GitHub organizations
GitGuardian can monitor multiple GitHub organizations that belong to your company. Once configured, GitGuardian will:
- scan every commit on each repository of the GitHub organization,
- add the organization’s members to the list of monitored developers, and scan any of their public activity.
Adding organizations to your perimeter
To add GitHub organizations to your monitored list, GitGuardian needs the GitHub ID of each organization. Contact our support team if you are missing a company-owned organization in your perimeter.
Monitoring private members
You can enrich the list of monitored developers with the private members of your GitHub organization by providing GitGuardian an access token with read:org
scope.
Please note that we currently only accept classic tokens from GitHub. Fine-grained tokens are not supported at this time.
Step 1: Generate a personal access token
Generate a personal access token (classic) from a GitHub account with access to the organization. Select "No expiration" so that GitGuardian can continuously monitor the future addition/removal of members.
Step 2: Submit the token to GitGuardian
Go to your GitGuardian's settings in Integration > Sources > GitHub Public, click "Monitor private members" and submit the GitHub token generated in the previous step.
Managing your organization perimeter
To view and manage GitHub organizations in your perimeter:
- Navigate to Perimeter > Public sources
- Review the list of monitored organizations and repositories
- Contact our support team to add missing company-owned organizations