> ## Documentation Index
> Fetch the complete documentation index at: https://docs.replit.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Configure GitHub OAuth

> Set up GitHub as a social sign-in provider for your app's authentication

This guide walks you through creating a GitHub OAuth app in GitHub Developer Settings. You'll collect a **Client ID** and **Client Secret** to plug into the **Auth pane**.

<Note>
  This page covers only the provider-side setup in GitHub Developer Settings. For the overall Clerk Auth flow — including enabling GitHub and entering credentials in the **Auth pane** — see [Configuring OAuth credentials for an SSO provider](/core-concepts/project-editor/auth-and-security/clerk-auth#configuring-oauth-credentials-for-an-sso-provider) in the Clerk Auth doc.
</Note>

## Prerequisites

* A [GitHub account](https://github.com)
* A [published Replit app](/category/replit-deployments) — custom OAuth credentials are only available in the **Production** environment
* The **GitHub** provider's edit panel opened in: **Auth pane** → **Configure** tab → **SSO providers** section → select the **Production** environment → select **Edit** next to **GitHub**

## Step 1: Create a GitHub OAuth app

1. Navigate to [GitHub Developer Settings](https://github.com/settings/developers)
2. Select **OAuth Apps** in sidebar
3. Select **New OAuth App**
4. Fill in the application details:

**Application name:**

Enter a name for your application.

**Homepage URL** and **Authorization callback URL:**

Set both to the exact values shown under **Provider setup** in the **Auth pane**. See [Configuring OAuth credentials for an SSO provider](/core-concepts/project-editor/auth-and-security/clerk-auth#configuring-oauth-credentials-for-an-sso-provider) for how to find them.

5. Select **Register application**

## Step 2: Generate client credentials

1. You'll see your **Client ID** on the app's settings page - copy it
2. Select **Generate a new client secret**
3. Copy your **Client Secret** immediately

<Warning>
  Save your Client Secret securely. You can't view it again after leaving the page. If lost, you'll need to generate a new one.
</Warning>

## Troubleshooting

### Redirect URI mismatch

* Verify the Authorization callback URL exactly matches the value shown under **Provider setup** in the **Auth pane**
* Check for typos or incorrect protocols
* No trailing slashes

### Invalid client

* Double-check Client ID and Client Secret are copied correctly
* Ensure no extra spaces when pasting

### Not working on custom domain

* Update the Homepage URL and Authorization callback URL to the custom-domain values shown under **Provider setup** in the **Auth pane**