ContextQMD
Back to Medusa

{metadata.title}

www/apps/resources/app/commerce-modules/auth/auth-providers/github/page.mdx

2.14.24.0 KB
Original Source

import { Table, Prerequisites } from "docs-ui"

export const metadata = { title: GitHub Auth Module Provider, }

{metadata.title}

In this guide, you’ll learn about the GitHub Auth Module Provider and how to configure it.

The GitHub Auth Module Provider allows you to authenticate users with their GitHub account.

Register the GitHub Auth Module Provider

<Prerequisites items={[ { text: "Register a GitHub App. When setting the Callback URL, set it to a URL in your frontend that later uses Medusa's callback route to validate the authentication.", link: "https://docs.github.com/en/apps/creating-github-apps/setting-up-a-github-app/creating-a-github-app" }, { text: "Retrieve the client ID and client secret of your GitHub App", link: "https://docs.github.com/en/rest/authentication/authenticating-to-the-rest-api?apiVersion=2022-11-28#using-basic-authentication" } ]} />

To use the GitHub Auth Module Provider, add the module to the array of providers passed to the Auth Module in your medusa-config.ts:

ts
import { Modules, ContainerRegistrationKeys } from "@medusajs/framework/utils"

// ...

module.exports = defineConfig({
  // ...
  modules: [
    {
      resolve: "@medusajs/medusa/auth",
      dependencies: [Modules.CACHE, ContainerRegistrationKeys.LOGGER],
      options: {
        providers: [
          // other providers...
          {
            resolve: "@medusajs/medusa/auth-github",
            id: "github",
            options: {
              clientId: process.env.GITHUB_CLIENT_ID,
              clientSecret: process.env.GITHUB_CLIENT_SECRET,
              callbackUrl: process.env.GITHUB_CALLBACK_URL,
            },
          },
        ],
      },
    },
  ],
})

Environment Variables

Make sure to add the necessary environment variables for the above options in .env:

plain
GITHUB_CLIENT_ID=<YOUR_GITHUB_CLIENT_ID>
GITHUB_CLIENT_SECRET=<YOUR_GITHUB_CLIENT_SECRET>
GITHUB_CALLBACK_URL=<YOUR_GITHUB_CALLBACK_URL>

Module Options

<Table> <Table.Header> <Table.Row> <Table.HeaderCell>Configuration</Table.HeaderCell> <Table.HeaderCell>Description</Table.HeaderCell> <Table.HeaderCell className="w-1/5">Required</Table.HeaderCell> </Table.Row> </Table.Header> <Table.Body> <Table.Row> <Table.Cell> 
  `clientId`
  
  </Table.Cell>
  <Table.Cell>
  
  A string indicating the client ID of your GitHub app.
  
  </Table.Cell>
  <Table.Cell>
  
  Yes
  
  </Table.Cell>
</Table.Row>
<Table.Row>
  <Table.Cell>
  
  `clientSecret`
  
  </Table.Cell>
  <Table.Cell>
  
  A string indicating the client secret of your GitHub app.
  
  </Table.Cell>
  <Table.Cell>
  
  Yes
  
  </Table.Cell>
</Table.Row>
<Table.Row>
  <Table.Cell>
  
  `callbackUrl`
  
  </Table.Cell>
  <Table.Cell>
  
  A string indicating the URL to redirect to in your frontend after the user completes their authentication in GitHub.

  At this URL, the frontend will receive a `code` query parameter. It then sends that  `code` query parameter to the Medusa application's `/auth/{actor_type}/github/callback` route.
  
  </Table.Cell>
  <Table.Cell>
  
  Yes
  
  </Table.Cell>
</Table.Row>

</Table.Body>

</Table>

Override Callback URL During Authentication

In many cases, you may have different callback URLs for actor types. For example, you may redirect admin users to a different URL than customers after authentication.

The Authenticate or Login API Route accepts a callback_url body parameter to override the provider's callbackUrl option. Learn more in the Auth Flows with Routes guide.

Examples