Menu
We have an web application, which lets the user write code and store it in an internal git repository on our server. Now we wanted to allow the user to share his code with his github repository. So we looked through the api documentation of github and found a way via ouath2. However to make this work, we need to request write access from the user, but github oauth access scopes only include write access to all repository of an user, which is way too much for us.
Is it possible to restrict an api access for only one specific repository of an user?
407
As per jasonrudolph comment, it is not currently possible to restrict API access to a specific repository.
Deploy keys are the closest thing that provides this type of functionality. (This won't help you from an API perspective, but a deploy key might meet your underlying need.) If your application were to generate an public/private SSH keypair, and the user were to add the public key as a deploy key in the repository, then you could use the private key to access just that one repository (without having access to the user's other repositories).
108
answered Nov 15 '22 05:11
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
