GitHub for Snyk Essentials

GitHub setup guide for Snyk Essentials

If you used GitHub Apps for your SCM integrations at the Snyk Organization level, Snyk Essentials requires an overview of your GitHub Organization. This means that the GitHub integration in Snyk Essentials uses an API token as an authentication method to onboard your GitHub Organization.

Pulled entities by Snyk Essentials from GitHub

Repositories
Builds - only when using GitHub Actions.
Scans - only when using Code security.

Prerequisites

Ensure you meet all prerequisites listed on the GitHub and GitHub Enterprise permission requirements page.

Integrate GitHub using Snyk Essentials

Profile name (mandatory): Input your integration profile name.
Organizations (mandatory): Input the names of all the relevant GitHub organizations.

If you have changed the name of your GitHub organization, copy the new name from the GitHub URL and paste it into the GitHub Organizations field in the Snyk Essentials Integration Hub.

Access Token (mandatory): Create your GitHub PAT from your GitHub Organization.

Generate your GitHub PAT by following the instructions in the Generate a Personal access token from your GitHub settings section.
Authorize your GitHub PAT if you have configured SAML SSO. See the How to authorize your Personal Access Token and enable SSO page for more details.

Broker Token (mandatory): Create and add your Broker token if you use Snyk Broker.
- Generate your Broker token by following the instructions from the Obtain your Broker token for Snyk Broker page.
- Copy and paste the Broker token on the integration setup menu from the Integration Hub.
API URL (mandatory) - Input the API URL. The default URL is https://api.github.com.
Pull personal repositories (optional): Enable the option if you only want to pull the repositories you own.
Add Backstage Catalog (optional): If you want to add your Backstage catalog, follow the instructions from the Backstage file for SCM Integrations page.

If you enabled the Pull personal repositories option, only your personal repositories are pulled, not the public ones.

If you want to pull data from both organization and personal repositories, then you must set up separate profiles.

Generate a Personal access token from your GitHub settings

Open GitHub and click the Settings menu for your profile.
Select Developer settings from the left sidebar.
Select Personal access tokens and then Tokens (classic).
Click Generate new token and, from the dropdown, select Generate new token (classic).
Add a description for your token in the Note field.
Select the required permissions:
- repo
- read:org
- read:user
- user:email.
Click Generate token.
Copy and store the displayed key.

Fine-grained personal access token is not supported.

API Version

You can use the GitHub REST API repository to access information about the API.

You can use as the host Address the IP/URL of the GitHub server. The default URL is https://api.github.com.

The user associated with the token needs to have write permissions on relevant repositories to collect a breakdown of scan issues.

PreviousGroup-level integrations NextGitLab for Snyk Essentials

Last updated 1 month ago

Was this helpful?