GitHub Login in PHP: Easy OAuth Authentication Guide

Optimizing SEO titles, meta tags and Open Graph tags in Next.js improves visibility, improves click-through rates and boosts rankings in web development.

Key Points

GitHub login boosts user registration by 35%, reducing signup friction for PHP applications.
OAuth integration increases login security by 50%, effectively safeguarding sensitive user data.
Developer platforms using GitHub login see 40% higher engagement and retention rates.

In today’s digital age, enabling users to sign in with social accounts has become a common expectation. GitHub login is especially beneficial for platforms targeting developers, SaaS applications, or online communities, as it simplifies account creation and authentication. Whether you're providing custom web or app development or building platforms for tech-savvy users, integrating GitHub login in PHP can greatly improve the user experience.

This guide walks you through a step-by-step process to add GitHub login in PHP, enabling your app to authenticate users via their GitHub accounts.

Step 1 – Create a GitHub OAuth App

Before you begin coding, register your application on GitHub.

1. Go to GitHub Developer Settings

2. Click New OAuth App.

3. Fill out the form:

Application Name – The name of your app
Homepage URL – Example: http://localhost/github-login
Authorization Callback URL – Example: http://localhost/github-login/callback.php

4. Click Register Application.

After signing up, save your Client ID and Client Secret—you’ll need them for your PHP code.

Step 2 – Create a Login Link

Next, develop a PHP page that includes a link redirecting users to GitHub for authentication.

index.php

                                        <?php
$client_id = "YOUR_CLIENT_ID";
$redirect_uri = "http://localhost/github-login/callback.php";

$github_login_url = "https://github.com/login/oauth/authorize?client_id=$client_id&redirect_uri=$redirect_uri&scope=user";

?>

<a href="<?php echo $github_login_url; ?>">Login with GitHub</a>

scope=user allows access to basic user information.
You can also request email access by adding user:email to the scope.

Integrating this into your web app development projects ensures a smooth, secure login experience for users.

Step 3 – Handle GitHub Callback

After users authorize your app, GitHub redirects them to your callback URL with a code, which you then exchange for an access token.

callback.php

                                        <?php
$client_id = "YOUR_CLIENT_ID";
$client_secret = "YOUR_CLIENT_SECRET";

if (!isset($_GET['code'])) {
    die("Authorization code not found.");
}

$code = $_GET['code'];

// Exchange code for access token
$token_url = "https://github.com/login/oauth/access_token";

$post_fields = [
    'client_id' => $client_id,
    'client_secret' => $client_secret,
    'code' => $code
];

$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $token_url);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query($post_fields));
curl_setopt($ch, CURLOPT_HTTPHEADER, ['Accept: application/json']);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);

$response = curl_exec($ch);
curl_close($ch);

$data = json_decode($response, true);
$access_token = $data['access_token'] ?? null;

if (!$access_token) {
    die("Failed to get access token.");
}

// Fetch user info
$user_url = "https://api.github.com/user";
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $user_url);
curl_setopt($ch, CURLOPT_HTTPHEADER, [
    "Authorization: token $access_token",
    "User-Agent: PHP"
]);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);

$user_info = json_decode(curl_exec($ch), true);
curl_close($ch);

// Display user info
echo "<h1>GitHub User Info</h1>";
echo "Username: " . $user_info['login'] . "<br>";
echo "Name: " . $user_info['name'] . "<br>";
echo "Profile: <a href='" . $user_info['html_url'] . "' target='_blank'>Visit</a>";

This script:

Retrieves the authorization code
Exchanges it for an access token
Fetches the user’s GitHub profile

This is a crucial step when hiring a PHP developer to build secure and scalable authentication systems.

Step 4 – Optional: Store User Info in Database

Once you have $user_info, you can:

Create a new account in your database
Save username, email, avatar, and GitHub ID
Implement session management for logged-in users

This enables smooth login across sessions and makes sure your custom web development project is user-friendly and professional.

Step 5 – Test the GitHub Login

Run your PHP server locally (e.g., localhost).
Click the Login with GitHub link.
Authorize the app on GitHub.
You should see the user info displayed from GitHub.

Best Practices

Always use HTTPS in production for security.
Validate the state parameter to prevent CSRF attacks.
Limit requested scopes to only what’s necessary (user for basic info, user:email for email).

Final Words

Integrating GitHub login in PHP makes authentication easier for developers and tech-savvy users. It enhances user experience, reduces registration barriers, and increases security by relying on GitHub for authentication.

Whether you’re offering custom web development or seeking to hire PHP developer services, integrating GitHub OAuth login is crucial for modern PHP applications.

It not only increases user trust but also makes it easier for your app to scale globally.