Integrate Prisma Cloud with GitHub

Prisma Cloud supports OAuth 2.0 as an authentication mechanism. GitHub users can log into Prisma Cloud Console using GitHub as an OAuth 2.0 provider.
Prisma Cloud supports the authorization code flow only.

Configure Github as an OAuth provider

Create an OAuth App in your GitHub organization so that users in the organization can log into Prisma Cloud using GitHub as an OAuth 2.0 provider.
  1. Log into GitHub as the organization owner.
  2. Go to
    Settings > Developer Settings > OAuth Apps
    , and click
    New OAuth App
    Register an application
    if this is your first app).
  3. In
    Application name
    , enter
    Prisma Cloud
  4. In
    Homepage URL
    , enter the URL for Prisma Cloud Console in the format https://<CONSOLE>:<PORT>.
  5. In
    Authorization callback URL
    , enter https://<CONSOLE>:<PORT>/api/v1/authenticate/callback/oauth.
  6. Click
    Register application
  7. Copy the
    Client ID
    Client Secret
    , and set them aside setting up the integration with Prisma Cloud.

Integrate Prisma Cloud with GitHub

Set up the integration so that GitHub users from your organization can log into Prisma Cloud.
  1. Log into Prisma Cloud Console.
  2. Go to
    Manage > Authentication > Identity Providers > OAuth 2.0
  3. Set
    Integrate Oauth 2.0 users and groups with Prisma Cloud
  4. Set
    Identity provider
  5. Set
    Client ID
    Client secret
    to the values you copied from GitHub.
  6. Set
    Auth URL
  7. Set
    Token URL
  8. Click

Prisma Cloud to GitHub user identity mappings

Create a Prisma Cloud user for each GitHub user that should have access to Prisma Cloud.
After the user is authenticated, Prisma Cloud uses the access token to query GitHub for the user’s information (user name, email). The user information returned from GitHub is compared against the information in the Prisma Cloud Console database to determine if the user is authorized. If so, a JWT token is returned.
  1. Go to
    Manage > Authentication > Users
  2. Click