OAuth flow with Integrations: Access Denied even though I clicked "Approve"



I’m in the process of migrating my OAuth app to an Integration.

When I replace the previous client id/secret with those available on the Integration settings (https://github.com/organizations/XXX/settings/integrations/XXX), I’m redirected as expected to a “XXX would like to verify your identity on GitHub” page with a “Approve” button.

When I click on “Approve”, then I’m redirect to the callback_url (User authorization callback URL) with an OAuth error “Access Denied” :disappointed:

Anyone experiencing the same issue?

Below the complete URLs:

  1. GET: https://github.com/login/oauth/authorize?state=qXQVh2Xldx5wEEfvbOlh1IZanNAjfo62&client_id=Iv1.3e22c8b26fXXXXXX&redirect_uri=http%3A%2F%2FYYYY

  2. POST: https://github.com/login/oauth/authorize

  3. GET: http://YYYY?error=access_denied&error_description=The+user+has+denied+your+application+access.&error_uri=https%3A%2F%2Fdeveloper.github.com%2Fv3%2Foauth%2F%23access-denied&state=qXQVh2Xldx5wEEfvbOlh1IZanNAjfo62

@github-staff my integration ID is 2179.


Hi – thanks for reporting this @bdelbasso, I’m also experiencing this issue.


i’m experiencing this too.


Same here!


I’m also experiencing this through Firebase Authentication which uses the same endpoints as the normal OAuth app authentication.


Ditto 2225 (which is using Elixir-OAuth2).


Any news on this @keavy @sbarnekow @jmilas?


We are hitting this blocking issue as well.


Sorry about that folks, we just shipped a fix for a bug in this flow. So you can try again now.


Thanks for the fix,

I’m getting further now: after user authorizes the request via the github UI, we are getting redirected back to our callback url with a code and (valid) state.

However, when I try and POST to https://github.com/login/oauth/access_token to exchange the code for an access token, I am getting a 404. The only difference between the standard (working) OAuth flow here is the change to use the clientId/Secret from the Integration, along with setting the “Accept: application/vnd.github.machine-man-preview+json” header.

Is anyone else able to successfully use an Integration’s OAuth flow?



Is anyone else able to successfully use an Integration’s OAuth flow?

Nope. Same problem here (404 when fetching the access_token, the only difference being the credentials).


The approval of the oauth request works now but indeed you get a 404 when you want to retreive the access tokens


@keavy any news on a fix for the 404 error we are hitting?


waiting on the 404 fix as well


Aaaand that 404 is resolved now, thanks for your patience!


Thanks @keavy! How can a user revoke the access token granted via to the Integration via OAuth? For some reason my dev integration doesn’t show under my account’s “Authorized Applications”.


It’s working now. Thanks @keavy


Woohoo! Thanks a lot @keavy!