Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Oauth scope write:org does not allow team membership add/update #33267

Closed
1 task done
coxd opened this issue May 31, 2024 · 9 comments · Fixed by #33646
Closed
1 task done

Oauth scope write:org does not allow team membership add/update #33267

coxd opened this issue May 31, 2024 · 9 comments · Fixed by #33646
Labels
content This issue or pull request belongs to the Docs Content team github apps Content related to GitHub Apps help wanted Anyone is welcome to open a pull request to fix this issue SME reviewed An SME has reviewed this issue/PR

Comments

@coxd
Copy link

coxd commented May 31, 2024

Code of Conduct

What article on docs.github.com is affected?

https://docs.github.com/en/apps/oauth-apps/building-oauth-apps/scopes-for-oauth-apps

What part(s) of the article would you like to see updated?

For a classic PAT the write:org scope is documented as:

Read and write access to organization membership, organization projects, and team membership.

Unfortunately team membership cannot be maintained with only this scope so either doc needs to be updated or more likely the implementation to allow it.

Apologies on submitting this as a doc issue, I searched quite extensively to try to determine a better place but rest-api-description was the only choice and did not seem appropriate.

Additional information

> curl -L -X PUT -H "Accept: application/vnd.github+json" -H "Authorization: Bearer ghp_redacted-write:org-token" -H "X-GitHub-Api-Version: 2022-11-28" https://api.github.com/orgs/coxd-test/teams/ateam/memberships/coxd -d '{"role":"member"}'
{
  "message": "You must be an organization owner or team maintainer to add a team membership.",
  "documentation_url": "https://docs.github.com/rest/teams/members#add-or-update-team-membership-for-a-user"
}

> curl -L -X PUT -H "Accept: application/vnd.github+json" -H "Authorization: Bearer ghp_redacted-admin:org-token" -H "X-GitHub-Api-Version: 2022-11-28" https://api.github.com/orgs/coxd-test/teams/ateam/memberships/coxd -d '{"role":"member"}'
{
  "state": "active",
  "role": "maintainer",
  "url": "https://api.github.com/organizations/171344193/team/10222765/memberships/coxd"
}
@coxd coxd added the content This issue or pull request belongs to the Docs Content team label May 31, 2024
@welcome Welcome
Copy link

welcome bot commented May 31, 2024

Thanks for opening this issue. A GitHub docs team member should be by to give feedback soon. In the meantime, please check out the contributing guidelines.

@github-actions github-actions bot added the triage Do not begin working on this issue until triaged by the team label May 31, 2024
@nguyenalex836 nguyenalex836 added waiting for review Issue/PR is waiting for a writer's review github apps Content related to GitHub Apps and removed triage Do not begin working on this issue until triaged by the team labels May 31, 2024
@nguyenalex836
Copy link
Contributor

@coxd Thanks so much for opening an issue! I'll get this triaged for review ✨

@0114833209

This comment was marked as spam.

Sign in to view
@0114833209

This comment was marked as spam.

Sign in to view
@skedwards88 skedwards88 added the needs SME This proposal needs review from a subject matter expert label Jun 3, 2024
@github-actions GitHub Actions
Copy link
Contributor

github-actions bot commented Jun 3, 2024

Thanks for opening an issue! We've triaged this issue for technical review by a subject matter expert 👀

@skedwards88
Copy link
Contributor

Thanks for this issue. We can update the doc for write:org to only include “Read and write access to organization membership and organization projects”. You or anyone else is welcome to open a pull request to do this.

@skedwards88 skedwards88 added help wanted Anyone is welcome to open a pull request to fix this issue and removed waiting for review Issue/PR is waiting for a writer's review labels Jun 18, 2024
@nguyenalex836 nguyenalex836 added SME reviewed An SME has reviewed this issue/PR and removed needs SME This proposal needs review from a subject matter expert labels Jun 18, 2024
@gonmmarques gonmmarques mentioned this issue Jun 22, 2024
Merged
2 tasks
@coxd
Copy link
Author

coxd commented Jul 16, 2024

@skedwards88

Apologies for the delay in replying.

I submitted this as a doc issue because I couldn't find anywhere else to bring this up. This is most likely a defect as org and team membership go hand-in-hand. I just confirmed a token scoped to only "read:org" is able to read team memberships. I do not think just changing the doc is the right outcome here based on this. If you could help me to understand where I could raise this issue in the correct location to have it treated as a defect rather than a doc issue that would be greatly appreciated.

@nguyenalex836
Copy link
Contributor

@coxd Thank you for the additional context! Given your comment above, the best place to send this feedback is to https://github.com/github/feedback/discussions

If there's anything in the documents that you have suggestions for updating, please feel free to open an issue in this repo 💛

@coxd
Copy link
Author

coxd commented Jul 18, 2024

For anyone that finds this issue - I've created a discussion. 🤞

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
content This issue or pull request belongs to the Docs Content team github apps Content related to GitHub Apps help wanted Anyone is welcome to open a pull request to fix this issue SME reviewed An SME has reviewed this issue/PR
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

docs: Update scope of write:org in oauth apps gonmmarques/docs
4 participants
@coxd @skedwards88 @nguyenalex836 @0114833209