From cc3c38b8a827660be1c0af19da871f4b51bd54fe Mon Sep 17 00:00:00 2001
From: Tryanks <tryanks@outlook.com>
Date: Tue, 11 Feb 2025 13:05:19 +0800
Subject: [PATCH] Update SSO environment for Github OAuth

---
 docs/features/sso.md                      | 11 +++++++++
 docs/getting-started/env-configuration.md | 30 +++++++++++++++++++++++
 2 files changed, 41 insertions(+)

diff --git a/docs/features/sso.md b/docs/features/sso.md
index 1125d9a..fef5aee 100644
--- a/docs/features/sso.md
+++ b/docs/features/sso.md
@@ -10,6 +10,7 @@ Open WebUI supports several forms of federated authentication:
 1. OAuth2
     1. Google
     1. Microsoft
+    1. Github
     1. OIDC
 1. Trusted Header
 
@@ -44,6 +45,16 @@ The following environment variables are required:
 1. `MICROSOFT_CLIENT_SECRET` - Microsoft OAuth client secret
 1. `MICROSOFT_CLIENT_TENANT_ID` - Microsoft tenant ID - use `9188040d-6c67-4c5b-b112-36a304b66dad` for personal accounts
 
+### Github
+
+To configure a Github OAuth Client, please refer to [Github's documentation](https://docs.github.com/en/apps/oauth-apps/building-oauth-apps/authorizing-oauth-apps) on how to create a OAuth App or Github App for a **web application**.
+The allowed redirect URI should include `<open-webui>/oauth/github/callback`.
+
+The following environment variables are required:
+
+1. `GITHUB_CLIENT_ID` - Github OAuth App Client ID
+1. `GITHUB_CLIENT_SECRET` - Github OAuth App Client Secret
+
 ### OIDC
 
 Any authentication provider that supports OIDC can be configured.
diff --git a/docs/getting-started/env-configuration.md b/docs/getting-started/env-configuration.md
index 98b215b..e929463 100644
--- a/docs/getting-started/env-configuration.md
+++ b/docs/getting-started/env-configuration.md
@@ -1815,6 +1815,36 @@ See https://learn.microsoft.com/en-us/entra/identity-platform/quickstart-registe
 - Description: Sets the redirect URI for Microsoft OAuth
 - Persistence: This environment variable is a `PersistentConfig` variable.
 
+### Github
+
+See https://docs.github.com/en/apps/oauth-apps/building-oauth-apps/authorizing-oauth-apps
+
+#### `GITHUB_CLIENT_ID`
+
+- Type: `str`
+- Description: Sets the client ID for Github OAuth
+- Persistence: This environment variable is a `PersistentConfig` variable.
+
+#### `GITHUB_CLIENT_SECRET`
+
+- Type: `str`
+- Description: Sets the client secret for Github OAuth
+- Persistence: This environment variable is a `PersistentConfig` variable.
+
+#### `GITHUB_OAUTH_SCOPE`
+
+- Type: `str`
+- Default: `user:email`
+- Description: Sets the scope for Github OAuth authentication.
+- Persistence: This environment variable is a `PersistentConfig` variable.
+
+#### `GITHUB_CLIENT_REDIRECT_URI`
+
+- Type: `str`
+- Default: `<backend>/oauth/github/callback`
+- Description: Sets the redirect URI for Github OAuth
+- Persistence: This environment variable is a `PersistentConfig` variable.
+
 ### OpenID (OIDC)
 
 #### `OAUTH_CLIENT_ID`