Import repositories fast and safely with OAuth | Fluid Attacks Help

Import repositories fast and safely with OAuth

Enable OAuth

Role requirement infoRole required: User Manager
You can connect Fluid Attacks' platform to your account on the code repository hosting providers GitLab, GitHub, Bitbucket and Azure via OAuth (Open Authorization). Allowing this connection, you authorize Fluid Attacks to access the repositories there to clone them without you having to share your credentials with Fluid Attacks.

Note on enabling OAuth during signupNote: You can use OAuth during the sign-up process. To learn how, read Import repositories to test.
The following is a step-by-step example of using OAuth for Fluid Attacks to access your GitLab repositories.
  1. Go to your organization's Credentials section.

  2. Select the provider that you want to authorize to connect to the platform (in this example, GitLab).
    3. Connect the Fluid Attacks platform with providers
  3. Upon choosing the provider, you are directed to their authorization page, where you are asked to authorize the connection between Fluid Attacks' platform and your account.Authorize Fluid Attacks platform on GitLab
  4. Click on Authorize to establish the connection.

When you authorize the connection, you are redirected to your organization's Credentials section, where you can see the new credentials created with the type OAUTH.

View OAuth credentials on Fluid Attacks platform

Note on visible hosting providersNote: From the moment the connection is established, the hosting provider you selected is no longer shown in the Add credential options.
This method recognizes the repositories that have had activity in the last 60 days. To see a list of them, go to the Outside section from the collapsible sidebar.

Find the Outside section on Fluid Attacks platform

The repositories that are listed in Outside are those that are not associated with any group of that specific organization in the platform. Please allow approximately 30 minutes to 1 hour for the repositories to appear while the service connection is established.

Import repositories

Role requirement info
Role required: User Manager
Follow these steps to import a single repository leveraging OAuth:
  1. Go to your organization's Outside section.

  2. Click the plus symbol in the Action column.
    3. Import a single repository on the Fluid Attacks platform

  3. Specify the group within your organization where you want to add the repository.
    4. Import repository to a group on the Fluid Attacks platform

  4. Click Confirm to initiate the import process.

  5. Provide the required information in the pop-up window and click Confirm when you are done. (Refer to Add new git root manually for explanations of every field if needed.) 
    6. Provide details of Git repository on the Fluid Attacks platform

    To import multiple repositories, follow these steps:

    1. In Outside, select the desired repositories using the checkboxes.
      2. Import multiple repositories on the Fluid Attacks platform

    2. Click the Add new roots button.

    3. Choose the group for the selected repositories.

    4. Provide the required information in the pop-up window and click Confirm when you are done.
      5. Provide details of Git repositories on the Fluid Attacks platform

    Remove OAuth connection

    Role requirement infoRole required: User Manager
    You can remove the OAuth credentials in your organization's Credentials section. Just select the credentials to be removed and click on the Remove button. The credentials are then removed along with the linked repositories in the Outside section.

    Remove OAuth connection with the Fluid Attacks platform

    Free trial message
    Free trial
    Search for vulnerabilities in your apps for free with Fluid Attacks' automated security testing! Start your 21-day free trial and discover the benefits of the Continuous Hacking Essential plan. If you prefer the Advanced plan, which includes the expertise of Fluid Attacks' hacking team, fill out this contact form.