GitHub
Connect GitHub repositories using the SigSentry GitHub App or a personal access token
GitHub is supported via two auth methods: the SigSentry GitHub App (recommended) or a personal access token. The App is more secure, supports per-repo authorization, and allows organization-level installation; the PAT is simpler if you can't install Apps in your org.
Recommended: GitHub App
The GitHub App approach is what you want if you have any choice in the matter. It supports:
- Granular per-repo authorization (you pick which repos SigSentry can read)
- Tokens scoped to a single installation, refreshed automatically
- Webhook events when repos are added or removed
- Revocation by uninstalling the App in one click
Click "Install GitHub App" in SigSentry
In the dashboard under Project → Code Repos → Connect repository → GitHub → Install GitHub App, you'll be redirected to GitHub's App installation flow.
Choose where to install it
GitHub asks whether to install on your personal account or an organization. Pick the right one for the repos you want SigSentry to analyze.
Pick repositories
Choose All repositories if you want SigSentry to access everything (easiest but broadest), or Only select repositories to pick specific ones. The App requests these permissions:
| Permission | Why |
|---|---|
| Contents: Read | Reading file contents during analysis |
| Metadata: Read | Listing branches, commits, refs |
| Pull requests: Read | Reading PR diffs to correlate with symptoms |
Click Install & Authorize.
Return to SigSentry
GitHub redirects back to SigSentry. The repos you authorized are now listed — pick one or more to attach to this project.
Configure repos for this project
| Field | Value |
|---|---|
| Repositories | One per line, in owner/repo format. e.g. acme/checkout-api |
| Lookback days | How far back to search PR history. Default 30 |
(Optional) Add service mappings
Service mappings tell the AI which log service name corresponds to which repo path. See Service mappings.
Save
Click Save. The repo is now active. Run an analysis on this project — the result should include code correlation pointing at specific files and PRs.
Fallback: Personal Access Token
Use this if GitHub Apps aren't available in your organization, or for quick personal testing.
Generate a Personal Access Token
In GitHub, go to Settings → Developer settings → Personal access tokens → Fine-grained tokens → Generate new token.
| Setting | Value |
|---|---|
| Token name | sigsentry-readonly |
| Expiration | Set a real expiration; rotate periodically |
| Repository access | Pick the specific repos SigSentry should read |
| Permissions | Contents: Read, Metadata: Read, Pull requests: Read |
Click Generate token and copy it — it's shown only once.
Classic PATs (the ones with repo scope) also work but grant much
broader access. Use fine-grained tokens whenever possible.
Add the repo source in SigSentry
Project → Code Repos → Connect repository. Pick GitHub as the platform and Personal Access Token as the auth method.
Enter token and repos
| Field | Value |
|---|---|
| Personal access token | The PAT you generated |
| Repositories | One per line, owner/repo format |
| Lookback days | Default 30 |
Save
Click Save. Same as the App flow from here.
GitHub Enterprise
For GitHub Enterprise Server (self-hosted GitHub), connecting works
the same way as GitHub.com, but you'll need to set the Base URL in
the credentials field to your Enterprise instance — e.g.
https://github.example.com/api/v3.
GitHub App installation also works on Enterprise; the authorization flow redirects to your Enterprise URL instead of github.com.
Revoking access
To revoke SigSentry's access:
| For | Action |
|---|---|
| GitHub App | Uninstall the App at GitHub → Settings → Applications |
| PAT | Revoke the token at GitHub → Settings → Personal access tokens |
Revoked credentials stop working immediately. Update or remove the log source in SigSentry as well.
Troubleshooting
| Error | Fix |
|---|---|
401 Unauthorized | App not installed on the repo, or PAT expired |
404 Not Found | Repo name typo, or the App lacks access to that specific repo |
403 rate limit exceeded | Hitting GitHub API limits; reduce concurrent analyses or retry later |
| Code correlation missing from results | Repo is connected but file paths don't match log service names — see Service mappings |