GitHub Connector
Connect your GitHub repositories so the agent can read source code, search for errors, create issues, trigger workflows, and correlate deployments with incidents.
- Two auth options: OAuth sign-in (recommended) or Personal Access Token (PAT)
- Agent gets read access to your repositories - code search, file contents, and commit history
- Can create GitHub Issues, comment on PRs, and trigger GitHub Actions workflows
- One OAuth connector per agent - covers all repos you have access to
Auth types
| Method | How it works | Best for |
|---|---|---|
| OAuth | Sign in with your GitHub account in a browser popup. The agent accesses repos through your permissions. Tokens refresh automatically - no re-authentication needed. | Interactive setup - recommended for most users |
| PAT | Provide a Personal Access Token with repo scope. Use only when OAuth isn't available — PATs are long-lived static credentials tied to a user account, must be rotated manually, and are a common credential-leak source; GitHub's own auth guidance prefers OAuth or fine-grained tokens. | CI/CD pipelines, headless environments |
GitHub OAuth tokens expire after ~8 hours, but the agent refreshes them automatically before expiration using a 5-minute buffer. Each refresh generates a new refresh token, creating a self-sustaining renewal chain that lasts ~6 months. Your connector stays connected through long investigations and overnight scheduled tasks - no manual sign-in required.
When you'll need to re-authenticate: if the refresh token expires (~6 months), if you revoke the GitHub App authorization, or if your connector was set up before version 26.2.247.0 (one re-auth stores the refresh token and enables auto-refresh going forward).
What the agent can do with GitHub
Source code analysis
- Search code across all connected repositories
- Read file contents by path and branch
- Correlate errors with source code - map Azure resource errors to specific files and line numbers
- Semantic code search - find code related to an incident using natural language queries
- Identify IaC files - detect Bicep, Terraform, and ARM templates in your repos
Issue and PR management
- Create issues with title, body, labels, and assignees
- Comment on issues and PRs - including auto-close keywords
- Update issues - change title, body, labels, or state
- Fetch Dependabot alerts - review security vulnerabilities
Workflow automation
- Trigger GitHub Actions workflows - dispatch canary or production deployments
- Track workflow runs - monitor status of dispatched workflows
- Check PR merge status - verify if a pull request has been merged
Get started
| Resource | What you'll learn |
|---|---|
| Connect Source Code | Step-by-step guide for connecting GitHub repositories with OAuth, PAT, or MCP |
Related capabilities
| Capability | What it adds |
|---|---|
| Root Cause Analysis | How source code context improves investigation accuracy |
| Workspace Tools | File operations and code execution in the agent's workspace |
| MCP Connectors | Connect the GitHub MCP server for additional tool capabilities |