Skip to main content

Getting started with Portal for Backstage

tip

Portal for Backstage brings together your tools, services, documentation, and APIs in one unified developer experience. This guide will help you set up Portal quickly and start unlocking productivity benefits for your engineering teams.

Checklist

Before you start, make sure you have the following:
  • Your Admin password for Portal
  • Your Portal License Key
  • Access to GitHub
  • Admin access to your GitHub organization
  • Permission to configure GitHub App with required permissions

Setup Wizard

The first time Portal is started, a Setup Wizard guides you through setting up authentication and determining at least one authorized user.

GitHub Integration Options

GitHub Integration Options

You have the choice to enable GitHub integration through two methods:

We recommend using a GitHub App as this provides more granular control over permissions and scope while reducing the risk of orphaned or compromised credentials.

Repository permissions:
Repository Permissions Required for GitHub App
PermissionAccess LevelWhy Required
AdministrationRead / WriteEnables Portal to manage repository settings, webhooks, and collaborators
ActionsRead / WriteAllows Portal to view and trigger GitHub Actions workflows
Code scanning alertsReadProvides access to security vulnerabilities detected in code
Commit statusesReadEnables Portal to display build and test statuses on commits
ContentsRead / WriteAllows Portal to read repository files and create/update scaffolded code
Dependabot alertsReadProvides access to dependency vulnerability alerts
IssuesRead / WriteEnables Portal to create, view, and manage repository issues
MetadataReadRequired for basic repository information access
Pull requestsRead / WriteAllows Portal to create and manage pull requests for code changes
Repository security advisoriesReadProvides access to security advisory information
Secret scanning alertsReadAllows Portal to access detected leaked secrets in repositories
Organization permissions:
Organization Permissions Required for GitHub App
PermissionAccess LevelWhy Required
MembersReadAllows Portal to access organization member information for user management and authentication

Alternative: Using Personal Access Tokens

Personal access tokens are alternative to using passwords for authentication to GitHub.

You can create a personal access token in Settings > Developer settings on GitHub. Make sure the following scopes are selected:

PAT Scopes Required for GitHub Integration
ScopeWhy Required
read:userAllows Portal to read user profile data for authentication and user management
read:orgEnables Portal to access organization information and team memberships
user:emailProvides access to user email addresses for notifications and identification
repoGrants full control over repositories including read/write access to code, commits, branches, and more

How to find your Client ID and Secret

If you have previously registered an OAuth app, you can find your Client ID by visiting your app in the developer settings. If you can't find your Client Secret you can generate a new one and copy it over.

If you haven't previously registered an OAuth app in GitHub, you will need to create it under your GitHub organization under developer settings. Once your app is registered, a Client ID and Secret will be generated. Copy and store your secret somewhere safely as you won't be able to see it again later.

note

When creating your OAuth app, use the Homepage URL and Authorization callback URL displayed in the in-app documentation to the right.

Add organizations and administrators

note

When using a personal access token, a user matching the auth providers username is automatically identified and added as an administrator.

Setup Guide

info

After completing the Setup Wizard, you'll gain access to the Setup Guide. This comprehensive resource provides:

  • A detailed checklist of essential plugins to optimize your Portal experience
  • Step-by-step instructions for configuring key features
  • Links to additional documentation and guides
  • Support resources and troubleshooting tips
  • Frequently asked questions to help you get started quickly

The Setup Guide is designed to help you make the most of your Portal for Backstage implementation and ensure you're following best practices from the beginning.

Personalization

info

When signed in to Portal as an authorized user, you can access the Config Manager at /config-manager. This powerful tool allows you to customize your Portal experience through a user-friendly interface.

The Config Manager provides a comprehensive UI for viewing and updating Portal configuration. It retrieves and updates the configuration stored in Portal using an encrypted PostgreSQL database.

Configuration schemas are automatically detected when the Config Manager loads and then grouped by related plugins into one general configuration page for all similar settings.

Config Manager layout

For example, the Auth configuration page may consist of multiple auth-related plugins, such as:

  • @backstage/plugin-auth-backend
  • @backstage/plugin-auth-backend-module-google-provider
  • @backstage/plugin-auth-backend-module-gcp-iap-provider

View and edit configuration

info

To view or edit configuration for a given plugin:

  1. Click the "View" button next to the plugin group name on the overview page
  2. Use the automatically generated web form based on the combined schemas
  3. Make your desired changes using the appropriate input fields
  4. Click "Save Changes" to apply your configuration updates

The form automatically renders an appropriate input type based on the type of the field in the schema.

note

A few specific configuration fields will not be possible to edit. They are marked as read-only by Portal to prevent severe mis-configurations from happening.

Update Company Name

info

After deploying Portal, one of the first configuration changes you should consider is updating the organization name. This will change the "My Company Catalog" heading on the catalog index page and the page title in your browser tab.

To make this update:

  1. Navigate to the "App" plugin under "Core plugins" in the Config Manager
  2. Click on the "View" button
  3. Locate the "organization" section
  4. Enter your company's name in the "name" input field
  5. Click "Save Changes"

Your Portal instance will now display your company name on the catalog index page. 🎉

Add More Authorized Users in Config Manager

info

Config Manager is integrated with the permission framework and is only accessible by authorized users.

To add a user or group to the list of authorized users:

  1. Navigate to the "Portal" configuration page on the Config Manager overview page
  2. Click the "Add Item" button within the "Authorized Users" section
  3. Fill in the entity reference of the user or group that should be added
  4. Click "Save Changes" to confirm the addition
Add authorized user

Starting and stopping plugins

info

Most plugins can be enabled or disabled within Portal using a button in the top right.

To stop a plugin:

  1. Navigate to the plugin's configuration page
  2. Click the "Stop Plugin" button in the top right
  3. Confirm your choice when prompted

Stopping a plugin will remove the functionality related to the plugin from Portal. That includes both frontend and backend features.

A plugin that is stopped will appear as "Not running" on the overview page.

To start the plugin again:

  1. Find the plugin on the overview page
  2. Click "Start Plugin"
  3. Wait for the plugin to initialize
Stopping a plugin

Finding configuration

info

Locating configuration is made easy in Portal using the search box in the Config Manager overview page.

To quickly find specific configuration:

  1. Enter the name or dot notation path (e.g. organization.name) in the search box
  2. Review the matching results
  3. Click on a result to be taken directly to the configuration within the plugin

Onboarding your team

info

Portal and the Portal Software Catalog provide powerful team management capabilities:

  • Makes it easy for one team to manage 10 services
  • Scales to support thousands of services across your company
  • Provides clear ownership and responsibility tracking
  • Enables team-based access control and permissions
  • Streamlines onboarding of new team members

The Software Catalog serves as the central system for managing all your software, infrastructure, and resources, making team onboarding and management straightforward and efficient.

Learn more about onboarding teams in the Software Catalog Overview.