Github OAuth Plugin

Skip to end of metadata
Go to start of metadata

Plugin Information

Plugin ID github-oauth Changes In Latest Release
Since Latest Release
Latest Release
Latest Release Date
Required Core
0.20 (archives)
Sep 30, 2014
mailer (version:1.4)
github-api (version:1.58)
git (version:2.0.3)
Source Code
Issue Tracking
Pull Requests
Open Issues
Pull Requests
Michael O'Cleirigh (id: mocleiri)
Sam Kottler (id: skottler)
Usage Installations 2014-Jun 3083
2014-Jul 3299
2014-Aug 3362
2014-Sep 3538
2014-Oct 3638
2014-Nov 3775
2014-Dec 3763
2015-Jan 4019
2015-Feb 4058
2015-Mar 4440
2015-Apr 4544
2015-May 4568

Authentication of users is delegated to Github using the OAuth protocol.  Authorization is based on the characteristics of the users Github user data that is retrieved through the Github API (effectively as the authenticated user).

The initial use case supported is that Jenkins is running jobs associated to a single or group of Github organizations. So we will authenticate users against the Github user data base and then authorize those users that are participants in one of the defined organizations with build and read permissions.

We also define a list of usernames that will have full admin rights on Jenkins.

There is also a flag to allow any authenticated user to have read access.

Since version 0.4 there is a way to authorize the use of the github-webhook callback url to receive post commit hooks from Github. This plugin has a checkbox that can allow Github to POST's to be received but you still need to run the Github Plugin to have the message trigger the build.


  1. Create an application registration here:
    Define the application URL and callback url and then use the Client ID and Client Secret with the Github Authentication Plugin.
    Make the callback url look like:
    Important ensure that the securityRealm/finishLogin part is in the url (this is where github redirects the user with the OAUth credential once they have been authorized).
  2. Control user authorization (i.e. who is allowed to see the jobs and build them) using the Github Commiter Authorization Strategy

Further instructions are included in the plugin help.


You have to be a public member of the organization for the authorization to work correctly.


Version 0.19 (Released July 2, 2014)

Version 0.15 (Released March 21, 2014)

  • Don't attempt to set email address property for a user upon login (pull request #14)
  • Use hasExplicitlyConfiguredAddress instead of getAddress(which scans all projects and builds to find users's email address) (committed directly)
  • Fix API token usage on Jenkins core 1.551 (pull request #18)

Version 0.14 (Released July 11, 2013)

Version 0.12 (Released June 13, 2012)

  • Removed the GitHub V2 API dependency.

Version 0.10 (Released March 4, 2012)

  • Thanks to virtix for reporting a bug with the plugin not working with github enterprise.
  • Note that you also have to upgrade the github-api plugin to version 1.17

Version 0.9 (Released January 8, 2012)

  • Thanks to Kohsuke Kawaguchi for several commits that allow github organizations to be specified using the matrix-based security.

Version 0.8.1 (Released November 1, 2011)

  • Fix the custom XStream Converter to allow the configurations to be saved correctly.

Version 0.8 (Released November 1, 2011)

  • Use custom XStream Converter to let < 0.7 configurations to still work.

Version 0.7 (Released October 29, 2011)

  • Adds support for Github Enterprise/Firewall installs.

Version 0.6 (Released September 17, 2011)

  • Adds checkbox to the AuthorizationStrategy configuration page to enable the anonymous read permission. (default is false: no anonymous reads).

Version 0.5 (Released September 10, 2011)

  • Fixes a problem where all users of the plugin would see a stack trace instead of Jenkins. The regex for detecting the github-webhook url was reworked to support that text appearing anywhere in the request URI.

Version 0.4 (Released September 9, 2011)

  • Thanks to vkravets for testing and contributing a patch to fix the regex so that it actually works for the github-wehook.

Version 0.3 (Released September 8, 2011)

  • Adds support for github-plugin's /github-webhook which can be enabled to allow anonymous READ access to this url. This permits a post commit hook in Github to notify Jenkins to build the related projects.

Version 0.2 (Released July 25, 2011)

  • Fixes serialization issue that prevented plugin from working after Jenkins was restarted.

Version 0.1 (Released July 16, 2011)


plugin-user plugin-user Delete
Enter labels to add to this page:
Please wait 
Looking for a label? Just start typing.

Add Comment