---
title: "GitHub"
slug: "github"
updated: 2025-01-10T13:14:30Z
published: 2025-01-10T13:14:30Z
canonical: "docs.safe.security/github"
---

> ## Documentation Index
> Fetch the complete documentation index at: https://docs.safe.security/llms.txt
> Use this file to discover all available pages before exploring further.

# GitHub

## About this document

---

This document provides the step-by-step procedure to configure GitHub in SAFE.

## Introduction

---

SAFE integrates with GitHub, and fetches the security misconfiguration of the GitHub account in SAFE.

## Prerequisites

---

> [!CAUTION]
> Note:
> 
> The option to “Include Advanced Security Data” will only work if the Advanced Security module is enabled in your GitHub account.

- Access Required in **SAFE**:
  - SAFE Admin Access
- Access required in **GitHub**:
  - GitHub Admin or Security Manager Access.
- Required User Inputs:
  - API URL
  - Organisation Name
  - Access Token
- Scope:
  - Basic - `admin:read:org `
  - Additional ( if the Advanced Security checkbox is enabled ) - `repo:security_events`

## Generate Connection Details

---

- How to generate a **Personal Access Token**
  - Log in to your GitHub account.

![](https://cdn.document360.io/23dc20b8-a989-48c0-8653-f1d3e4abc734/Images/Documentation/4.1.png)
  - Click on the User Profile from the top-right of the page.
  - Click on **Settings**.

![](https://cdn.document360.io/23dc20b8-a989-48c0-8653-f1d3e4abc734/Images/Documentation/4.2.png)
  - Scroll down to the left navigation and click on the **Developer Settings** option.

![](https://cdn.document360.io/23dc20b8-a989-48c0-8653-f1d3e4abc734/Images/Documentation/4.3.png)
  - Under **Personal Access Token** click on **Tokens (classic)** option.

![](https://cdn.document360.io/23dc20b8-a989-48c0-8653-f1d3e4abc734/Images/Documentation/4.4.png)
  - Click on the **Generate New Token** button and select the **Generate New Token (classic)** option.

![](https://cdn.document360.io/23dc20b8-a989-48c0-8653-f1d3e4abc734/Images/Documentation/4.5.png)
  - Enter a token name under **Note**.
  - Set token expiration date. It's important to regularly update the API Token in SAFE according to its expiration date.
  - Add the following Permissions:
    - admin:org
      - read:org
    - under repo ( if the Advanced Security checkbox is enabled )

![](https://cdn.document360.io/23dc20b8-a989-48c0-8653-f1d3e4abc734/Images/Documentation/image(408).png)
      - security_events
  - Scroll down and Click on the **Generate Token** button.

![](https://cdn.document360.io/23dc20b8-a989-48c0-8653-f1d3e4abc734/Images/Documentation/4.7.png)
  - The system displays the access token. **Copy** and **save** the token to use while configuring GiHub in SAFE.

![](https://cdn.document360.io/23dc20b8-a989-48c0-8653-f1d3e4abc734/Images/Documentation/4.8.png)

### How to get the **Organization's Name?**

- Log in to your GitHub account.

![](https://cdn.document360.io/23dc20b8-a989-48c0-8653-f1d3e4abc734/Images/Documentation/4.9.png)
- Click on your profile name on the left and select **Manage Organizations** from the drop-down menu.

![](https://cdn.document360.io/23dc20b8-a989-48c0-8653-f1d3e4abc734/Images/Documentation/4.10.png)
- Under Organizations, **copy** and **save** the required organization name to use while configuring GiHub in SAFE.

![](https://cdn.document360.io/23dc20b8-a989-48c0-8653-f1d3e4abc734/Images/Documentation/4.11.png)

### How to get **API URL?**

- Access the GitHub API documentation by clicking on the [link](https://docs.github.com/en/rest/authentication/authenticating-to-the-rest-api?apiVersion=2022-11-28).
- Upon reaching the GitHub API documentation page, locate the "About authentication" section.
- In the exhibit provided, find the base URL highlighted as 3. **Copy** and **save** this *API Base URL* to use it while configuring GitHub in SAFE.

![](https://cdn.document360.io/23dc20b8-a989-48c0-8653-f1d3e4abc734/Images/Documentation/4.12.png)

## Configure GitHub in SAFE

---

- Log in to your SAFE account as **Admin**.
- Click on Integrations from the left navigation.
- Scroll to find GitHub integration card or search for GitHub in the search bar.

![](https://cdn.document360.io/23dc20b8-a989-48c0-8653-f1d3e4abc734/Images/Documentation/image(409).png)
- Hover over the **GitHub** integration card and click on the **Configure** button.
- Enter the following details:
  - **API URL**
  - **Organization Name**
  - **Access Token**
  - **(Optional)** Please check the box if advanced security is enabled in your GitHub account.

![](https://cdn.document360.io/23dc20b8-a989-48c0-8653-f1d3e4abc734/Images/Documentation/image(410).png)
- Enter the **Auto Sync Frequency**.
- Click on the **Test Connection** button.
- Once the connection is successful, click on the **Save** button.

![](https://cdn.document360.io/23dc20b8-a989-48c0-8653-f1d3e4abc734/Images/Documentation/image(411).png)
- Once the configuration is saved successfully, click on the **Sync Now** button to trigger an on-demand sync.
- Upon a successful sync, the system pulls the GitHub assets and their findings in SAFE. You can track the status of the sync in the **History** table.

![](https://cdn.document360.io/23dc20b8-a989-48c0-8653-f1d3e4abc734/Images/Documentation/image(412).png)

## View Results

---
- Go to the integration homepage.
- Scroll to find the GitHub integration card or search for GitHub in the search bar.
- Click on the GitHub integration card for **Finding View** and **Asset View**.
  - **Finding View:** This tab displays all the findings details fetched from GitHub.

![](https://cdn.document360.io/23dc20b8-a989-48c0-8653-f1d3e4abc734/Images/Documentation/image(413).png)
  - **Asset View:**This tab displays all the assets pulled from GitHub.

![](https://cdn.document360.io/23dc20b8-a989-48c0-8653-f1d3e4abc734/Images/Documentation/image(414).png)

> [!WARNING]
> Note
> 
> If the Advanced Security checkbox is enabled, findings from the following three modules—[Secret Scanning](https://docs.github.com/en/enterprise-cloud@latest/code-security/secret-scanning/introduction/about-secret-scanning), [Code Scanning](https://docs.github.com/en/enterprise-cloud@latest/code-security/code-scanning/introduction-to-code-scanning/about-code-scanning), and [Dependabot Alerts](https://docs.github.com/en/enterprise-cloud@latest/code-security/dependabot/dependabot-alerts/about-dependabot-alerts)—will be included for source code repositories that are onboarded as assets in SAFE.

## History

---

Learn More about Integration History [here](https://docs.safe.security/safe-4/docs/integration-history).

## SAFE's Outgoing IP Addresses

---

Click [here](https://docs.safe.security/safe-4/docs/safes-outgoing-ip-addresses) to find the outgoing IP addresses of SAFE. All traffic to any integrations in SAFE will see one IP address as the source IP of the incoming connection.

## FAQs

---

- How long will resolved vulnerabilities remain visible in the Safe platform?

15 Days