Prerequisites
- A Corridor account
- Admin access to the GitHub repositories you want to connect
Connect your GitHub account
Start GitHub connection
In the Corridor app, click Connect GitHub (this appears during sign-up or on app.corridor.dev/teams under Team Details). This will redirect you to GitHub to authorize the Corridor GitHub App.
Select repositories
During the GitHub authorization flow, you’ll have the option to either grant access to All repositories or select specific ones.
- If you plan to use Corridor on many repos, selecting All repositories is convenient (you can still add only specific projects later in Corridor).
- If you prefer to limit access, choose Only select repositories and pick the repos you want Corridor to have access to.
If you go with selected repos, you’ll need to revisit this if you want to add more projects in Corridor later (to grant Corridor access to the new repo).
Permissions requested
Corridor’s GitHub App requests the following permissions needed to scan code changes and provide feedback directly on PRs:| Permission | Access | Purpose |
|---|---|---|
| Code | Read | Analyze code for security issues |
| Pull requests | Read/Write | Post PR review comments |
| Checks | Read/Write | Update status checks |
| Commit statuses | Read | Track review status |
If using GitHub Enterprise Server, ensure your admin has installed the Corridor app on your GHES instance with appropriate scopes.
What happens after connecting
After connecting, Corridor now has the ability to read the code and post PR comments for the repositories you allowed. However, you still need to add each repository as a Project inside Corridor to kick off scans (see Adding Projects). The GitHub connection just sets up credentials—it doesn’t automatically start scanning every repo until you specify.Next steps
Adding Projects
Create projects from your connected repositories
PR Reviews
Learn about automated security reviews