Linked accounts connect your external identity provider accounts to your Oplane user. They enable sign-in, repository access, PR/MR reviews, and workflow integrations.
Supported providers
| Provider | What it enables |
|---|
| GitHub | Sign in to Oplane, list accessible repositories, and enable automated PR threat model reviews with review comments. |
| GitLab | Sign in to Oplane, browse GitLab projects, verify repository access, and enable automated MR threat model reviews. |
| Atlassian | Create Jira issues automatically from security requirements via workflow actions. |
| Miro | Import and sync architecture diagrams from Miro boards for threat modeling. |
| Google | Sign in to Oplane with your Google account. |
Managing your linked accounts
All five providers are managed from your profile page:
- Click your avatar in the top right and select Profile.
- Open the Linked Accounts tab.
- Each provider has its own row showing its brand logo, status, and a Link or Unlink button.
Already-linked providers display the account identifier (email, username, or user ID, depending on the provider) and an Unlink button. Unlinked providers show a Link button that opens an OAuth popup to complete the connection.
All five providers are always listed, even if your Oplane instance has not configured OAuth credentials for every one. If a provider is not configured on the server, clicking Link returns a graceful error from the linking endpoint — ask your administrator to configure that provider’s OAuth client.
What happens when you link
GitHub
Linking your GitHub account grants Oplane an OAuth token scoped to your accessible repositories. This lets Oplane:
- List repositories you have access to.
- Enable automated PR reviews on selected repositories.
- Post security requirements as review comments on your pull requests.
You also need to install the Oplane GitHub App on your organisation or repositories to receive PR webhooks. See Connect GitHub for the full setup.
GitLab
Linking your GitLab account gives Oplane a user OAuth token to verify project access and browse available repositories. Automated MR reviews use a separate bot token configured at the organisation level. See Connect GitLab for details.
Atlassian
Linking your Atlassian account connects Oplane to your Jira instance via OAuth. This enables workflow actions that automatically create Jira issues from security requirements, so remediation work can be tracked in your existing project management tools.
Miro
Linking your Miro account lets Oplane read boards you have access to, so architecture diagrams drawn in Miro can be imported and synced for threat modeling. See Miro App for board setup.
Google
Linking Google is sign-in only. It lets you authenticate to Oplane with your Google identity. No additional permissions or integrations are enabled beyond authentication.
What happens when you unlink
Unlinking a provider revokes Oplane’s access to that service:
- GitHub — Automated PR review subscriptions tied to your account are deactivated. Reviews stop until you re-link.
- GitLab — Repository access verification using your account is disabled. Bot-level automation may continue if a separate bot token is configured.
- Atlassian — Workflow actions that create Jira issues using your token will fail until you re-link.
- Miro — Board imports and syncs using your token stop working.
- Google — You can no longer sign in with Google. Make sure you have at least one other linked sign-in method first.
Each external account can only be linked to one Oplane user. If you need to transfer a link, unlink it from the current user first.
Your account page
Your personal profile is accessible from the user menu in the top right. Click your avatar and select Profile to reach the account page, where you can:
- Edit your display name and profile information.
- Manage your linked accounts (this page).
- Set up MCP agent connections (see MCP).
- Manage personal access tokens for API and CLI usage.
