OAuth Setup Guide
Complete guide to OAuth setup with GitHub. Understand the authentication flow, required permissions, and how to securely connect your repositories to DevLyTicks.
OAuth (Open Authorization) is an industry-standard protocol that allows DevLyTicks to access your GitHub data securely without storing your GitHub password.
How OAuth Works:
- You click "Sign in with GitHub" on DevLyTicks
- GitHub asks you to authorize DevLyTicks
- You review and approve the requested permissions
- GitHub sends a secure token to DevLyTicks
- DevLyTicks uses this token to access your data
- You can revoke access anytime from GitHub settings
Secure: DevLyTicks never sees or stores your GitHub password. All authentication is handled by GitHub's secure OAuth servers.
Understanding the OAuth flow helps you feel confident about the security of your GitHub data.
1Initial Request
When you click "Sign in with GitHub", you're redirected to GitHub's authorization page.
2Permission Review
GitHub shows you exactly what permissions DevLyTicks is requesting. You can review each permission before approving.
3Authorization
After you approve, GitHub generates a secure, time-limited access token for DevLyTicks.
4Redirect & Login
GitHub redirects you back to DevLyTicks with the token, and you're automatically logged in.
DevLyTicks requests the minimum permissions necessary to provide analytics. Here's what each permission is used for:
Read access to code
Why needed: Analyze commit history, file changes, and repository structure
✓ Read commits and diffs • ✓ View file contents • ✓ Access repository metadata
Read access to pull requests
Why needed: Track PR metrics, review comments, and merge statistics
✓ View PRs and reviews • ✓ Read PR comments • ✓ Track merge activity
Read access to issues
Why needed: Monitor issue creation, closure rates, and team responsiveness
✓ View issues • ✓ Read issue comments • ✓ Track issue lifecycle
Read access to metadata
Why needed: Access basic repository information and contributor profiles
✓ Repository name and description • ✓ Contributor usernames • ✓ Repository visibility
Read access to organization members
Why needed: Identify team members and organizational structure
✓ View organization roster • ✓ Team assignments • ✓ Member roles
Read-Only Access: DevLyTicks only requests read permissions. We never write, modify, or delete your code or repositories.
Follow these steps to install the DevLyTicks GitHub App and grant repository access.
Step 1: Start Installation
Click "Sign in with GitHub" on DevLyTicks homepage or dashboard
Step 2: Select Account
Choose whether to install on your personal account or an organization
Step 3: Choose Repositories
Select "All repositories" or choose specific repositories to analyze
Step 4: Review Permissions
GitHub displays all requested permissions. Review and click "Install"
Step 5: Complete Setup
You'll be redirected to DevLyTicks dashboard. Your repositories will start syncing automatically.
You can add or remove repository access at any time without reinstalling the app.
To Add Repositories:
- Go to GitHub Settings → Applications → Installed GitHub Apps
- Find "DevLyTicks" and click "Configure"
- Under "Repository access", select additional repositories
- Click "Save" - repositories will sync within minutes
To Remove Repositories:
- Follow the same path as above
- Deselect repositories you want to remove
- Data for removed repositories will be archived (not deleted)
- You can re-add repositories later to restore access
You can revoke DevLyTicks access to your GitHub account at any time. This is completely safe and reversible.
From GitHub:
Settings → Applications → Installed GitHub Apps → DevLyTicks → Uninstall
From DevLyTicks:
Dashboard → Organization Settings → Integrations → Disconnect GitHub
Note: Revoking access will stop data syncing but won't delete your historical analytics data. Contact support to delete all data.
Troubleshoot common OAuth issues and errors you might encounter.
Error: "Redirect URI mismatch"
This happens when the callback URL doesn't match the configured OAuth app settings.
Solution: Clear your browser cache and try again. If the issue persists, contact support.
Error: "Organization access required"
Your organization requires third-party app approval before you can install DevLyTicks.
Solution: Contact your GitHub organization admin to approve DevLyTicks app access.
Error: "Insufficient permissions"
You don't have permission to install apps on the selected repository or organization.
Solution: Ask an organization owner to install DevLyTicks or request admin access.
- •Review Permissions - Always review requested permissions before authorizing
- •Minimum Access - Only grant access to repositories you want to analyze
- •Regular Audits - Periodically review authorized apps in GitHub settings
- •Organization Approval - Enable third-party app approval for organizations
- •Monitor Activity - Check GitHub's security logs for unexpected app activity