Knowledge

Managing access permissions in GitHub

To use Buddy with GitHub you just need to sign up with your GitHub account on our website, or add a GitHub integration if you're hosting Buddy Enterprise on your own server.

Access to the repositories is performed via OAuth. Following scopes are required:

  1. Email address (authentication)
  2. Read and write all public and private repository data. This is used to check out the repository and write commit statutes.

GitHub doesn't allow to fine-grain the permissions beyond 'Read and write'. However, we can assure you no data is ever pushed to our repositories. You can learn more about our Privacy Policy here.

Granting access to organization repositories

During the authorization you will be asked which organizations you want to give Buddy access to:

You can add more organizations later on by selecting Buddy from the list of Authorized OAuth Apps in your GitHub account. You will see the list of organizations to which you belong at the bottom. There are two options available:

  • Grant access (if you are an admin of the group)
  • Request access (your request will have to be approved by an admin of the group first)

Once the access has been granted, you will be able to select the organization's repositories from the repo dropdown list.

The direct address of Buddy OAuth settings is https://github.com/settings/connections/applications/bce0cdef69aae14e14b0

Granting access to a single repository

If you cannot give Buddy access to all repositories in your account, you can select Custom Repository when adding a new project and manually set a deployment key in your GitHub repo.

If you don't have admin rights to add the web hook in your repo, you can pass it to your organization's admin.

Note: You can read more about configuring custom repositories in this guide

Granting access to another account

If you have two or more GitHub accounts, you can add them to the Integration List in your profile settings: https://app.buddy.works/integrations

Revoking access to GitHub

You can revoke the access in two ways:

  1. Delete the integration from your Buddy profile
  2. Revoke access from your GitHub settings

Revoking access to a GitHub organization

If you're the organization's admin you can revoke access from Buddy's OAuth profile

If you don't have permissions required, you can ask your admin to go to https://github.com/organizations/YOUR_ORGANIZATION/settings/oauth_application_policy and revoke the access there.

If you're interested in reading more about security features in Buddy, check out the articles on permissions in pipelines and protecting code with GitHub status checks.

Get started now

14 days of unlimited trial. No credit card required.