Skip to content

GitHub Authentication

Prowler supports multiple methods to authenticate with GitHub. These include:

  • Personal Access Token (PAT)
  • OAuth App Token
  • GitHub App Credentials

This flexibility allows you to scan and analyze your GitHub account, including repositories, organizations, and applications, using the method that best suits your use case.

Supported Login Methods

Here are the available login methods and their respective flags:

Personal Access Token (PAT)

Use this method by providing your personal access token directly.

prowler github --personal-access-token pat

OAuth App Token

Authenticate using an OAuth app token.

prowler github --oauth-app-token oauth_token

GitHub App Credentials

Use GitHub App credentials by specifying the App ID and the private key.

prowler github --github-app-id app_id --github-app-key app_key

Automatic Login Method Detection

If no login method is explicitly provided, Prowler will automatically attempt to authenticate using environment variables in the following order of precedence:

  1. GITHUB_PERSONAL_ACCESS_TOKEN
  2. GITHUB_OAUTH_APP_TOKEN
  3. GITHUB_APP_ID and GITHUB_APP_KEY
Note

Ensure the corresponding environment variables are set up before running Prowler for automatic detection if you don't plan to specify the login method.