Skip to content
Connect middleware which enforces GitHub organisation membership for applications
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Failed to load latest commit information.


Connect middleware which enforces GitHub organisation membership for applications.

Flat-out responds with HTTP 403 if the authenticated user is not in the specified organisation.

Works for me :)


  • node.js (written under v0.8.x, may work with older)
  • a Connect (or Express, et. al.) application
  • GitHub OAuth middleware in place before this (such as connect_auth_github)

OAuth Note

So yes this module does not do the actual wiring up of OAuth authentication. This is more of an authorization add-on for your existing authentication.

If you do not want to use connect_auth_github for some reason, this module is simply expecting that the req object (via Connect) is decorated with a github object containing at least login and token properties.

Dig into the /lib code for more details if you want to use another module for OAuth itself.


Isolated example:

var github_organization_auth = require("connect-github-organization-auth");


    organization: "my-organization"

Example with connect_auth_github with details provided on process.env:

var github_auth = require("connect_auth_github");
var github_organisation_auth = require("connect-github-organisation-auth");


    appId: process.env.GITHUB_APP_ID,
    appSecret: process.env.GITHUB_APP_SECRET,
    callback: process.env.GITHUB_CALLBACK

    organisation: "my-organization"





Feel free to open an issue on GitHub if you find a bug. Better yet, fork it and fix it.

Something went wrong with that request. Please try again.