Configure GitHub Webhooks

After the GitHub posting user has been created and the repositories are populating in the HackerOne Code dashboard successfully, the GitHub webhooks can be configured.

Configure Webhooks

GitHub allows webhooks to be configured on the GitHub organization or repository level.

Applying on the Organization level

From your GitHub organization page, select the Settings tab, then select Hooks from the sidebar. From here, click Add Webhook to create the webhook.

Webhook Settings

Payload URL

The base URL of your Proxy with the following:

/webhooks/github

Content Type

application/json

OPTIONAL - Add a webhook secret. The secret will be used to sign your webhook requests as they are posted to the proxy:

  • You will need the same webhook secret for all of your organizations/repositories if you add one.

  • This secret must match the WEBHOOK_SECRET field when you configured the proxy.

SSL verification

Events

  • Issue comments

  • Pull requests

  • Pull request reviews

  • Pull request review comments

  • Pushes

  • Repositories

Test Connection

Click the Add webhook button; the webhook should appear in the Webhooks section of the previous page. If you click Edit on the recently created webhook, there should be a successful delivery under Recent Deliveries.

Applying on the Repository level

To apply on the repository level, perform the same steps as the organization from the repository page.

Last updated