GitHub OAuth Authentication
Open SWE uses GitHub OAuth for client-side authentication, providing secure access to user accounts and repository permissions.Authentication Flow
- Unauthenticated users are automatically redirected to GitHub OAuth login
- Authenticated users are redirected directly to the chat interface
- Settings management is available at
/settings
for updating GitHub authentication
GitHub OAuth provides the foundation for all user interactions, enabling Open
SWE to access repositories and perform actions on behalf of authenticated
users.
LangGraph Server Authentication
All requests to the LangGraph server are authenticated through a sophisticated proxy system that ensures secure communication between the web interface and the agent backend.Proxy Route Architecture
The Next.js application includes a proxy route (apps/web/src/app/api/[..._path]/route.ts
) that acts as an intermediary for all LangGraph server requests. This proxy uses the langgraph-nextjs-api-passthrough
package to handle request forwarding with enhanced security.
The proxy route ensures that sensitive authentication tokens never reach the
client directly, maintaining security while enabling seamless communication
with the LangGraph server.
Simple API Key (Bearer) Authentication
For local development and scripted access, the LangGraph server also supports a simple bearer token scheme. When a request includes anAuthorization: Bearer <token>
header, this path is used and the rest of the auth flow is skipped.
Setup (development)
- Generate a token (32+ bytes, URL-safe):
- OpenSSL:
openssl rand -hex 32
- OpenSSL:
- Add to your
.env
for the LangGraph server:
- For multiple/rotation: use comma-separated tokens
Usage
Notes
- Precedence: If the
Authorization
header is present, bearer auth is used; otherwise the existing GitHub-based flow applies. - Rotation: Add a new token to
API_BEARER_TOKENS
, deploy/restart, migrate clients, then remove old tokens and redeploy. - Scope: All bearer tokens currently map to the same internal identity and permissions. If you need per-token identities/quotas, reach out to adjust the configuration.
Header Injection System
The proxy route automatically injects the following encrypted headers into each request:Authentication Headers
x-github-access-token
- User’s GitHub access token for user-specific actions (creating issues, comments)x-github-installation-token
- GitHub App installation token for app-level actions (commits, pull requests)x-github-installation-name
- Installation name (username or organization name)
All headers are prefixed with
x-
to ensure they’re included in LangGraph run
configurations, making them accessible during execution while maintaining
security through encryption.Token Encryption
Open SWE implements AES-256-GCM encryption for all secrets passed to the LangGraph server to prevent exposure in:- LangSmith trace metadata
- Run configurations
- Potential unauthorized access scenarios
SECRETS_ENCRYPTION_KEY
environment variable and includes:
- Initialization Vector (IV) for unique encryption per token
- Authentication Tag for data integrity verification
- Base64 encoding for safe transport
The same encryption key must be configured in both the web application and
LangGraph agent for proper token decryption.
Authentication Middleware
The LangGraph server implements comprehensive authentication middleware (apps/open-swe/src/security/auth.ts
) that validates all incoming requests.
Webhook Authentication
The middleware first checks for GitHub webhook requests by detecting theX-Hub-Signature-256
header:
- Signature verification using the configured webhook secret
- Automatic authorization for valid webhook signatures
- Separate user verification in subsequent run creation requests
Webhook authentication is handled separately from user authentication to
enable automated GitHub issue processing while maintaining security.
Standard Request Authentication
For non-webhook requests, the middleware validates:Required Headers
- Installation name (
x-github-installation-name
) - Installation token (
x-github-installation-token
)
User Verification Process
The middleware supports two authentication paths: Web Application Requests:- Uses encrypted GitHub access token (
x-github-access-token
) - Verifies user identity through GitHub API
- Extracts user ID and login from token
- Uses explicit user headers (
x-github-user-id
,x-github-user-login
) - Validates user ID and login against installation token
- Ensures webhook-created runs are properly attributed
Identity and Permissions
Upon successful authentication, the middleware returns an identity object containing:- User ID for resource ownership verification
- Display name (GitHub login)
- Installation name for repository context
- Comprehensive permissions for LangGraph operations
The user ID serves as the primary identifier for resource access control,
ensuring users can only access their own threads, runs, and assistants.
Resource Access Control
Open SWE implements fine-grained access control for all LangGraph resources:Metadata-Based Ownership
- Create operations automatically add user ID to resource metadata
- Read/Update/Delete operations verify user ID matches resource owner
- Search operations filter results by user ownership
Token Access During Execution
During LangGraph run execution, encrypted tokens are accessible through the run’s configurable field:- Token extraction from run configuration
- Decryption using the shared encryption key
- Action execution (creating issues, making commits, etc.)
This design ensures tokens remain encrypted in storage and traces while being
available for necessary GitHub operations during run execution.
Always ensure the
SECRETS_ENCRYPTION_KEY
environment variable is identical
between your web application and LangGraph agent deployments.