GitHub Enterprise OAuth2
npm Enterprise allows you to log in to your private registry and website using a GitHub Enterprise OAuth2 Client.
Note: the specialized Github Enterprise Integration supports both authentication and authorization, and may be a better solution depending the type of authorization you have enabled for GitHub Enterprise.
To get up and running with GitHub Enterprise SSO, follow these simple steps:
Server Configuration
There are two basic steps to server-side configuration: creating an OAuth client in GitHub Enterprise, and configuring authentication in npm Enterprise.
Setup OAuth2 client credentials in GitHub Enterprise
- Login to your GitHub Enterprise appliance.
- Click on Settings, OAuth Applications, Register a new OAuth application.
Fill in the requested information:
Application Name
: npm Enterprise.Homepage URL
: URL of your npm Enterprise website.Authorization callback URL
:http://npm.mycompany.com:8081/auth/oauth2/callback
, wherenpm.mycompany.com:8081
is the address your npm Enterprise website.
Create the application and take note of the values
Client ID
, andClient Secret
.
Configure authentication settings in npm Enterprise
In another browser tab, go to the /settings
page of the npm Enterprise admin console (port :8800
).
Under Authentication, select OAuth2 and enter the following values:
Config Field | Config Value |
---|---|
Client ID | Paste value from GitHub Enterprise |
Client Secret | Paste value from GitHub Enterprise |
API Endpoint | ```https://your-github-enterprise-server/login``` |
Token Path | /oauth/access_token |
Authorization Path | /oauth/authorize |
Redirect URI | Enter the same value you gave to GitHub Enterprise when creating client credentials, e.g., ```http://npm.mycompany.com:8081/auth/oauth2/callback``` |
Scope | user |
Profile URL | ```https://your-github-enterprise-server/api/v3/user``` |
Email Key | |
User Key | login |
Click Save to save these settings and then Restart now to restart the appliance and apply these settings.
That's all the server-side configuration you need!
Client Login
Client login using SSO behaves differently than other authentication mechanisms, see Single Sign-On Authentication.