GitHub Auth Module Provider

In this document, you’ll learn about the GitHub Auth Module Provider and how to install and use it in the Auth Module.

The Github Auth Module Provider authenticates users with their GitHub account.

TipLearn about the authentication flow in this guide.

Register the Github Auth Module Provider#

Add the module to the array of providers passed to the Auth Module:

medusa-config.ts
1import { Modules, ContainerRegistrationKeys } from "@medusajs/framework/utils"2
3// ...4
5module.exports = defineConfig({6  // ...7  modules: [8    {9      resolve: "@medusajs/medusa/auth",10      dependencies: [Modules.CACHE, ContainerRegistrationKeys.LOGGER],11      options: {12        providers: [13          // other providers...14          {15            resolve: "@medusajs/medusa/auth-github",16            id: "github",17            options: {18              clientId: process.env.GITHUB_CLIENT_ID,19              clientSecret: process.env.GITHUB_CLIENT_SECRET,20              callbackUrl: process.env.GITHUB_CALLBACK_URL,21            },22          },23        ],24      },25    },26  ],27})

Environment Variables#

Make sure to add the necessary environment variables for the above options in .env:

Code
1GITHUB_CLIENT_ID=<YOUR_GITHUB_CLIENT_ID>2GITHUB_CLIENT_SECRET=<YOUR_GITHUB_CLIENT_SECRET>3GITHUB_CALLBACK_URL=<YOUR_GITHUB_CALLBACK_URL>

Module Options#

ConfigurationDescriptionRequired

clientId

A string indicating the client ID of your GitHub app.

Yes

clientSecret

A string indicating the client secret of your GitHub app.

Yes

callbackUrl

A string indicating the URL to redirect to in your frontend after the user completes their authentication in GitHub.

At this URL, the frontend will receive a code query parameter. It then sends that code query parameter to the Medusa application's /auth/{actor_type}/github/callback route.

Yes


Override Callback URL During Authentication#

In many cases, you may have different callback URL for actor types. For example, you may redirect admin users to a different URL than customers after authentication.

The Authenticate or Login API Route can accept a callback_url body parameter to override the provider's callbackUrl option. Learn more in this documentation.


Examples#

Was this page helpful?
Edit this page