JekyllEx uses GitHub OAuth to authenticate you. GitHub is the chosen method for logging in because it can apart from getting the basic user profile, it can request for repository edit scopes simultaneously.

The scopes are essential because the core use of JekyllEx is to maintain your Jekyll blog repository, but without having access to management scopes, it can't be done!

Once you log in with your GitHub account, the app uses the JekyllEx Proxy API to securely fetch the access token that GitHub gives the app.

The extra step of fetching the data from the API is done because frontend apps are not secure enough to store access tokens in code. They can easily be decompiled/inspected to get the access token and be hacked.

Since JekyllEx uses Auth0 for authentication, it has to call Auth0 Management API to get user profile, and taking into consideration the above scenario, the proxy API was made to make things secure.

Read more at the JekyllEx API Documentation page:

After logging in, JekyllEx takes you to the home page where you can see all your repositories.