Pipefort talks to GitHub through two surfaces. You only interact with one of them — the GitHub App that grants repo read access. The login OAuth is invisible: click “Sign in with GitHub”, approve once, done.Documentation Index
Fetch the complete documentation index at: https://docs.pipefort.com/llms.txt
Use this file to discover all available pages before exploring further.
1. Sign in
Open your Pipefort dashboard and click Sign in with GitHub. Identity is established via GitHub OAuth. Pipefort receives only your username and avatar — no repo access yet.2. Install the GitHub App
After signing in, the dashboard prompts you to Connect. This opens GitHub’s app-install flow for the Pipefort GitHub App. You choose:- Account or organization. Install on your personal account, or on any org you have admin rights to.
- All repositories or a specific selection. Pipefort scans only the repos the App is installed on.
| Permission | Scope | Why |
|---|---|---|
| Contents | Read-only | Fetch .github/workflows/*.yml files via the GitHub API. |
| Metadata | Read-only | Mandatory for any GitHub App. |
Pipefort does not request write access of any kind. It cannot push commits, open PRs, or modify your repositories from the dashboard. The CLI’s
--fix command writes locally to your working copy only./connect/callback, which links the installation to your signed-in account. You’ll see the connected installation appear on the dashboard.
3. Connect more accounts (optional)
Click Connect again to install the App on another account or org. Pipefort aggregates posture across every installation linked to your user.Verify it works
Scan runs
Click Scan all on the dashboard. You should see live progress, the severity donut populate, and the trend chart fill in.
Revoking access
To remove Pipefort from a repo or organization, uninstall the GitHub App from GitHub itself:- Personal account: https://github.com/settings/installations
- Organization:
https://github.com/organizations/<org>/settings/installations