GitHub OAuth
Marmot supports GitHub as an OAuth provider for Single Sign-On authentication.
Create a GitHub OAuth App
- Log in to GitHub
- Navigate to Settings → Developer settings → OAuth Apps
- Personal accounts: https://github.com/settings/developers
- Organisations:
https://github.com/organisations/YOUR-ORG/settings/applications
- Click New OAuth App
- Fill in the application details:
- Application name:
Marmot - Homepage URL:
https://your-marmot-domain.com - Authorisation callback URL:
https://your-marmot-domain.com/auth/github/callback
- Application name:
- Click Register application
Generate Client Secret
- On the application page, click Generate a new client secret
- Copy the client secret immediately
Note the Client ID and Client Secret from the application page.
Configure Marmot
You must set MARMOT_SERVER_ROOT_URL to the public URL of your Marmot instance. This is used to build OAuth callback URLs.
export MARMOT_SERVER_ROOT_URL="https://marmot.example.com"
Then set the following environment variables:
export MARMOT_AUTH_GITHUB_ENABLED=true
export MARMOT_AUTH_GITHUB_CLIENT_ID="your-client-id"
export MARMOT_AUTH_GITHUB_CLIENT_SECRET="your-client-secret"
Or configure via config.yaml:
auth:
github:
enabled: true
client_id: "your-client-id"
client_secret: "your-client-secret"
Restart Marmot and the GitHub login button will appear on the login page.