Github OAuth scopes
Required OAuth scopes and used endpoints when connecting to Github.
You can find an overview of all available OAuth scopes for Github here: https://docs.github.com/en/developers/apps/building-oauth-apps/scopes-for-oauth-apps
Git for Confluence requests the following scopes:
repo
The repo scope is the only scope that grants read access to source code. Reading git content is the only permission that Git for Confluence really needs to make the app work with Github. However, due to this limitation in the available OAuth scopes we have to request these permissions from you.
We are keeping an eye on discussion topics that discuss the lack of a read-only OAuth scopes in Github. Git for Confluence will request less permissions once those will be available in the future.
API endpoints
These are the endpoints that are being called with an OAuth token.
Retrieve content from a repository
This endpoint is being used to retrieve the contents of a resource so we can display it on a Confluence page for you. The content is not being saved on the servers of Git for Confluence. This means that every time a file, or folder, is being viewed on a Confluence page, we will have to retrieve its contents using this endpoint.
Retrieve repository information
Sometimes an error can occur when retrieving content from Github. Github tells us that the resource can not be found if it does not exist, or if you do not have access to it. Yet we would like to let you know what the actual problem is.
We use this endpoint to check if the repository exists, if that is the case we assume that the resource does not exist and show that to you in the UI.
If we can not find the repository, we assume that you do not have access to the resource that you are trying to share.
Last updated
