Skip to main content

Endpoint

GET /github/callback
Handles the OAuth callback from GitHub, exchanges the authorization code for an access token, creates or updates the user record, and redirects to the application frontend with the token.

Authentication

No authentication required (this endpoint creates the authentication).

Query Parameters

code
string
required
Authorization code provided by GitHub OAuth flow.
state
string
required
CSRF protection state parameter. If prefixed with "mobile-", the user will be redirected to the mobile app URL.

Response

This endpoint returns an HTTP redirect (302 Found) to the frontend application with the access token as a query parameter.

Redirect Destinations

Web Client: 
{FRONTEND_URL}/dashboard?token={access_token}
Mobile Client: 
{MOBILE_URL}?token={access_token}

Error Responses

error
string
Error message describing what went wrong.

Error Cases

Status CodeDescription
400Missing code parameter in URL
500Failed to exchange code for token
500Failed to fetch user info from GitHub
500Invalid GitHub response (missing login)
500Database error during user creation/update

User Creation Flow

  1. Exchanges authorization code for GitHub access token
  2. Fetches user information from GitHub API (/user endpoint)
  3. Checks if user exists in database by GitHub username
  4. If new user:
    • Creates user record with email, GitHub username, and access token
    • If GitHub doesn’t provide email, uses {username}@users.noreply.github.com
  5. If existing user:
    • Updates the GitHub access token
  6. Redirects to frontend with access token

Database Schema

The callback creates or updates a User record with:
email
string
User’s email from GitHub, or generated fallback email.
github_username
string
User’s GitHub login username.
github_token
string
GitHub OAuth access token (used for authentication).

Example Flow

cURL
# This is called automatically by GitHub after user authorization
curl -X GET 'https://api.privycode.com/github/callback?code=abc123&state=550e8400-e29b-41d4-a716-446655440000'

Environment Variables

VariableDefaultDescription
FRONTEND_URLhttp://localhost:5173Web application URL for redirect
MOBILE_URLFalls back to FRONTEND_URLMobile application URL for redirect

Implementation Details

  • Uses GitHub OAuth configuration to exchange code for token
  • Fetches user profile from https://api.github.com/user
  • Stores access token for subsequent authenticated requests
  • Supports both web and mobile client flows via state parameter
  • Automatically generates fallback email if GitHub doesn’t provide one

Next Steps

After successful callback, use the provided access token to:
  • Access protected endpoints via the Authorization: Bearer {token} header
  • Retrieve user information from the /me endpoint

Build docs developers (and LLMs) love

Get started for freeTalk to us