Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
feat:
octokit.apps.scopeToken()
(#316)
- Loading branch information
1 parent
c0142b9
commit 954b096
Showing
19 changed files
with
846 additions
and
100 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,218 @@ | ||
--- | ||
name: Create a scoped access token | ||
example: octokit.apps.scopeToken({ client_id }) | ||
route: POST /applications/{client_id}/token/scoped | ||
scope: apps | ||
type: API method | ||
--- | ||
|
||
# Create a scoped access token | ||
|
||
Exchanges a non-repository scoped user-to-server OAuth access token for a repository scoped user-to-server OAuth access token. You can specify which repositories the token can access and which permissions are granted to the token. You must use [Basic Authentication](https://docs.github.com/rest/overview/other-authentication-methods#basic-authentication) when accessing this endpoint, using the OAuth application's `client_id` and `client_secret` as the username and password. Invalid tokens will return `404 NOT FOUND`. | ||
|
||
```js | ||
octokit.apps.scopeToken({ | ||
client_id, | ||
}); | ||
``` | ||
|
||
## Parameters | ||
|
||
<table> | ||
<thead> | ||
<tr> | ||
<th>name</th> | ||
<th>required</th> | ||
<th>description</th> | ||
</tr> | ||
</thead> | ||
<tbody> | ||
<tr><td>client_id</td><td>yes</td><td> | ||
|
||
The client ID of your GitHub app. | ||
|
||
</td></tr> | ||
<tr><td>access_token</td><td>no</td><td> | ||
|
||
**Required.** The OAuth access token used to authenticate to the GitHub API. | ||
|
||
</td></tr> | ||
<tr><td>target</td><td>no</td><td> | ||
|
||
The name of the user or organization to scope the user-to-server access token to. **Required** unless `target_id` is specified. | ||
|
||
</td></tr> | ||
<tr><td>target_id</td><td>no</td><td> | ||
|
||
The ID of the user or organization to scope the user-to-server access token to. **Required** unless `target` is specified. | ||
|
||
</td></tr> | ||
<tr><td>repositories</td><td>no</td><td> | ||
|
||
The list of repository IDs to scope the user-to-server access token to. `repositories` may not be specified if `repository_ids` is specified. | ||
|
||
</td></tr> | ||
<tr><td>repository_ids</td><td>no</td><td> | ||
|
||
The list of repository names to scope the user-to-server access token to. `repository_ids` may not be specified if `repositories` is specified. | ||
|
||
</td></tr> | ||
<tr><td>permissions</td><td>no</td><td> | ||
|
||
The permissions granted to the user-to-server access token. | ||
|
||
</td></tr> | ||
<tr><td>permissions.actions</td><td>no</td><td> | ||
|
||
The level of permission to grant the access token for GitHub Actions workflows, workflow runs, and artifacts. Can be one of: `read` or `write`. | ||
|
||
</td></tr> | ||
<tr><td>permissions.administration</td><td>no</td><td> | ||
|
||
The level of permission to grant the access token for repository creation, deletion, settings, teams, and collaborators creation. Can be one of: `read` or `write`. | ||
|
||
</td></tr> | ||
<tr><td>permissions.checks</td><td>no</td><td> | ||
|
||
The level of permission to grant the access token for checks on code. Can be one of: `read` or `write`. | ||
|
||
</td></tr> | ||
<tr><td>permissions.content_references</td><td>no</td><td> | ||
|
||
The level of permission to grant the access token for notification of content references and creation content attachments. Can be one of: `read` or `write`. | ||
|
||
</td></tr> | ||
<tr><td>permissions.contents</td><td>no</td><td> | ||
|
||
The level of permission to grant the access token for repository contents, commits, branches, downloads, releases, and merges. Can be one of: `read` or `write`. | ||
|
||
</td></tr> | ||
<tr><td>permissions.deployments</td><td>no</td><td> | ||
|
||
The level of permission to grant the access token for deployments and deployment statuses. Can be one of: `read` or `write`. | ||
|
||
</td></tr> | ||
<tr><td>permissions.environments</td><td>no</td><td> | ||
|
||
The level of permission to grant the access token for managing repository environments. Can be one of: `read` or `write`. | ||
|
||
</td></tr> | ||
<tr><td>permissions.issues</td><td>no</td><td> | ||
|
||
The level of permission to grant the access token for issues and related comments, assignees, labels, and milestones. Can be one of: `read` or `write`. | ||
|
||
</td></tr> | ||
<tr><td>permissions.metadata</td><td>no</td><td> | ||
|
||
The level of permission to grant the access token to search repositories, list collaborators, and access repository metadata. Can be one of: `read` or `write`. | ||
|
||
</td></tr> | ||
<tr><td>permissions.packages</td><td>no</td><td> | ||
|
||
The level of permission to grant the access token for packages published to GitHub Packages. Can be one of: `read` or `write`. | ||
