You can allow users to sign in to your Rocket.Chat workspace with their GitHub or GitHub Enterprise accounts. Setup involves alternating between GitHub and your Rocket.Chat admin panel, so keep both open in separate tabs.
Note
Rocket.Chat treats GitHub and GitHub Enterprise as separate integrations, each with its own section in the OAuth settings and its own callback URL. Configure the one that matches your environment. If you use both, you can configure them independently.
Prerequisites
A GitHub or GitHub Enterprise account with permission to create OAuth apps
Administrator access to your Rocket.Chat workspace
Step 1: Create a GitHub OAuth app
Go to GitHub Developer Settings. For GitHub Enterprise, go to the equivalent path on your enterprise instance.
Select OAuth Apps → New OAuth App.
Enter the required app details. You will provide the Authorization callback URL in Step 3.
Select Register application.
On the app page, copy the Client ID and select Generate a new client secret.
Important
The Client Secret is shown only once at the moment of generation. Copy it immediately and store it somewhere safe. If you navigate away without copying, you must generate a new secret and update Rocket.Chat with the new value.
Leave this page open. You will return to it in Step 3.
Step 2: Get the callback URL from Rocket.Chat
Sign in to your Rocket.Chat workspace as an administrator.
Go to Manage → Workspace → Settings → OAuth.
Expand the GitHub section (or GitHub Enterprise if you are using an enterprise instance).
Copy the value of Github Callback URL (or GitHub Enterprise Callback URL). It looks like
https://your-domain/_oauth/githuborhttps://your-domain/_oauth/github_enterprise.
Step 3: Add the callback URL to your GitHub OAuth app
Return to your GitHub OAuth app page.
Paste the callback URL you copied from Rocket.Chat into the Authorization callback URL field.
Select Update application.
The Authorization callback URL in GitHub and the callback URL in Rocket.Chat must match exactly, including the scheme and any trailing path. A mismatch typically does not produce an error on GitHub's side, but sign-in will fail at Rocket.Chat with
No matching login attempt found.
Step 4: Configure GitHub OAuth in Rocket.Chat
Back in Rocket.Chat, in the same OAuth section, expand GitHub or GitHub Enterprise depending on your environment.
For GitHub:
Turn OAuth Enabled on.
Enter the following values:
Client Id: the Client ID from your GitHub OAuth app
Client Secret: the Client Secret from your GitHub OAuth app
Select Save changes.
For GitHub Enterprise:
Turn OAuth Enabled on.
Enter the following values:
Server URL: the base URL of your GitHub Enterprise instance, for example
https://github.example.com(no trailing slash)Client Id: the Client ID from your GitHub Enterprise OAuth app
Client Secret: the Client Secret from your GitHub Enterprise OAuth app
Select Save changes.
Verify the setup
Sign out of your workspace.
On the sign-in page, confirm that the Sign in with GitHub button appears.
Select it and complete the GitHub sign-in flow. You should be returned to your workspace and signed in.
Troubleshooting
Sign-in fails with No matching login attempt found
No matching login attempt foundThe Authorization callback URL in GitHub and the callback URL in Rocket.Chat are not identical. Re-copy the value from Rocket.Chat and paste it into GitHub exactly as shown, including the scheme.
The Sign in with GitHub button does not appear
Confirm that OAuth Enabled is on in the correct section (GitHub or GitHub Enterprise), that Client Id and Client Secret are filled in, and that you saved changes. A hard refresh of the sign-in page may be needed.
GitHub Enterprise sign-in redirects to public github.com
You configured the GitHub section instead of the GitHub Enterprise section. The two are separate integrations. Disable OAuth Enabled in the GitHub section and configure the GitHub Enterprise section instead, including its Server URL field.