How to Connect GitHub as a Custom MCP Server

Connect GitHub to Spojit as a custom MCP server using OAuth, then use it in a workflow to summarise open pull requests.

What This Integration Does

GitHub publishes a remote MCP server, so instead of wiring up REST calls by hand you can add it to Spojit as a custom server and get typed GitHub tools your workflows can call: listing pull requests, reading issues, searching code, and more. Authentication uses your own GitHub OAuth app, so the connection acts on behalf of the account that authorizes it, with exactly the scopes you grant.

Once connected, you use it like any connector. A Connector node in Agent Mode lets the AI pick the right GitHub tools for a prompt; Direct Mode calls one specific tool. This tutorial connects GitHub, then builds a small workflow that produces a daily pull-request review digest for a repository. Run it manually to test, or put it on a Schedule trigger to receive the digest every morning.

Prerequisites

  • A GitHub account with access to the repository you want to summarise.
  • Permission to create an OAuth app in GitHub (your personal or organization developer settings).
  • Permission to add connections in Spojit.

Step 1: Create a GitHub OAuth App

In GitHub, go to Settings, Developer settings, OAuth Apps and click New OAuth App. Set:

  • Application name: anything recognisable, for example Spojit.
  • Homepage URL: your Spojit URL.
  • Authorization callback URL: https://miraxa.spojit.com/api/connectors/oauth/callback

Create the app, then copy the Client ID and generate a Client Secret. Keep the secret handy for the next step; you will not be able to view it again in GitHub after you leave the page.

Step 2: Add the Custom Server in Spojit

In Spojit, go to Connections and click Add custom server. Enter:

  • Name: GitHub.
  • Server URL: https://api.githubcopilot.com/mcp/
  • Authentication: choose OAuth 2.0.

Then fill in the OAuth fields:

  • Authorization URL: https://github.com/login/oauth/authorize
  • Token URL: https://github.com/login/oauth/access_token
  • Client ID and Client Secret: from Step 1.
  • Scopes: read:user repo

Leave the Advanced options at their defaults (PKCE on, client authentication in the POST body).

Step 3: Authorize

Click Save. Spojit redirects you to GitHub to consent to the scopes you requested. Approve, and GitHub sends you back to Spojit. The connection now shows as Connected under My Connections. Tokens refresh automatically, and you can use Reconnect later if you change scopes.

Step 4: Add GitHub to a Workflow

Open or create a workflow. Add a Connector node and open Select Connector: your GitHub server appears under the Custom Servers section at the top. Select it. Spojit discovers the available GitHub tools live, so the tool list reflects what the server currently offers. Set the node to Agent Mode so the AI can choose the right tools for the task.

Step 5: Write the Prompt (the use case)

This is the automation: a standup-style digest of open pull requests. Paste this into the Prompt field, replacing owner/repo with your repository:

You have GitHub tools available. For the repository owner/repo:
1. List the open pull requests.
2. Write a concise standup digest grouped by author.
   For each PR include: title, author, how long it has been open,
   and whether it is a draft.
3. End with a "Needs review" list of any PR open more than 7 days,
   so the team can prioritise.
Keep it short and skimmable.

Optionally narrow Available Tools to just the pull-request and search tools so the agent stays focused. To deliver the digest, add a Send Email node (or a slack connector node) after the GitHub node and reference the previous step's output, for example {{ step1 }}.

Testing

Before running the full digest, confirm the connection works with a quick identity check. Add a Connector node on GitHub in Agent Mode with this prompt and run the workflow manually:

Use the GitHub tools to tell me who I am authenticated as:
my username, display name, and how many public repositories I have.

If it returns your GitHub identity, OAuth is working end to end. Then run the pull-request digest and inspect the output in the execution log. If a run fails, check that the repository name is correct and that the account you authorized can see it.

Tips

  • Grant the smallest scopes that do the job. read:user repo covers reading pull requests and issues; add write scopes only if a workflow needs to create or comment.
  • Changing scopes later does not update the existing token. Save the change, then click Reconnect to re-authorize with the new scopes.
  • Put the workflow on a Schedule trigger (for example every weekday at 9am) to receive the digest automatically.
  • Re-saving the connection refreshes the tool list, so tools GitHub adds later become available without recreating the connection.

Common Pitfalls

  • Callback URL mismatch: the authorization callback URL in the GitHub app must exactly match https://miraxa.spojit.com/api/connectors/oauth/callback, or GitHub rejects the redirect.
  • Missing scopes: if the agent cannot read a repository, the token may lack the repo scope, or the authorizing account may not have access. Fix the scope or the access, then Reconnect.
  • Wrong repository: use the full owner/repo form in the prompt; a bare repository name is ambiguous.
  • Expecting private data from a read-only test: the identity check uses public profile data; to read private repos, ensure the repo scope was granted.

Learn More

Did this answer your question? Thanks for the feedback There was a problem submitting your feedback. Please try again later.