If the external identity provider is Github, a subset of Github provider attributes can be used as the mapping attribute placeholder value.

The placeholder value must use the following syntax:

${providerAttributes.<Github attribute name>}

When you create a new Github identity provider entity, the POST request automatically maps the PingOne username attribute to the Github id attribute. The username attribute is the core mapping attribute; the default Github attribute value is id. It is also recommended that you map the PingOne email attribute to the Github email attribute.

The request body for the email-to-email mapping looks like this, with the value attribute showing the Twitter email attribute expressed using the placeholder syntax:

{
    "name": "email",
    "update": "EMPTY_ONLY",
    "value": "${providerAttributes.email}"
}

The POST /environments/{environmentId}/identityProviders operation adds a new identity provider resource to the specified environment.

When the type property value is set to GITHUB, Github’s clientId and clientSecret property values are required in the request body.

Github identity provider settings data model

Property Description
clientId A string that specifies the application ID from Github. This is a required property.
clientSecret A string that specifies the application secret from Github. This is a required property.

Github core attributes

Property Description
id A string that specifies the core Github attribute. The default value is ${providerAttributes.id} and the default update value is EMPTY_ONLY.

Github provider attributes

Permission Provider attributes
read:user Options are: email, login, id, node_id, avatar_url, url, html_url, type, site_admin, name, company, blog, location
user:email email