GitHub App Integration for Dedicated Cloud


The GitHub App Integration allows Codecov to:

  1. Provide login with GitHub functionality to end users
  2. Post comments and status on Pull Requests in GitHub
  3. Sync Codecov state to GitHub via webhooks
  4. For the user to provide fine grained controls for determining which GitHub repositories Codecov can access

Ingredients list from the new Codecov GitHub app

Codecov needs several different values from the GitHub App Integration to enable the communication between your GitHub organization and your instance of the Dedicated Cloud.

  1. New Codecov Github App Client ID
  2. New Codecov Github App Client Secret
  3. New Codecov Github App App ID
  4. New Codecov GitHub App PEM (Private Key)
  5. New Codecov Github Webhook Secret


On sharing Codecov GitHub app credentials

Please do not email or send unencrypted credentials. Please work with your Codecov representative or email [email protected] for one of several secure methods for sharing credentials.

A common method is to send credentials that have been encrypted using Codecov's public PGP Key.

Creating a GitHub App Integration

There are 2 paths for creating the required GitHub App Integration

  1. Prefilled Github App Creation
  2. Manual GitHub App creation


Please ensure you have created the GitHub App following 1 of the methods above prior to continuing


Once the GitHub App is created, a Client ID will be generated automatically by GitHub. Additionally you will need to generate a new Client Secret and private key for the App in the GitHub user interface.

Client ID and App ID

GitHub provides these 2 credentials by default on creation of the GitHub App.

Client Secret

Directly below the client id section of the GitHub App UI is the client secret section. Generate a new secret and copy the value for later transmission to your Codecov representative.

Private Keys

Near the bottom of the GitHub App UI, there is the option to generate a private key. This will allow you download a secret key (.pem file), which you will need to share with your Codecov representative. This is required for Codecov to properly authenticate and validate the author of the GitHub application.

Credentials Summary

Following the instructions above, you will now have all the credentials needed to allow Codecov to integrate with GitHub. The next step is to securely send your GitHub App credentials to your Codecov representative. Each required credential was called out above with instructions on how to obtain them. Please reach out with any questions.

Install App Integration to your organizations

Depending on your GitHub settings, you may have to install the Codecov GitHub App on any organizations that you wish to use it with. This can be done from the app settings screen. If you install the app prior to providing the app credentials to your Codecov representative, you may need to reinstall to ensure Codecov knows about your installation.

After setting up the app you can verify the installation on the organization's "Installed GitHub Apps" page.


  • If you don't receive comments on Pull Requests for Repositories with the App Integration installed, visit the repo settings page for that particular repository on your Codecov Enterprise install:


For GitHub Enterprise:

Once there, check the "GitHub Webhook" section and press the "Create Web Hook" button if a webhook is not already set. Please send this value to your Codecov representative.