Source Control Management (SCM) Authenticators generate authorization tokens to authenticate OAuth-based Single-Sign-On requests from gopaddle. Authenticators need to be registered in gopaddle based on the type of gopaddle installation and the SCM environment.

Please check the reference table for creating SCM authenticators :

Follow the step below to create and register an SCM authenticator in gopaddle :

Step 1 : Create Application in Source Control Environment

a) GitHub Application

  1. In the GitHub portal, under Profile or Company Settings, navigate to the Developer Settings and choose OAuth Apps

  2. Create a new application by choosing New OAuth App

  3. In the New OAuth App creation wizard, provide the Name and the home page URL

  4. For the Authorization callback URL,  specify the call-back URL. If you are using managed gopaddle (SaaS), then specify the callback URL as https://portal.gopaddle.io/codes. If you are using the on-premise edition of gopaddle, then specify the callback URL as the home URL of the gopaddle service. Please check the SCM Authenticator reference table above for more information.

  5. Once the application is created, copy the Client ID and the Client Secret generated for the GitHub account

b) GitLab Application

  1. In the GitLab portal, open Profile settings and navigate to the Applications section in the left panel.

  2. Create a New Application with the following permissions and specify the Redirect URI. If you are using managed gopaddle (SaaS), then specify the Redirect URI as https://portal.gopaddle.io/codes. If you are using the on-premise edition of gopaddle, then specify the Redirect URI as the home URL of the gopaddle service. Please check the SCM Authenticator reference table above for more information.

  • api (Access the authenticated user's API)

  • read_user (Read the authenticated user's personal information)

  • read_repository (Allows read-only access to the repository)

  • profile (Allows read-only access to the user's personal information using OpenID Connect)

  • email (Allows read-only access to the user's primary email address using OpenID Connect)

3. Once the application is created, copy the Application ID and the Secret

c) Bitbucket Application

  1. In the Bitbucket portal, under user profile select the Workspace and Choose Settings and navigate to the OAuth Consumers Section and click on Add Consumer.

  2. Provider the Name and URL of the application and specify the Callback URL. If you are using managed gopaddle (SaaS), then specify the Callback URL as https://portal.gopaddle.io/codes. If you are using the on-premise edition of gopaddle, then specify the Callback URL as the home URL of the gopaddle service. Please check the SCM Authenticator reference table above for more information.

  3. Under Permissions, select the following permissions

  • Accounts (Read)

  • Pull Requests (Read)

  • Issues (Read)

  • Projects (Read)

  • Repositories (Read)

  • Webhooks (Read and Write)

4. Once the application is created, copy the generated Key and Secret.

Step 2 : Register SCM authenticator in gopaddle

  1. In the gopaddle portal, navigate to the Settings option in the top navigation bar panel and select Code option.

  2. Select the Source Control Authenticators tab, and choose Add Code Authenticator tab.

  3. Choose the type of the Provider as either GitHub or GitLab or Bitbucket.

  4. Choose the Provider Type as On-premise SCM

  5. Under the Provider URL, specify the home URL of the on-premise Source Control environment

  6. Provide the credentials created in Step 1 (Create Application in Source Control Environment).

  • Client ID & Client Secret in case of GitHub

  • Application ID and Secret in case of GitLab 

  • Key and Secret in case of Bitbucket

Redirect URL : In case of a gopaddle SaaS subscription, the Redirect URL will be automatically discovered. In case you are using the on-premise edition of gopaddle, set the Redirect URL to the home URL of gopaddle service. Ensure that the correct endpoint protocol is specified ie., http or https and also ensure there are no trailing / (slash) in the endpoint.

Did this answer your question?