GitHub Enterprise

Buildkite can connect to your GitHub Enterprise installation and use the Commit Status API to update the status of commits in Pull Requests.

Register Buildkite as a new application

Go to your GitHub Enterprise installation, and start by registering a new Developer application. This can be done by going to your GitHub User Settings, clicking Applications on the left, then selecting Developer applications at the top:

From this page, click Register new application

Fill out the form with the following:




Callback URL

Here's an image you can use:

Once filled out, click the Register application button at the bottom of the form:

Now that we've created an application, we have access to the Client ID and Client Secret. We'll need those to setup your GitHub Enterprise installation on Buildkite.

Update your Buildkite organization settings

Go to the Settings page of the organization you'd like to connect to your GitHub Enterprise installation to:

Scroll down to see your GitHub Enterprise settings. Copy the Client ID, Client Secret, and the URL of your GitHub Enterprise Installation to this form, then press Save GitHub Enterprise Settings.

Once saved, the last step is to authorize your GitHub Enterprise user account with Buildkite.

Connect your GitHub Enterprise account

So Buildkite can mark commits and pull requests as pass or fail, you'll need to authorize your GitHub Enterprise user account with Buildkite.

Go to your Connected Apps settings page. Here you'll see your GitHub Enterprise Installation as an option to connect to. Click Connect.

You should be redirected back to your GitHub Enterprise Installation, where it will ask you to authorize Buildkite with your account. Click the Authorize application button at the bottom.

That's it! Next time you create a pipeline with a repository that's either or, Buildkite will recognize that it's hosted on your GitHub Enterprise Installation, and use your newly created oAuth authorization to update the commit statuses.

Firewalled installs

If your GitHub Enterprise is behind a firewall you’ll need to whitelist Buildkite’s network so we can perform oAuth authentications and call to the API to update your pull request statuses.

Whitelist the IP address to allow Buildkite to perform API calls on your GitHub Enterprise instance.

For additional security you can create a proxy which allows only the API endpoints we require:

  • /api/v3/repos/.*/.*/statuses
  • /api/v3/user
  • /login/oauth

The following is an example NGINX server configuration that proxies the required URLs and can be used with the "Public API URL" GitHub Enterprise setting in Buildkite:

daemon off;

events {
  worker_connections 1024;

http {

  server {
    listen 443 ssl;

    location / {
      deny all;

    location ~ ^/api/v3/repos/.*/.*/statuses {
      proxy_pass https://ghe.internal:443;

    location /api/v3/user {
      proxy_pass https://ghe.internal:443;

    location /login/oauth {
      proxy_pass https://ghe.internal:443;