a765c1543e
Co-authored-by: MrCloudSec <hello@mistercloudsec.com> Co-authored-by: Andoni A. <14891798+andoniaf@users.noreply.github.com>
1.4 KiB
GitHub Authentication
Prowler supports multiple methods to authenticate with GitHub. These include:
- Personal Access Token (PAT)
- OAuth App Token
- GitHub App Credentials
This flexibility allows you to scan and analyze your GitHub account, including repositories, organizations, and applications, using the method that best suits your use case.
Supported Login Methods
Here are the available login methods and their respective flags:
Personal Access Token (PAT)
Use this method by providing your personal access token directly.
prowler github --personal-access-token pat
OAuth App Token
Authenticate using an OAuth app token.
prowler github --oauth-app-token oauth_token
GitHub App Credentials
Use GitHub App credentials by specifying the App ID and the private key.
prowler github --github-app-id app_id --github-app-key app_key
Automatic Login Method Detection
If no login method is explicitly provided, Prowler will automatically attempt to authenticate using environment variables in the following order of precedence:
GITHUB_PERSONAL_ACCESS_TOKENOAUTH_APP_TOKENGITHUB_APP_IDandGITHUB_APP_KEY
???+ note Ensure the corresponding environment variables are set up before running Prowler for automatic detection if you don't plan to specify the login method.