Skip to content
API Reference
Admin /Catalog /MCP Servers
GitHub logo

GitHub

Developer Tools

GitHub's official MCP server for repository management, issues, pull requests, code search, and collaboration.

Provides full GitHub platform access including repository CRUD, file operations, issue and PR management, code review workflows, branch management, release tracking, secret scanning, and user/team lookups. Supports Copilot review requests and sub-issue hierarchies.

GitHub App settingsRegistering a GitHub AppGitHub MCP server

Install

Section titled “Install”
INSTALL

Add GitHub to your zone and connect it to your MCP client.

Step 1 - Start the install in Keycard Console

Section titled “Step 1 - Start the install in Keycard Console”

  1. In your zone’s Keycard Console, go to Applications -> Add Application -> Explore MCP Servers.

  2. Search for GitHub and click Install.

  3. The install dialog shows a Redirect URI. Copy it - you’ll paste it into GitHub in Step 2. Leave this Keycard tab open.

Step 2 - Create the OAuth app for GitHub

Section titled “Step 2 - Create the OAuth app for GitHub”

GitHub’s MCP server runs as a GitHub App that you create and install on your personal account or organization. OAuth Apps and Personal Access Tokens are not supported - the app’s per-installation permissions are what unlock the 41 tools the gateway exposes.

Create a GitHub App

Section titled “Create a GitHub App”

  1. Open GitHub App settings:

  2. Fill in:

    • GitHub App name: something memorable like Keycard - <zone-name>
    • Homepage URL: any URL you control (e.g. your zone’s Keycard Console URL)
    • Callback URL: the redirect URI shown in the Keycard install dialog (paste it verbatim)
    • Webhook: uncheck Active - the MCP server does not use webhooks

  3. Check Request user authorization (OAuth) during installation. This is what lets Keycard’s token exchange return a user-scoped token instead of a bare app token.

  4. Click Create GitHub App.

Configure permissions

Section titled “Configure permissions”

Under the new app’s Permissions section, grant at minimum:

  • Repository -> Contents: Read-only (code search, file reads, releases)
  • Repository -> Metadata: Read-only (mandatory; GitHub auto-selects)
  • Repository -> Issues: Read & write
  • Repository -> Pull requests: Read & write

Add more only if you plan to use the matching tools:

  • Repository -> Actions: Read-only (workflow status reads)
  • Repository -> Code scanning alerts, Secret scanning alerts, Dependabot alerts: Read-only
  • Repository -> Discussions: Read & write
  • Organization -> Members: Read-only (for get_team_members / get_teams)
  • Account -> Gists: Read & write
  • Account -> Copilot Editor: Read & write (Copilot review request tool)

The MCP server returns a permission challenge at call time if a tool needs a scope you have not granted, so it is safe to start narrow and expand.

Get the Client ID and Client Secret

Section titled “Get the Client ID and Client Secret”

  1. On the app’s General page, copy the Client ID (shown under “About”).

  2. Scroll to Client secrets and click Generate a new client secret.

  3. Copy the Client secret immediately.

Install the app on your account or organization

Section titled “Install the app on your account or organization”

Creating the app only registers it - it does not grant access to any repository yet.

  1. On the app’s General page, click Install App in the left sidebar.

  2. Pick your personal account or an organization, then choose which repositories the MCP server should be able to reach (all repos or a selected list).

  3. Click Install.

Step 3 - Finish the install in Keycard Console

Section titled “Step 3 - Finish the install in Keycard Console”

  1. Switch back to the Keycard install dialog you left open in Step 1.

  2. Paste the Client ID and Client Secret from Step 2.

  3. Click Install. GitHub appears on the Applications page with a Keycard MCP Gateway URL.

Step 4 - Connect your MCP client

Section titled “Step 4 - Connect your MCP client”

On the Applications page, click Add to Coding Agent next to GitHub and pick how you want to install:

  • Cursor - opens a deeplink that hands the MCP config straight to Cursor. Click Install inside Cursor to finish.
  • Claude Code - opens a dialog with a claude mcp add command. Pick a scope (User, Project, or Local), then copy and run the command in your terminal.
  • Install manually - reveals the Server Name and Server URL to paste into any other MCP-compatible client.

Once connected, GitHub’s tools are available to the agent, scoped to whoever signs in to your zone.

Tools

Section titled “Tools”
TOOLS

What GitHub can do once installed.

GitHub provides 41 tools:

add_comment_to_pending_review
Add review comment to the requester's latest pending pull request review
add_issue_comment
Add a comment to a specific issue in a GitHub repository
add_reply_to_pull_request_comment
Add a reply to an existing pull request comment
create_branch
Create a new branch in a GitHub repository
create_or_update_file
Create or update a single file in a GitHub repository
create_pull_request
Create a new pull request in a GitHub repository
create_repository
Create a new GitHub repository in your account or specified organization
delete_file
Delete a file from a GitHub repository
fork_repository
Fork a GitHub repository to your account or specified organization
get_commit
Get details for a commit from a GitHub repository
get_file_contents
Get the contents of a file or directory from a GitHub repository
get_label
Get a specific label from a repository
get_latest_release
Get the latest release in a GitHub repository
get_me
Get details of the authenticated GitHub user
get_release_by_tag
Get a specific release by its tag name
get_tag
Get details about a specific git tag
get_team_members
Get member usernames of a specific team in an organization
get_teams
Get details of the teams the user is a member of
issue_read
Get information about a specific issue
issue_write
Create a new or update an existing issue
list_branches
List branches in a GitHub repository
list_commits
Get list of commits of a branch
list_issue_types
List supported issue types for repository owner
list_issues
List issues in a GitHub repository
list_pull_requests
List pull requests in a GitHub repository
list_releases
List releases in a GitHub repository
list_tags
List git tags in a GitHub repository
merge_pull_request
Merge a pull request in a GitHub repository
pull_request_read
Get information on a specific pull request
pull_request_review_write
Create, submit, or delete a pull request review
push_files
Push multiple files in a single commit
request_copilot_review
Request a GitHub Copilot code review for a PR
run_secret_scanning
Scan files or content for secrets such as API keys, tokens, and credentials
search_code
Code search across all GitHub repositories
search_issues
Search for issues using GitHub search syntax
search_pull_requests
Search for pull requests using GitHub search syntax
search_repositories
Find GitHub repositories by name, description, topics, or other metadata
search_users
Find GitHub users by username or profile information
sub_issue_write
Add a sub-issue to a parent issue
update_pull_request
Update an existing pull request
update_pull_request_branch
Update PR branch with latest changes from base

Next steps

Section titled “Next steps”
NEXT STEPS

What to do once GitHub is installed.

Now do this

  • Confirm the gateway works by asking your AI client to call one of the GitHub tools above.

Recommended

  • Decide who can use it - write access policies scoped to the GitHub resource so only the right users and agents reach the tools.
  • Watch the calls - every tool call lands in your audit log with user identity, resource, and policy decision.

Optional

  • Add REST API access too - install the GitHub API server for backend code that calls GitHub on behalf of users.