Frecuentemente publicamos actualizaciones de nuestra documentación. Es posible que la traducción de esta página esté en curso. Para conocer la información más actual, visita la documentación en inglés. Si existe un problema con las traducciones en esta página, por favor infórmanos.

About OAuth App access restrictions

Organizations can choose which App OAuths have access to their repositories and other resources by enabling App OAuth access restrictions.

En este artículo

When App OAuth access restrictions are enabled, organization members cannot authorize App OAuth access to organization resources. Organization members can request owner approval for App OAuths they'd like to use, and organization owners receive a notification of pending requests.

Cuando creas una organización nueva, las restricciones de acceso de App OAuth se habilitan predeterminadamente. Los propietarios de las organizaciones pueden inhabilitar las restricciones de acceso de App OAuth en cualquier momento.

Tip: When an organization has not set up App OAuth access restrictions, any App OAuth authorized by an organization member can also access the organization's private resources.

Setting up App OAuth access restrictions

When an organization owner sets up App OAuth access restrictions for the first time:

  • Applications that are owned by the organization are automatically given access to the organization's resources.
  • App OAuths immediately lose access to the organization's resources.
  • SSH keys created before February 2014 immediately lose access to the organization's resources (this includes user and deploy keys).
  • SSH keys created by App OAuths during or after February 2014 immediately lose access to the organization's resources.
  • Hook deliveries from private organization repositories will no longer be sent to unapproved App OAuths.
  • API access to private organization resources is not available for unapproved App OAuths. In addition, there are no privileged create, update, or delete actions on public organization resources.
  • Hooks created by users and hooks created before May 2014 will not be affected.
  • Private forks of organization-owned repositories are subject to the organization's access restrictions.

Resolving SSH access failures

When an SSH key created before February 2014 loses access to an organization with App OAuth access restrictions enabled, subsequent SSH access attempts will fail. Users will encounter an error message directing them to a URL where they can approve the key or upload a trusted key in its place.

Webhooks

When an App OAuth is granted access to the organization after restrictions are enabled, any pre-existing webhooks created by that App OAuth will resume dispatching.

When an organization removes access from a previously-approved App OAuth, any pre-existing webhooks created by that application will no longer be dispatched (these hooks will be disabled, but not deleted).

Re-enabling access restrictions

If an organization disables App OAuth access application restrictions, and later re-enables them, previously approved App OAuth are automatically granted access to the organization's resources.

Further reading

¿Te ayudó este documento?

Privacy policy

Help us make these docs great!

All GitHub docs are open source. See something that's wrong or unclear? Submit a pull request.

Make a contribution

O, learn how to contribute.