GitHub integration

Complete the following steps to integrate Identity Security Posture Management (ISPM) with your GitHub organizations:

  1. Install Spera Security
  2. Create a personal access token
  3. Identify your GitHub account type
  4. Share the parameters with ISPM

Install Spera Security

  1. Go to the Spera Security app page.
  2. Click Install.
  3. Select the org where you want to install the app.
  4. Select All repositories and click Install & Authorize. You're prompted to approve multiple read-only permissions.

    You're also prompted to approve one read & write permission to the organization's members. ISPM uses the read & write permission only to read the SSO access to GitHub information because it isn't readable with the read-only permissions.

Create a personal access token

  1. Sign in to GitHub as a user with admin permissions.
  2. Go to your GitHub dashboard and click your profile icon to open the menu.
  3. Go to Settings Developer settings Personal access tokens Tokens (classic).
  4. Click Generate new token and select Generate new token (classic).
  5. Enter a Note for your new personal access token (classic), for example, Identity Security Posture Management Integration.
  6. Open the Expiration menu and select No expiration.
  7. In the Select Scopes section, select the following permissions:
    • read:org
    • read:user
    • user:email
    • read:enterprise
    • read:audit_log
  8. Click Generate token.
  9. Copy your token and store it securely.

If the account loses access, the integration stops working.

Identify your GitHub account type

  1. In GitHub, go to theSettingsEnterprises page.
  2. Find your org. If it's listed in the Enterprises section, you're using an enterprise account. If it's listed in the Eligible organizations section, you're using a non-enterprise account.

Share the parameters with ISPM

  1. In the Identity Security Posture Management console, go to SettingsConnected sources.

  2. Select GitHub.
  3. Enter the personal access token that you created earlier.
  4. If you're using an enterprise account, share the enterprise slug. You can find the slug in the enterprise URL. For example: https://github.com/enterprises/my-org, where my-org is the slug.
  5. If you're using a non-enterprise account, share the organization ID. You can find the organization ID by going to the organization that you connected to ISPM and copying the ID from the URL. For example: https://github.com/my-org, where my-org is the organization ID.
  6. Click Submit.