GitHub Radar Connections are specifically configured for Secret Scanning and require specific permissions and webhook configuration.

Check out our GitHub Connection for secret management features such as Secret Syncs.

Self-Hosted Instance

Using a GitHub Radar Connection with app authentication on a self-hosted instance of Infisical requires configuring an application on GitHub and registering your instance with it.

Create an application on GitHub

Navigate to the GitHub App Settings here. Click New GitHub App.

If you have a GitHub organization, you can create an application under it in your organization Settings > Developer settings > GitHub Apps > New GitHub App.

Configure the following fields:

Name - give your app a name
Homepage URL - your self-hosted domain (i.e. https://your-domain.com)
Callback URL - the callback URL for your domain (i.e. https://your-domain.com/organization/app-connections/github-radar/oauth/callback)
User Authorization - enable request user authorization on app installation

Enable and configure the Webhook fields:

Webhook URL - the webhook URL for your domain (i.e. https://your-domain.com/secret-scanning/webhooks/github)
Webhook Secret - a strong, generated secret to verify webhook payloads
SSL Verification - enable SSL verification

Set the following repository permissions:

Contents: Read-only
Metadata: Read-only

Subscribe to the following events:

Push

Create the Github application.

Add your application credentials to Infisical

Generate a new Client Secret for your GitHub application.

Generate a new Private Key for your Github application.

You will need to copy the contents of the .pem file downloaded

Obtain the following credentials:

Slug - the slug of your application found in the URL
App ID - the ID of your application
Client ID - the client ID of your application
Client Secret - the client secret generated above
Private Key - the contents of the private key .pem file generated above
Webhook Secret - the secret generated in the previous step when configuring the webhook

Back in your Infisical instance, add the six new environment variables for the credentials of your GitHub Radar application:

INF_APP_CONNECTION_GITHUB_RADAR_APP_CLIENT_ID: The Client ID of your GitHub application.
INF_APP_CONNECTION_GITHUB_RADAR_APP_CLIENT_SECRET: The Client Secret of your GitHub application.
INF_APP_CONNECTION_GITHUB_RADAR_APP_SLUG: The Slug of your GitHub application. This is the one found in the URL.
INF_APP_CONNECTION_GITHUB_RADAR_APP_ID: The App ID of your GitHub application.
INF_APP_CONNECTION_GITHUB_RADAR_APP_PRIVATE_KEY: The Private Key of your GitHub application.
INF_APP_CONNECTION_GITHUB_RADAR_APP_WEBHOOK_SECRET: The Webhook Secret of your GitHub application.

Once added, restart your Infisical instance and use the GitHub integration via app authentication.

Setup GitHub Radar Connection in Infisical

Navigate to App Connections

Navigate to the App Connections tab on the Organization Settings page.

Add Connection

Select the GitHub Radar Connection option from the connection options modal.

Authorize Connection

Select the GitHub App method and click Connect to GitHub.

Install GitHub App

You will then be redirected to the GitHub App installation page.

Install and authorize the GitHub application. This will redirect you back to Infisical’s App Connections page.

Connection Created

Your GitHub Radar Connection is now available for use.

Was this page helpful?

Suggest edits Raise issue

GitHub Connection GitLab Connection

On this page

Setup GitHub Radar Connection in Infisical

Infisical home page

x linkedin github slack

PRODUCT

Secret Management Secret Scanning Share Secrets Pricing Security Blog Infisical vs Vault Forum

USE CASES

Infisical Agent Kubernetes Dynamic Secrets Terraform Ansible Jenkins Docker AWS ECS GitLab GitHub SDK

DEVELOPERS

Changelog Status Feedback & Requests Trust of Center Open Source Friends How to contribute

OTHERS

Customers Company Handbook Careers Terms of Service Privacy Policy Subprocessors SLA Team Email Sales Support

Assistant

Responses are generated using AI and may contain mistakes.

Infrastructure Integrations

App Connections

Secret Syncs

Native Integrations

CI/CD Integrations

Framework Integrations

Build Tool Integrations

Others

​Setup GitHub Radar Connection in Infisical

Setup GitHub Radar Connection in Infisical