JupiterOne provides a managed integration with GitHub. The integration connects directly to GitHub APIs to obtain account metadata and analyze resource relationships. Customers authorize access by creating a GitHub OAuth App in their account and providing the app credentials to JupiterOne.
The integration is triggered by an event containing the information for a specific integration instance.
The integration instance configuration requires the customer's GitHub OAuth App
clientSecret to authenticate requests to the GitHub REST APIs.
Detailed instructions for creating the OAuth App are provided by GitHub.
The integration is using GitHub Apps authentication, which requests permissions from the org/account installing the app.
Beside the Metadata Permissions always granted, our app is only requesting Read Only for Repository Metadata and Organization Members at this time.
The following entity resources are ingested when the integration runs:
|GitHub Entity Resource||_type : _class of the Entity|
The following relationships are created/mapped:
Basic relationships within the integration instance account/resources