GitHub sign-in
Enable Sign in with GitHub for your app using SimpleAuth — dashboard setup, BYO OAuth App, and React SDK.
This guide walks through Sign in with GitHub end-to-end: turning it on in the SimpleAuth dashboard, optionally bringing your own GitHub OAuth App, and adding a button in your frontend.
Part 1 — Enable in the dashboard
- Sign in to SimpleAuth and open your app.
- Go to Settings.
- Turn Enable GitHub sign-in on.
- Choose Shared (fastest) for local development (uses the server’s
GITHUB_OAUTH_SHARED_*env vars), or Your GitHub credentials for production. - Under Allowed redirect origins, add one origin per line, e.g.
https://myapp.comandhttp://localhost:3000. These must match the origin of theredirectUrlyou pass from your app (path can differ; origin must match). In development,http://localhost/127.0.0.1on any port is allowed even if omitted. - Click Save.
Redirect URL in your app
After GitHub redirects to SimpleAuth, SimpleAuth sets the session cookie and redirects the browser to the redirectUrl you passed when starting OAuth (must be allowed). From there, call me() or use your React session hooks as usual.
Part 2 — Bring your own GitHub OAuth App (BYO)
- Go to GitHub → Settings → Developer settings → OAuth Apps (or your org’s developer settings).
- Click New OAuth App.
- Set Application name, Homepage URL (your product URL), and Authorization callback URL to the exact callback URL for the SimpleAuth API host, e.g.
https://simpleauth.net/api/external/auth/oauth/github/callback
When developing against a local SimpleAuth server, usehttp://localhost:3000/api/external/auth/oauth/github/callbackinstead. - Click Register application, then copy the Client ID and generate a Client secret (copy it once — GitHub may not show it again).
- In SimpleAuth Settings → GitHub sign-in, select Your GitHub credentials, paste Client ID, paste Client Secret (first time), set Allowed redirect origins, and Save.
Part 3 — Frontend (React CLI + button)
- Install the JS SDK in your app:
npm install @simpleauthjs/core - Add the GitHub feature (if you did not use the
basicpreset which already includes it):
npx @simpleauthjs/react add github-auth- Pass a post-login URL into your sign-in UI (same origin must be allowlisted):
<SignInForm githubRedirectUrl="https://myapp.com/dashboard" />or use the button directly:
import { GithubButton } from "@/components/simpleauth"
<GithubButton redirectUrl="https://myapp.com/dashboard" />- Or call the client from your own button:
import { createSimpleAuthClient } from "@simpleauthjs/core"
const auth = createSimpleAuthClient({ apiKey: "sa_live_…" })
auth.signInWithGithub({ redirectUrl: "https://myapp.com/dashboard" })Part 4 — Troubleshooting
| Symptom | What to check |
|---|---|
Invalid redirect URL | The origin of redirectUrl must be listed under Allowed redirect origins (or be localhost HTTP in development). |
GitHub sign-in is not enabled for this app | Toggle Enable GitHub sign-in on in Settings and save. |
GitHub sign-in is not configured on this server | Shared mode requires GITHUB_OAUTH_SHARED_CLIENT_ID and GITHUB_OAUTH_SHARED_CLIENT_SECRET on the SimpleAuth server. |
GitHub account has no verified email | The GitHub user has no verified email. Ask them to verify one at github.com/settings/emails. |
oauth_error=… query param after redirect | Read the message; common cases: expired state, invalid OAuth state cookie, or email already registered without a verified match. |
| Popup flow | Not supported yet; use full-page redirect (signInWithGithub / getGithubAuthUrl). |
Webhooks
SimpleAuth may enqueue webhook events such as user.signed_in_via_github, user.registered_via_github, and user.linked_github_account when your app has active webhook endpoints configured.