diff --git a/src/main/java/com/faforever/api/config/security/WebSecurityConfig.java b/src/main/java/com/faforever/api/config/security/WebSecurityConfig.java
index b8f2cd3c6..715f15331 100644
--- a/src/main/java/com/faforever/api/config/security/WebSecurityConfig.java
+++ b/src/main/java/com/faforever/api/config/security/WebSecurityConfig.java
@@ -24,7 +24,7 @@
 public class WebSecurityConfig {
 
   @Bean
-  public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
+  public SecurityFilterChain securityFilterChain(HttpSecurity http) {
     final var bearerTokenResolver = new DefaultBearerTokenResolver();
     bearerTokenResolver.setAllowUriQueryParameter(true);
 
@@ -61,7 +61,8 @@ public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Excepti
         "/users/performPasswordReset",
         "/users/buildSteamPasswordResetUrl",
         "/users/requestPasswordResetViaSteam",
-        "/users/linkToSteam/**"
+        "/users/linkToSteam/**",
+        "/gitHub/webhook"
       ).permitAll();
       authorizeConfig.anyRequest().authenticated();
     });