Skip to main content

Overview

OpenSource Together uses OAuth authentication to provide secure, seamless access to the platform. You can sign in using your existing GitHub or GitLab account without creating a separate password.
Authentication is built with Better Auth, providing enterprise-grade security and OAuth 2.0 compliance.

Supported Providers

You can authenticate with:

GitHub

Sign in with your GitHub account to access repositories and claim projects.

GitLab

Sign in with your GitLab account to import and manage GitLab repositories.

How to Sign In

1

Navigate to Login Page

Go to /auth/login or click “Sign In” from any page requiring authentication.
2

Choose Your Provider

You’ll see two authentication options:
  • “Sign in with Github” button
  • “Sign in with Gitlab” button
3

Authorize OpenSource Together

Click your preferred provider button. You’ll be redirected to GitHub or GitLab to authorize the application.
4

Grant Permissions

Review and approve the requested permissions:
  • Read access to your profile information
  • Access to your public repositories
  • Email address (for account creation)
5

Complete Authentication

After approving, you’ll be redirected back to OpenSource Together and automatically signed in.

First-Time Users

If you’re signing in for the first time:
  1. Choose GitHub or GitLab as your authentication provider
  2. Grant the necessary permissions
  3. You’ll be redirected to the onboarding flow
  4. Complete your profile setup
  5. Start discovering and claiming projects
The same login page handles both new user registration and returning user authentication. The platform automatically detects if you’re a new or existing user.

Connecting Multiple Accounts

You can link both GitHub and GitLab accounts to your profile:
1

Access Dashboard Settings

Navigate to /dashboard/settings after signing in.
2

Link Additional Provider

If you signed in with GitHub, you can link GitLab (and vice versa).
3

Authorize Connection

Click the provider button and authorize the connection.
4

Confirm Linked Accounts

Both providers now appear as connected in your settings.

Why Multiple Accounts?

Connecting both GitHub and GitLab enables you to:
  • Claim projects from both platforms
  • Import repositories from either provider
  • Access all your repositories in one place
  • Switch between providers for project creation

OAuth Permissions

OpenSource Together requests minimal permissions:

GitHub Permissions

  • Read user profile information
  • Access public repositories
  • Read email addresses
  • Verify repository ownership

GitLab Permissions

  • Read user profile
  • Access public projects
  • Read email addresses
  • Verify project ownership
OpenSource Together never requests write access to your repositories. All operations are read-only except for claiming verification.

Authentication Flow

Here’s what happens during sign-in:
  1. Initiate OAuth - Click “Sign in with Github” or “Sign in with Gitlab”
  2. Redirect to Provider - Navigate to GitHub/GitLab authorization page
  3. User Consent - Approve requested permissions
  4. OAuth Callback - Provider redirects back with authorization code
  5. Token Exchange - Platform exchanges code for access token
  6. Session Creation - User session is created and stored securely
  7. User Redirect - Return to the application with authenticated state

Session Management

Your authentication session:
  • Persists across browser sessions
  • Uses secure, HTTP-only cookies
  • Expires after a period of inactivity
  • Can be manually terminated by signing out

Security Features

OAuth 2.0

Industry-standard authentication protocol ensuring secure token exchange.

Better Auth

Enterprise-grade authentication library with built-in security best practices.

Secure Cookies

HTTP-only, secure cookies prevent XSS and CSRF attacks.

Token Encryption

Access tokens are encrypted and stored securely server-side.

Authentication States

The platform manages different authentication states:
  • Unauthenticated - Not signed in, limited access to features
  • Authenticated - Signed in, full access to bookmarking and claiming
  • Loading - Authentication check in progress

Redirects After Login

After successful authentication:
  • If you were trying to access a protected page, you’ll be redirected there
  • New users are redirected to the onboarding flow
  • Returning users go to the homepage or dashboard

Troubleshooting

Authentication Failed

If sign-in fails:
  1. Check you approved all requested permissions
  2. Ensure your GitHub/GitLab account is active
  3. Try clearing browser cookies and signing in again
  4. Use a different browser if issues persist
If you can’t connect a second provider:
  1. Ensure you’re signed in to your primary account
  2. Navigate to dashboard settings, not the login page
  3. Authorize the new provider when prompted

Session Expired

If your session expires:
  1. You’ll be automatically redirected to the login page
  2. Sign in again with your preferred provider
  3. You’ll be returned to your previous location
Never share your session cookies or authentication tokens. OpenSource Together staff will never ask for your password or tokens.

Privacy and Data

OpenSource Together:
  • Only accesses public repository data
  • Does not store your GitHub/GitLab password
  • Uses OAuth tokens solely for platform features
  • Never shares your data with third parties

Signing Out

To sign out:
  1. Click your profile menu
  2. Select “Sign Out”
  3. Your session is terminated
  4. You’re redirected to the login page

Next Steps

Claiming Projects

Claim ownership of your repositories after signing in

Bookmarking Projects

Save projects to your profile with authentication

Build docs developers (and LLMs) love

Get started for freeTalk to us