Skip to main content

GitHub organizations

GitGuardian can monitor multiple GitHub organizations that belong to your company. Once configured, GitGuardian will:

  • scan every commit on each repository of the GitHub organization,
  • add the organization’s members to the list of monitored developers, and scan any of their public activity.

Adding organizations to your perimeter

To add GitHub organizations to your monitored list, GitGuardian needs the GitHub ID of each organization. Contact our support team if you are missing a company-owned organization in your perimeter.

Monitoring private members

You can enrich the list of monitored developers with the private members of your GitHub organization by providing GitGuardian an access token with read:org scope.

info

Please note that we currently only accept classic tokens from GitHub. Fine-grained tokens are not supported at this time.

Step 1: Generate a personal access token

Generate a personal access token (classic) from a GitHub account with access to the organization. Select "No expiration" so that GitGuardian can continuously monitor the future addition/removal of members.

Generate GitHub token

Step 2: Submit the token to GitGuardian

Go to your GitGuardian's settings in Integration > Sources > GitHub Public, click "Monitor private members" and submit the GitHub token generated in the previous step.

Monitor private members Monitor private members - submit token

Managing your organization perimeter

To view and manage GitHub organizations in your perimeter:

  1. Navigate to Perimeter > Public sources
  2. Review the list of monitored organizations and repositories
  3. Contact our support team to add missing company-owned organizations