By enabling the GitHub Security connector, you can analyze GitHub security alerts and map them to services, repositories, and teams. Please visit our schema explorer to see what data DX imports.

Before proceeding, please make sure that you have first enabled the GitHub connector by following the steps documented here. Each GitHub-related connection in DX should utilize a separate GitHub App in order to avoid rate limit issues.

Prerequisites

To connect GitHub to DX, you need:

a GitHub account that is an Organization owner or Enterprise owner
if your GitHub instance is behind a firewall or has IP restrictions, you need to allowlist DX IP addresses

Setup instructions

Follow the steps below to connect GitHub to DX.

Step 1

If you are using GitHub Enterprise Cloud, browse to the URL below with ENTERPRISE_NAME replaced:

https://github.com/enterprises/ENTERPRISE_NAME/settings/apps/new?public=false&members=read&url=https://getdx.com&metadata=read&webhook_active=false

If you are using GitHub Enterprise Server or GitHub Team Edition, browse to the URL below with ORGANIZATION_NAME replaced:

https://github.com/organizations/ORGANIZATION_NAME/settings/apps/new?public=false&members=read&url=https://getdx.com&metadata=read&webhook_active=false

We recommend naming your app "[COMPANYNAME] DX - GitHub Security" to avoid naming collisions with other GitHub Apps.

Then, below are the full set of GitHub App permissions that you need to enable:

Repository permissions
- Read-only access to Dependabot alerts
- Read-only access to Code scanning alerts
- Read-only access to Secret Scanning Alerts
Organization permissions
- Read-only access to Members

Step 2

Scroll to the bottom of the page and click the "Create GitHub App" button.

Step 3

The App ID will be shown at the top of the subsequent screen. Copy this ID down so it can be entered into DX later.

Step 4

On the same screen, scroll down to the "Private keys" heading and click "Generate a private key" which will initiate a download of a PEM file. Copy the contents of this file to be entered into DX later.

Step 5

Click on the "Install App" link in the sidebar navigation and then click "Install" beside your GitHub organization. Enable access to the same repositories that are enabled for your main GitHub connector.

Step 6

Navigate to the connector setup form in DX.
Enter the credentials you have generated in the previous steps—refer to the information below for errors and troubleshooting.

API Reference

The table below lists the specific API endpoints that are used by DX.

Endpoint	Reference
/repos/{org}/{repo}/dependabot/alerts	List Dependabot Alerts for a Repository
/repos/{org}/{repo}/code-scanning/alerts	List Code scanning alerts for a Repository
/repos/{org}/{repo}/secret-scanning/alerts	List Secret scanning alerts for a Repository

Errors

The table below lists potential error codes when adding a connection in DX.

Error	Description
`invalid_credentials`	Your API credentials entered are not valid.
`invalid_permissions`	Your GitHub App installation does not have the permissions required by DX.
`no_resources`	Your GitHub App installation cannot access any repositories.
`private_key_needed`	The key passed in is not an RSA private key.