Configure GitHub Webhooks

After the GitHub posting user has been created and the repositories are populating in the HackerOne Code dashboard successfully, the GitHub webhooks can be configured.

Configure Webhooks

GitHub allows webhooks to be configured on the GitHub organization or repository level.

HackerOne strongly recommends configuring webhooks on the Organization level so that new Projects your team creates will be immediately provisioned to use the service without interruption.

Applying on the Organization level

From your GitHub organization page, select the Settings tab, then select Hooks from the sidebar. From here, click Add Webhook to create the webhook.

Webhook Settings

Payload URL

The base URL of your Proxy with the following:

/webhooks/github

Content Type

application/json

OPTIONAL - Add a webhook secret. The secret will be used to sign your webhook requests as they are posted to the proxy:

You will need the same webhook secret for all of your organizations/repositories if you add one.
This secret must match the WEBHOOK_SECRET field when you configured the proxy.

SSL verification

Enable SSL Verification

Events

Issue comments
Pull requests
Pull request reviews
Pull request review comments
Pushes
Repositories

Test Connection

Click the Add webhook button; the webhook should appear in the Webhooks section of the previous page. If you click Edit on the recently created webhook, there should be a successful delivery under Recent Deliveries.

If there was an error, double-check the proxy base is valid and /webhooks/github is added as a path.

Applying on the Repository level

To apply on the repository level, perform the same steps as the organization from the repository page.

PreviousConfigure Webhooks NextConfigure Bitbucket Webhooks

Last updated 2 months ago