I know that Social Login with GitHub works for GitHub OAuth apps, but what if I have a real GitHub app that can be installed by people?
How can I use that with Auth0?
When I try to change my GitHub social login’s secret and key with the one from the GitHub app instead of the GitHub OAuth app, I get an error when I try to install my GitHub app on to my repository.
Same issue when I try it with my github app. I get " invalid_request : You may have pressed the back button, refreshed during login, opened too many login dialogs, or there is some issue with cookies, since we couldn’t find your session. Try logging in again from the application and if the problem persists please contact the administrator." right after the installation upon callback. When I just use it to authenticate a user without installing the app, it works fine.
I think I’ve worked around this. Use the client-id and secret as-is from the Github App in auth0 and don’t check the “request user authorization (OAuth) during installation” box in the Github App’s settings. That way, your callback URL will be called during the auth flow, but the post installation flow will remain separate.
Also remember to request the user:email permission in the github app for auth0 to be able to work correctly.
Thanks for sharing that with the rest of community!