|
||
</td></tr> | ||
<tr><td>permissions.pages</td><td>no</td><td> | ||
|
||
The level of permission to grant the access token to retrieve Pages statuses, configuration, and builds, as well as create new builds. Can be one of: `read` or `write`. | ||
|
||
</td></tr> | ||
<tr><td>permissions.pull_requests</td><td>no</td><td> | ||
|
||
The level of permission to grant the access token for pull requests and related comments, assignees, labels, milestones, and merges. Can be one of: `read` or `write`. | ||
|
||
</td></tr> | ||
<tr><td>permissions.repository_hooks</td><td>no</td><td> | ||
|
||
The level of permission to grant the access token to manage the post-receive hooks for a repository. Can be one of: `read` or `write`. | ||
|
||
</td></tr> | ||
<tr><td>permissions.repository_projects</td><td>no</td><td> | ||
|
||
The level of permission to grant the access token to manage repository projects, columns, and cards. Can be one of: `read`, `write`, or `admin`. | ||
|
||
</td></tr> | ||
<tr><td>permissions.secret_scanning_alerts</td><td>no</td><td> | ||
|
||
The level of permission to grant the access token to view and manage secret scanning alerts. Can be one of: `read` or `write`. | ||
|
||
</td></tr> | ||
<tr><td>permissions.secrets</td><td>no</td><td> | ||
|
||
The level of permission to grant the access token to manage repository secrets. Can be one of: `read` or `write`. | ||
|
||
</td></tr> | ||
<tr><td>permissions.security_events</td><td>no</td><td> | ||
|
||
The level of permission to grant the access token to view and manage security events like code scanning alerts. Can be one of: `read` or `write`. | ||
|
||
</td></tr> | ||
<tr><td>permissions.single_file</td><td>no</td><td> | ||
|
||
The level of permission to grant the access token to manage just a single file. Can be one of: `read` or `write`. | ||
|
||
</td></tr> | ||
<tr><td>permissions.statuses</td><td>no</td><td> | ||
|
||
The level of permission to grant the access token for commit statuses. Can be one of: `read` or `write`. | ||
|
||
</td></tr> | ||
<tr><td>permissions.vulnerability_alerts</td><td>no</td><td> | ||
|
||
The level of permission to grant the access token to retrieve Dependabot alerts. Can be one of: `read`. | ||
|
||
</td></tr> | ||
<tr><td>permissions.workflows</td><td>no</td><td> | ||
|
||
The level of permission to grant the access token to update GitHub Actions workflow files. Can be one of: `write`. | ||
|
||
</td></tr> | ||
<tr><td>permissions.members</td><td>no</td><td> | ||
|
||
The level of permission to grant the access token for organization teams and members. Can be one of: `read` or `write`. | ||
|
||
</td></tr> | ||
<tr><td>permissions.organization_administration</td><td>no</td><td> | ||
|
||
The level of permission to grant the access token to manage access to an organization. Can be one of: `read` or `write`. | ||
|
||
</td></tr> | ||
<tr><td>permissions.organization_hooks</td><td>no</td><td> | ||
|
||
The level of permission to grant the access token to manage the post-receive hooks for an organization. Can be one of: `read` or `write`. | ||
|
||
</td></tr> | ||
<tr><td>permissions.organization_plan</td><td>no</td><td> | ||
|
||
The level of permission to grant the access token for viewing an organization's plan. Can be one of: `read`. | ||
|
||
</td></tr> | ||
<tr><td>permissions.organization_projects</td><td>no</td><td> | ||
|
||
The level of permission to grant the access token to manage organization projects, columns, and cards. Can be one of: `read`, `write`, or `admin`. | ||
|
||
</td></tr> | ||
<tr><td>permissions.organization_secrets</td><td>no</td><td> | ||
|
||
The level of permission to grant the access token to manage organization secrets. Can be one of: `read` or `write`. | ||
|
||
</td></tr> | ||
<tr><td>permissions.organization_self_hosted_runners</td><td>no</td><td> | ||
|
||
The level of permission to grant the access token to view and manage GitHub Actions self-hosted runners available to an organization. Can be one of: `read` or `write`. | ||
|
||
</td></tr> | ||
<tr><td>permissions.organization_user_blocking</td><td>no</td><td> | ||
|
||
The level of permission to grant the access token to view and manage users blocked by the organization. Can be one of: `read` or `write`. | ||
|
||
</td></tr> | ||
<tr><td>permissions.team_discussions</td><td>no</td><td> | ||
|
||
The level of permission to grant the access token to manage team discussions and related comments. Can be one of: `read` or `write`. | ||
|
||
</td></tr> | ||
</tbody> | ||
</table> | ||
|
||
See also: [GitHub Developer Guide documentation](https://docs.github.com/rest/reference/apps#create-a-scoped-access-token). |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.