StepSecurity GitHub Apps

StepSecurity operates through one or more GitHub Apps installed on your organizations. The StepSecurity GitHub Apps page lets you track GitHub API usage for each installed app across every organization in your tenant, and install additional apps to raise your available API capacity and unlock the full set of platform features.

StepSecurity uses the GitHub API to read workflow runs, repository configuration, and other metadata that powers detections, dashboards, and policy enforcement. GitHub enforces a per-installation hourly rate limit on API requests, so distributing work across multiple StepSecurity GitHub Apps increases the total API capacity available to your organization.

Viewing API usage

Navigate to the Admin Console, click Integrations, then select StepSecurity GitHub Apps.

The table lists every StepSecurity GitHub App installed across the organizations in your tenant, with API usage measured over the selected time range.

Use the Range selector (top right) to change the reporting window, for example Last 24 hours.

Each row shows usage for one app installation:

Column

Description

Organization

The GitHub organization the app is installed on.

App

The StepSecurity GitHub App (for example, StepSecurity Actions Security or StepSecurity App).

Installation ID

The GitHub installation ID for this app on this organization.

Limit

The GitHub API request limit for this installation within the rate-limit window.

Latest used

The number of requests used in the most recent sampled window.

Latest %

Latest used as a percentage of the limit.

Peak %

The highest usage percentage observed in the selected range. The adjacent multiplier (for example, ×4) indicates how many times the peak was reached, and the sparkline shows the trend.

Avg %

The average usage percentage across the selected range.

Rows for organizations where an app is not yet installed show an Install button in place of usage metrics.

If an installation consistently approaches its limit (high Peak % or Avg %), install an additional StepSecurity GitHub App on that organization to raise total available capacity. See Increasing API capacity below.

Installing apps on a new organization

To bring a new organization under StepSecurity, click Add to new organization (top right) and complete the GitHub installation flow. The organization then appears in the table.

Increasing API capacity and enabling features

Each StepSecurity GitHub App installation has its own GitHub API rate limit. Installing additional apps on an organization distributes API requests across more installations, raising the total capacity available to StepSecurity and enabling platform functionality that depends on additional API access.

StepSecurity GitHub Apps you can install include:

StepSecurity Actions Security (install →) — the primary app powering GitHub Actions security, dashboards, and detections.
StepSecurity App (install →) — the advanced app that enables additional platform features.
StepSecurity Harden Runner (install →) — an additional app that correlates Harden-Runner telemetry with workflow runs and adds API capacity.

The exact apps available to your tenant depend on your plan and enabled features. Install any app shown with an Install button on the StepSecurity GitHub Apps page, or use the links above.

To install an app on an organization that does not yet have it, click Install on that row and complete the GitHub installation flow. Once installed, the row begins reporting usage on the next sampling window.

PreviousTerraform Provider NextSample Detection Events

Last updated 4 days ago

Was this helpful?