Github OAuth organizations

laszlocph · March 6, 2018, 8:47am

The Github OAuth dialog asks for private repo access across all of the Github organizations a user has. And there is no opt-in / out possibility on the dialog for certain orgs.

I’m always getting a security concerned comment when a new user authorizes Drone, and I sort of agree. Other platforms allow more fined grained access control.

Maybe I’m doing something wrong…

Do you guys know if it can be configured somehow to ask permission for only one org?
I checked the Github docs, but no avail…

bradrydzewski · March 6, 2018, 3:38pm

Do you guys know if it can be configured somehow to ask permission for only one org?

This is not possible with GitHub oauth applications. If you want to limit which organizations are available to Drone you need to setup the Third-party application access policy for your organizations in GitHub.

Check out Enabling OAuth app access restrictions for your organization - GitHub Docs for more details.

laszlocph · March 7, 2018, 8:48am

Thanks for confirming!

Topic		Replies	Views
Per-repo client ID and secret Drone Support	5	564	July 2, 2019
Github private organisation repositories Drone Support	10	3801	November 9, 2020
Github organization private repo & Github scope question Drone Support	3	767	September 25, 2018
Grant new org auth for drone app Drone Support	2	262	June 3, 2021
Github authorization loop Drone Support	4	353	October 5, 2019

Github OAuth organizations

Related topics