Configure GitHub Webhooks
After the GitHub posting user has been created and the repositories are populating in the HackerOne Code dashboard successfully, the GitHub webhooks can be configured.
Last updated
After the GitHub posting user has been created and the repositories are populating in the HackerOne Code dashboard successfully, the GitHub webhooks can be configured.
Last updated
GitHub allows webhooks to be configured on the GitHub organization or repository level.
HackerOne strongly recommends configuring webhooks on the Organization level so that new Projects your team creates will be immediately provisioned to use the service without interruption.
From your GitHub organization page, select the Settings tab, then select Hooks from the sidebar. From here, click Add Webhook to create the webhook.
The base URL of your Proxy with the following:
application/json
OPTIONAL - Add a webhook secret. The secret will be used to sign your webhook requests as they are posted to the proxy:
You will need the same webhook secret for all of your organizations/repositories if you add one.
This secret must match the WEBHOOK_SECRET field when you configured the proxy.
Issue comments
Pull requests
Pull request reviews
Pull request review comments
Pushes
Repositories
Click the Add webhook button; the webhook should appear in the Webhooks section of the previous page. If you click Edit on the recently created webhook, there should be a successful delivery under Recent Deliveries.
If there was an error, double-check the proxy base is valid and /webhooks/github is added as a path.
To apply on the repository level, perform the same steps as the organization from the repository page.
