[Architecture] GitHub - Restricting third-party application access
Steve Lee
steve at opendirective.com
Sat Sep 9 06:12:18 UTC 2017
Thanks Giovanni - that's a generally useful tip too!
Steve Lee
OpenDirective http://opendirective.com
On 8 September 2017 at 15:14, Tirloni, Giovanni <gtirloni at ocadu.ca> wrote:
> Hello,
>
> Whenever I try to use some application that is integrated with GitHub, it asks for authorization to use my account.
>
> However, not only it's granted access to my account, it's also granted access to all organizations I belong to.
>
> This is a bit scary because, if I'm testing some unknown app, I don't want it with full admin or write access to GPII or the fluid-project organizations.
>
> The way to ensure our most important organizations aren't automatically authorized is to enable "Third-party application access" restrictions on them. Once this is enabled, users have to be explicit and request access to that organization separately.
>
> * To enable this, go to the organization > Settings > Third-party access > Enable restrictions
>
> I'd like to suggest we enable this. It'll make things safer for our main project and let users experiment with 3rd-party apps without worrying too much.
>
> Regards,
> Giovanni
> _______________________________________________
> Architecture mailing list
> Architecture at lists.inclusivedesign.ca
> https://lists.inclusivedesign.ca/mailman/listinfo/architecture
More information about the fluid-work
mailing list