Clarification Needed on OAuth Callback URL for Enterprise Private Subregistry

[Swathi-MuraliSrinivasan]

Pre-submission Checklist

• I have checked that this question would not be more appropriate as an issue in a specific repository
• I have searched existing discussions and documentation for answers

Question Category

• Protocol Specification
• SDK Usage
• Server Implementation
• General Implementation
• Documentation
• Other

Your Question

We’re setting up an enterprise-level private subregistry that will downstream from the official registry, and we plan to support user authentication exclusively via GitHub OAuth and OIDC. We have already created a GitHub OAuth App, but we’re unsure what the appropriate callback URL should be. Could someone clarify how to determine the correct callback URL to use in this context, and whether it needs to align with specific endpoints in our subregistry’s configuration? Any best practices or documentation references would also be appreciated.