GitHub OAuth Application Authorization

Codecov uses the GitHub OAuth Application flow to authenticate users when they login to Codecov using GitHub.

Depending on the configuration of the various GitHub Organizations of which you are a member, GitHub Organization admins may need to approve the use of Codecov to provide full access to your GitHub Organizations within the Codecov application. The remainder of this document will describe how to ensure the Codecov application is approved to access your all of your GitHub Organizations properly.

GitHub Users: How to Request Access to Codecov

👍

You can Re-Request Access via the GitHub UI

If you did not give Codecov access to your GitHub Organization on signup, you can do so directly from your GitHub account's settings page.

Note that you will need to be logged into GitHub for the above link to work.

The easiest way to ensure the Codecov application can access all your Github Organizations is to review the list of accessible Organization Access list (see image) during your first login to the Codecov Application:

The approval screen in the GitHub OAuth login flow. Accessible organizations display a green check mark. Organizations that require admin approval display a gray X. Denied organizations display a red X.The approval screen in the GitHub OAuth login flow. Accessible organizations display a green check mark. Organizations that require admin approval display a gray X. Denied organizations display a red X.

The approval screen in the GitHub OAuth login flow. Accessible organizations display a green check mark. Organizations that require admin approval display a gray X. Denied organizations display a red X.

If a GitHub Organization you wish to integrate with Codecov has a "Request" button in the Organization Access list, be sure to click the "Request" button. This will ensure that an Admin of the organization on GitHub receives a notification to approve the Codecov application.

GitHub Admins: How to Approve Access to Codecov

If you are a GitHub Organization Admin, access approval for the Codecov application is straightforward.

First, you will receive an email notification from GitHub indicating the access request:

The email sent to GitHub Admins when a user has requested access to their GitHub Organization on behalf of Codecov.The email sent to GitHub Admins when a user has requested access to their GitHub Organization on behalf of Codecov.

The email sent to GitHub Admins when a user has requested access to their GitHub Organization on behalf of Codecov.

Clicking the approval link will lead to:

The Codecov application access approval page.The Codecov application access approval page.

The Codecov application access approval page.

On this page, the GitHub Admin can click "Grant access" to grant the Codecov application access to their GitHub Organization.

Once this step has been completed, users can log into Codecov and resync their repositories from the organization overview page (i.e., https://app.codecov.io/gh) and the newly approved organization should appear in the user's Organization List on Codecov.

Moving forward, GitHub Organization members logging into Codecov will see the organization listed with a green check mark in the OAuth flow, as follows:

The GitHub OAuth flow, showing the now approved organization in the Organization Access list.The GitHub OAuth flow, showing the now approved organization in the Organization Access list.

The GitHub OAuth flow, showing the now approved organization in the Organization Access list.

Troubleshooting

I Cannot See my Organization in the Codecov UI.

There are several reasons this could be the case, but the majority of access errors can be attributed to one of the following:

  • The Codecov Application was previously denied by your Organization Admin.
  • The Access Request for the Organization is still pending approval by your GitHub Admin.
  • The "Request" button was not clicked for the Organization during the login flow.

Each of these access errors, and how to correct them, are outlined below.

The Codecov Application was previously denied by your Organization Admin

If, upon logging into Codecov for the first time, you see a red X by your organization name in the Organization Access list:

The GitHub OAuth application flow showing the status of an organization that previously denied the Codecov application's access request.The GitHub OAuth application flow showing the status of an organization that previously denied the Codecov application's access request.

The GitHub OAuth application flow showing the status of an organization that previously denied the Codecov application's access request.

this indicates that the Codecov application was previously denied. In this case, you will need to contract your GitHub Organization administrator and ask them to review and approve the Codecov application manually. The can do so by visiting the following URL:

https://github.com/organizations/<your-organization-name>/settings/oauth_application_policy

and clicking the "Grant Access" button for the Codecov application.

The Access Request for the Organization is still pending approval by your GitHub Admin.

A requested organization will not be seen until the request is approved by your Organization Admin. Therefore, you may need to reach out to your admin and see if the request has been approved. If it has, and you are still not seeing the organization in Codecov's UI, it is recommended to click the "sync" link on Codecov's organization overview page, found at https://app.codecov.io/gh.

The "Request" button was not clicked for the Organization during the login flow.

If you missed clicking on the Request button for your organization during login, you must revoke the Codecov Application in the GitHub UI and login to Codecov again. During login, be sure to click the "Request" button on the GitHub Organization(s) you would like to have access to Codecov.

To revoke the Codecov Application:

  1. Visit: https://github.com/settings/applications
  2. Click on the "Authorized OAuth Apps" tab
  3. Click "Revoke" from the "..." menu located by the Codecov Application in the Applications List.
The Authorized OAuth Apps Applications List.The Authorized OAuth Apps Applications List.

The Authorized OAuth Apps Applications List.

Once you have revoked access to the Codecov Application, you can login to Codecov again. This triggers the GitHub OAuth Application flow and will display your organization's with the "Request" button in the Access List.


Did this page help you?