Support for manually created GitHub fine-grained Personal Access Tokens #24
tobiasglaeser
started this conversation in
Ideas
Replies: 0 comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
-
I read about this tool in the Thoughtworks Tech Radar 31 and think it would perfectly augment our teams "everything is on GitHub" workflow. However, I am also hesitant about the OAuth permissions requiring very broad (write-) access due to the limitations of GitHub OAuth (as discussed already in #8 and #4).
As an alternative to standard OAuth, I'd like to propose the use of manually created GitHub fine-grained Personal Access Tokens. They allow to limit access on per-repo basis (also supporting repos within GitHub orgs) and also provide a dedicated "Actions: Read-Only" scope (see here).
I'm not sure how much the token creation process could be automated though. For starters, I think a manual "paste your fine-grained PAT here" approach in the CCMenu settings would be a sufficient solution already for teams that have strict access constraints.
Beta Was this translation helpful? Give feedback.
All reactions