You signed in with another tab or window.Reload to refresh your session.You signed out in another tab or window.Reload to refresh your session.You switched accounts on another tab or window.Reload to refresh your session.Dismiss alert
{{ message }}
This repository was archived by the owner on Nov 1, 2017. It is now read-only.
Copy file name to clipboardExpand all lines: content/v3/oauth.md
+18-5Lines changed: 18 additions & 5 deletions
Original file line number
Diff line number
Diff line change
@@ -6,7 +6,7 @@ title: OAuth
6
6
7
7
{:toc}
8
8
9
-
OAuth2 is a protocol that lets externalapps request authorization to
9
+
OAuth2 is a protocol that lets externalapplications request authorization to
10
10
private details in a user's {{ site.data.variables.product.product_name }} account without getting their
11
11
password. This is preferred over[Basic Authentication](/v3/auth#basic-authentication) because tokens can
12
12
be limited to specific types of data, and can be revoked by users at any
@@ -34,8 +34,8 @@ This is a description of the OAuth2 flow from 3rd party web sites.
34
34
Name | Type | Description
35
35
-----|------|--------------
36
36
`client_id`|`string` |**Required**. The client ID you received from GitHub when you[registered](https://github.com/settings/applications/new).
37
-
`redirect_uri`|`string` | The URL in yourapp where users will be sent after authorization. See details below about[redirect urls](#redirect-urls).
38
-
`scope`|`string` | A space delimited list of[scopes](#scopes). If not provided,`scope` defaults to an empty listof scopesfor users thatdon'thavea valid tokenfor theapp. For users whodo alreadyhavea valid tokenfor theapp, the user won't be shown the OAuth authorization page with the list of scopes. Instead, this step of the flow will automatically complete with thesamescopesthat were used last time the usercompletedthe flow.
37
+
`redirect_uri`|`string` | The URL in yourapplication where users will be sent after authorization. See details below about[redirect urls](#redirect-urls).
38
+
`scope`|`string` | A space delimited list of[scopes](#scopes). If not provided,`scope` defaults to an empty list for users that havenot authorized any scopesfor theapplication. For users who haveauthorized scopesfor theapplication, the user won't be shown the OAuth authorization page with the list of scopes. Instead, this step of the flow will automatically complete with theset ofscopesthe user has authorized for theapplication. For example, if auserhas already performedthewebflow twice and has authorized one token with`user` scope and another token with`repo` scope, a third web flow that does not provide a`scope` will receive a token with`user` and`repo` scope.
39
39
`state`|`string` | An unguessable random string. It is used to protect against cross-site request forgery attacks.
40
40
`allow_signup`|`string` | Whether or not unauthenticated users will be offered an option to sign up for GitHub during the OAuth flow. The default is`true`. Use`false` in the case that a policy prohibits signups.
41
41
@@ -57,7 +57,7 @@ Name | Type | Description
57
57
`client_id`|`string` |**Required**. The client ID you received from GitHub when you[registered](https://github.com/settings/applications/new).
58
58
`client_secret`|`string` |**Required**. The client secret you received from GitHub when you[registered](https://github.com/settings/applications/new).
59
59
`code`|`string` |**Required**. The code you received as a response to[Step 1](#1-redirect-users-to-request-github-access).
60
-
`redirect_uri`|`string` | The URL in yourapp where users will be sent after authorization. See details below about[redirect urls](#redirect-urls).
60
+
`redirect_uri`|`string` | The URL in yourapplication where users will be sent after authorization. See details below about[redirect urls](#redirect-urls).
61
61
`state`|`string` | The unguessable random string you optionally provided in[Step 1](#1-redirect-users-to-request-github-access).
