Back to documentation
Integrations

Connecting Your GitHub Account

Authorize GitHub via OAuth so every project's code lives in a repository you own.

Idea to Life pushes every project's code to a GitHub repository in your own account. You are not renting access to code that lives somewhere else — the repository is created under your GitHub username (or an organization you choose), and you own it permanently. This guide covers connecting your account and exactly what permissions are involved.

Why GitHub is required

The GitHub repository is the source of truth for your product. Render deploys from it, change requests are committed to it, and if you ever stop using Idea to Life, the full history of your product stays with you. There is no export step needed for code because the code was never ours to begin with.

Connecting

  1. Go to Settings, then Integrations, and click "Connect GitHub".
  2. You are redirected to github.com to sign in (if needed) and review the authorization screen. This is standard OAuth — you never type your GitHub password into Idea to Life.
  3. Approve the authorization. You are redirected back and the connection shows as active.

If you belong to GitHub organizations, the authorization screen lets you grant or request access per organization. For personal projects you can skip organization access entirely.

What permissions are requested and why

  • Repository creation and write access: to create your project repository and push code and change-request commits.
  • Read access to your email and profile: to identify your account and attribute commits.

Idea to Life creates repositories and writes to repositories it created. It does not need — and should not be used with the expectation of — access to unrelated personal repositories beyond what the OAuth scope technically grants; if you prefer tighter isolation, create a dedicated GitHub account or organization for your projects.

Ownership and revoking access

You can revoke Idea to Life's access at any time in GitHub under Settings, then Applications, then Authorized OAuth Apps. Revoking access:

  • Does not delete your repositories or code. Everything remains in your account.
  • Does not take down your live product. Render deploys from GitHub directly.
  • Does stop the platform from pushing new builds or change requests until you reconnect.
Revoking access is always safe for your data. The worst case is that automated updates pause until you reauthorize.

Troubleshooting

  • "Connection expired" errors usually mean the token was revoked or your organization enforced a policy change; reconnect from Settings.
  • Repository creation failures in an organization typically mean the organization has not approved the OAuth app — an organization owner must approve it under the organization's third-party access settings.