Skip to content

GitHub OAuth

This page is roadmap documentation only. It should not be treated as a working setup guide for the current branch.

Current status

  • No built-in GitHub OAuth flow is shipped here
  • No login, callback, or session endpoints are available on this branch
  • The public configuration API for this feature is still pending implementation

What to use today

For production protection today, use Cloudflare Access. That is the only documented auth flow that matches the current code.

Planned use case

The intended direction is team login through GitHub accounts, but the final configuration shape, callback handling, and session model are not part of the current codebase yet.

Dev Branch Preview

On the dev branch, GitHub OAuth is configured through the oauth() provider:

// dev branch preview only
import { oauth } from '@conloca/content-api/node';

auth: {
  provider: oauth({
    github: {
      clientId: process.env.GITHUB_CLIENT_ID,
      clientSecret: process.env.GITHUB_CLIENT_SECRET,
    },
    sessionSecret: process.env.SESSION_SECRET,
  }),
  roles: {
    admin: ['lead@company.com'],
    editor: ['*@company.com'],
  },
}

The current dev implementation also adds /__cms/auth/login and /__cms/auth/callback routes plus signed session cookies.

Next steps