diff --git a/lib/github-auth.js b/lib/github-auth.js
index 3347502..dcb9829 100644
--- a/lib/github-auth.js
+++ b/lib/github-auth.js
@@ -144,7 +144,10 @@ if (serverSecrets && serverSecrets.gh_token) {
 }
 
 // Modify headers, return a URL (or an object to be used by request()).
-function githubRequest(request, url, cb) {
+function githubRequest(request, url, query, cb) {
+  query = query || {};
+  // A special User-Agent is required:
+  // http://developer.github.com/v3/#user-agent-required
   var headers = {
     'User-Agent': 'Shields.io',
     'Accept': 'application/vnd.github.v3+json',
@@ -157,10 +160,12 @@ function githubRequest(request, url, cb) {
   } else if (serverSecrets && serverSecrets.gh_client_id) {
     // Using our OAuth App secret grants us 5000 req/hour
     // instead of the standard 60 req/hour.
-    apiUrl += '?client_id=' + serverSecrets.gh_client_id
-      + '&client_secret=' + serverSecrets.gh_client_secret;
+    query.client_id = serverSecrets.gh_client_id;
+    query.client_secret = serverSecrets.gh_client_secret;
   }
 
+  var qs = querystring.stringify(query);
+  if (qs) { url += '?' + qs; }
   request(url, {headers: headers}, function(err, res, buffer) {
     if (token != null) {
       var remaining = +res.headers['x-ratelimit-remaining'];
@@ -171,4 +176,4 @@ function githubRequest(request, url, cb) {
 }
 
 exports.setRoutes = setRoutes;
-exports.githubRequest = githubRequest;
+exports.request = githubRequest;