I am trying to create a website that will allow users to authorize their GitHub account and it will then allow the user to click a create button. Which automatically creates a new repo with some files. Now I am confused about should I make a GitHub app or OAuth app for the same.
I have looked into the documentation but still confused..
I will host the website and this will allow any random user with an GitHub account.. What will be the best choice?
From Github documentation:
GitHub Apps are the officially recommended way to integrate with
GitHub because they offer much more granular permissions to access
data, but GitHub supports both OAuth Apps and GitHub Apps.
They are also providing a simple flow chart that can make your decision easier.
Bottom line - unless you need an access to everything, you should use GitHub App
Related
This has been a big mystery to me so I'm gonna ask here in a hope that someone can help me with it.
So, I'm trying to use the TikTok API to Auto Publish videos onto TikTok's account.
I cannot find any information about this on their API docs.
So I did a research and found out that other companies like 'Later' or 'HootSuit' have this Auto Publishing feature for TikTok.
So I signed up on Later to test how they do it. I found out that there are these Scopes/Permissions being used:
user.info.basic,
user.insights,
video.list,
video.insights,
comment.list,
comment.list.manage,
video.publish
and I found those from the URL when I allowed the Later TikTok App to be added to my TikTok account:
https://www.tiktok.com/auth/authorize?client_id=7051484449883553794&client_key=7051484449883553794&redirect_uri=https%3A%2F%2Fapp.later.com%2Fusers%2Fauth%2Ftiktok_business%2Fcallback%3Fstate%3De0af91a683a02ec0636ee1b42e6e9caf60ccc8295252260b&response_type=code&scope=user.info.basic%2Cuser.insights%2Cvideo.list%2Cvideo.insights%2Ccomment.list%2Ccomment.list.manage%2Cvideo.publish&state=e0af91a683a02ec0636ee1b42e6e9caf60ccc8295252260b
My TikTok app (this is the API app), asks for these permissions:
user.info.basic,
video.upload,
Now, I know that is the fist and most probably the main issue here BUT I don't have any option to add those Scopes to my App!
The only scopes that TikTok API mentions and talks about are these:
user.info.basic
video.list
video.upload
which you can see here:
https://developers.tiktok.com/doc/tiktok-api-scopes/
My app now only uploads the video on the users account and the users get a push notification on their app asking them to login to their account and edit/pulish the video!
So there is no auto publishing.
Just to clarify, the user's account is a business account as well as this is a requirement for the TikTok auto publishing to work.
The question is, where and how I can add those scopes/permissions to my App?
are there any other steps that I need to take?
Since you are using a Tiktok Business account, may you should rather use the Marketing APi (https://ads.tiktok.com/marketing_api/docs?id=1753986142651394)
This has video publish scopes too and is a lot different from the Tiktok API you get from Tiktok for developers.
Note:
Tiktok for developers API is geared towards general use, while the Marketing API is for Businesses, hence more features.
Caution
JFYI, If you have a business account, you cannot monetize the content. I am facing the same issue, but i cant move to business account(and Marketing API) for that reason.
I am trying to use the Github BOT to integrate with google chat for sensung notifications on PRs, push etc.
While this may work, it asks me authorization for hangoutschatbot-dev-on-github. Just want to be sure that this is authentic and I can grant access safely.
A quick search on google for it gave this result - https://github.com/hangoutschatbot-dev-on-github
I might be late to answer this but you should do it via google chat -> add people & bots option
search for github
Choose the bot
Follow the steps to add one or more repo there
Avoid any unverified open source code if possible.
I'd like to create a GitHub app to display the current issues in a repository, organized by labels. The repositories under the organization are private, but my account has admin access. I've installed the app under my name. The API list-issues-for-a-repository is returning:
{
"message": "Not Found",
"documentation_url": "https://developer.github.com/v3/issues/#list-issues-for-a-repository"
}
I've set the app permissions as follows:
Repository permissions
Issues - Read-only
Metadata - Read-only
No access for everything else
Organization permissions
No access for all
User permissions
No access for all
Subscribe to events
Unchecked for all
Getting all the repos using /orgs/«org»/repos returns an empty array, meaning the private repositories aren't showing up, so there's likely a permission issue going on here, too.
Questions:
Do I need to install the app under the organization? The organization is not showing any installed apps, even though we're running Codacy and GitHub Desktop.
The app is not under the organization's Third-party access policy. Do I need to add it? I don't see any way to request permissions, and I don't know if GitHub apps work this way.
Do I need to include more permissions for the app? I just need read-only for the issues and don't want to expose more than I need.
First of all, confirmed it has to be a "GitHub App" and not an "OAuth App", because the API to list the issues in a repository is, according to the documentation, available only to GitHub Apps. I took an initial wrong turn, documented in the edit history of a previous related issue, of selecting an OAuth App, and getting nowhere.
As far as my specific questions:
Do I need to install the app under the organization? The organization is not showing any installed apps, even though we're running Codacy and GitHub Desktop.
Yes, it needs to be installed or added under the organization. It was easier for me to delete the existing app under my account, and re-add (vs re-install) under the organization.
The app is not under the organization's third-party access policy. Do I need to add it? I don't see any way to request permissions, and I don't know if GitHub apps work this way.
Once the app is added under the organization, it is automatically given access. You can fine tune which repositories it can access or let it access them all. Installing, as opposed to adding, might need a few more steps, and the app needs to be published first. My app is intended for the organization only, so I opted for the simpler solution. Also, even if you give the app access to all repositories, the access rights of whoever logs in take precedence. For example, someone outside of the organization won't see any private repositories.
Do I need to include more permissions for the app? I just need read-only for the issues and don't want to expose more than I need.
No, just read-only for issues, meta-data is included automatically.
With these revisions I was able to access the repositories, and also get results for list-issues-for-a-repository.
I am developing a Github v3 api app, and I need to be able to test it's functionality while developing without mutating actual data. Is there a sandbox api available?
The right way is simply to create one's own (public) sandbox repo to play/test with.
Even the Spoon-Knife repo from octocat GitHub account isn't available for direct contribution, but is only there for testing forks.
I am trying to implement a sign in view like the one displayed below to allow users to sign into their Microsoft Live account and then allow the app to pull down their SkyDrive data.
I have been reading the API documentation at msdn and it seems that the documentation is centered on you using a standard web UI login form which I would like to avoid (pictured below).
So I am looking for documentation or an example of implementing a custom login form to login to windows live to get SkyDrive data. Any information would be extremely helpful as I am pretty stuck.
Note: There is also an issue open on github regarding the this same topic.
After doing some digging I discovered that microsoft will only allow you to log in using OAuth 2.0 through their interface (pictured above). What I originally wanted goes completely against the design of their SDK and isn't/wont be supported.
According to an issue posted on github, there may eventually be a way to allow authentication through the Skydrive iOS app. As of now however, there is only one way to authenticate, through their SDK or API.
This is also stated in the documentation:
Your app must initiate the sign-in process by contacting the Live Connect authorization web service.
Resources:
Documentation
Github Issue
LiveSDK-iOS