GitHub: Access permissions
To use Buddy with GitHub you just need to sign up with your GitHub account on our website, or add a GitHub integration if you’re hosting Buddy Enterprise on your own server.
Access to the repositories is performed via OAuth. Following scopes are required:
- Email address (authentication)
- Read and write all public and private repository data. This is used to check out the repository and write commit statutes.
Granting access to organization repositories
During the authorization you will be asked which organizations you want to give Buddy access to:
You can add more organizations later on by selecting Buddy from the list of Authorized OAuth Apps in your GitHub account. You will see the list of organizations to which you belong at the bottom. There are two options available:
- Grant access (if you are an admin of the group)
- Request access (your request will have to be approved by an admin of the group first)
Once the access has been granted, you will be able to select the organization’s repositories from the repo dropdown list.
The direct address of Buddy OAuth settings is https://github.com/settings/connections/applications/bce0cdef69aae14e14b0
Granting access to a single repository
If you cannot give Buddy access to all repositories in your account, you can select Your Private Git Server when adding a new project and manually set a deployment key in your GitHub repo.
If you don’t have admin rights to add the web hook in your repo, you can pass it to your organization’s admin.
You can read more about configuring private Git repositories in this guide
Granting access to another account
If you have two or more GitHub accounts, you can add them to the Integration List in your profile settings: https://app.buddy.works/integrations
Revoking access to GitHub
You can revoke the access in two ways:
Revoking access to a GitHub organization
If you’re the organization’s admin you can revoke access from Buddy’s OAuth profile
If you don’t have permissions required, you can ask your admin to go to
https://github.com/organizations/YOUR_ORGANIZATION/settings/oauth_application_policy and revoke the access there.