. Authorization callback URL: This is going to match your --pre-established-redirect-uri in halyard and the URL needs login appended to your gate endpoint e.g. or

Configuring Spinnaker with Halyard

Run the following commands in Halyard with your Client ID and Client Secret.


hal config security authn oauth2 edit \
  --client-id $CLIENT_ID \
  --client-secret $CLIENT_SECRET \
  --provider $PROVIDER \
  --scope read:org,user:email \
  --pre-established-redirect-uri ""

hal config security authn oauth2 enable
Last modified June 16, 2020: fix rest of 404s (7a31ec9)