What adding GitHub login involves
Adding GitHub login means registering an OAuth App on GitHub, redirecting users to authorize, exchanging the returned code for an access token, and calling the GitHub API for the user's profile. Unlike Google, GitHub is not OpenID Connect, so there is no ID token to verify.
GitHub uses plain OAuth 2.0. You register an OAuth App, send the user to GitHub to authorize, and GitHub returns a one-time code. Your server exchanges that code for an access token, then calls the GitHub API to read the user's profile and email.
Because GitHub is not OIDC, there is no signed ID token and no email_verified claim. You read identity from the API instead, which changes how you confirm an email and link accounts.
For how this sits alongside sessions and roles, see the SaaS authentication guide. With The Bridge, GitHub login is a toggle on the hosted login box: paste your OAuth App client ID and secret, and the token exchange, profile lookup, and clean user object are handled for you.
