You signed in with another tab or window.Reload to refresh your session.You signed out in another tab or window.Reload to refresh your session.You switched accounts on another tab or window.Reload to refresh your session.Dismiss alert
{{ message }}
This repository was archived by the owner on Nov 1, 2017. It is now read-only.
title:Breaking changes to organization permissions are now official
4
+
created_at:2015-06-24
5
+
author_name:jakeboxer
6
+
---
7
+
8
+
As[promised earlier this month][notice], the[API changes][api-changes] related to managing organization members and repositories are now official parts of the GitHub API.
9
+
10
+
During the migration period, you needed to[provide a custom media type in the`Accept` header][migration-period] to opt-in to the changes. Now that the migration period has ended, you no longer need to specify this custom[media type][media-types].
11
+
12
+
If you have any questions or feedback, please[get in touch with us][contact]!
Copy file name to clipboardExpand all lines: content/guides/discovering-resources-for-a-user.md
+2-12Lines changed: 2 additions & 12 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -28,12 +28,7 @@ As always, first we'll require [GitHub's Octokit.rb][octokit.rb] Ruby library. T
28
28
29
29
Octokit.auto_paginate = true
30
30
31
-
Next, we want to opt in to the[upcoming improvements to the repository listing API][list-repositories-for-current-user]. To do so, we'll set the media type that gives us access to that functionality.
Now, we'll pass in our application's[OAuth token for a given user][make-authenticated-request-for-user]:
31
+
Next, we'll pass in our application's[OAuth token for a given user][make-authenticated-request-for-user]:
37
32
38
33
#!ruby
39
34
# !!! DO NOT EVER USE HARD-CODED VALUES IN A REAL APP !!!
@@ -67,12 +62,7 @@ Just as we did when discovering repositories above, we'll start by requiring [Gi
67
62
68
63
Octokit.auto_paginate = true
69
64
70
-
Next, we'll opt in to the[upcoming enhancements to the organization listing API][list-orgs-for-current-user]. To do so, we'll set the media type that gives us access to that functionality.
Copy file name to clipboardExpand all lines: content/v3/orgs.md
+2-28Lines changed: 2 additions & 28 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -13,20 +13,7 @@ List organizations for the authenticated user.
13
13
14
14
###OAuth scope requirements
15
15
16
-
Currently,[OAuth](/v3/oauth/#scopes) requests always receive the user's[public organization memberships](https://help.github.com/articles/publicizing-or-concealing-organization-membership), regardless of the OAuth scopes associated with the request. If the OAuth authorization has`user` or`read:org` scope, the response also includes private organization memberships.
17
-
18
-
With the new Organization Permissions API (described below), this method will only return organizations that your authorization allows you to operate on in some way (e.g., you can list teams with`read:org` scope, you can publicize your organization membership with`user` scope, etc.). Therefore, this API will require at least`user` or`read:org` scope. OAuth requests with insufficient scope will receive a`403 Forbidden` response.
19
-
20
-
<divclass="alert">
21
-
<p>
22
-
We're currently offering a migration period allowing applications to opt in to the Organization Permissions API. This functionality will apply to all API consumers <a href="/changes/2015-06-10-breaking-changes-to-organization-permissions-coming-on-june-24/">beginning June 24, 2015</a>. Please see the <a href="/changes/2015-01-07-prepare-for-organization-permissions-changes/">blog post</a> for full details.
23
-
</p>
24
-
25
-
<p>
26
-
To access the API during the migration period, you must provide a custom <a href="/v3/media">media type</a> in the <code>Accept</code> header:
27
-
<pre>application/vnd.github.moondragon+json</pre>
28
-
</p>
29
-
</div>
16
+
This only lists organizations that your authorization allows you to operate on in some way (e.g., you can list teams with`read:org` scope, you can publicize your organization membership with`user` scope, etc.). Therefore, this API requires at least`user` or`read:org` scope. OAuth requests with insufficient scope receive a`403 Forbidden` response.
30
17
31
18
GET /user/orgs
32
19
@@ -60,20 +47,7 @@ Name | Type | Description
60
47
61
48
List[public organization memberships](https://help.github.com/articles/publicizing-or-concealing-organization-membership) for the specified user.
62
49
63
-
Currently, if you make an authenticated call, you can also list your private memberships in organizations (but only for the currently authenticated user).
64
-
65
-
With the new Organization Permissions API (described below), this method will only list*public* memberships, regardless of authentication. If you need to fetch all of the organization memberships (public and private) for the authenticated user, use the[List your organizations](#list-your-organizations) API instead.
66
-
67
-
<divclass="alert">
68
-
<p>
69
-
We're currently offering a migration period allowing applications to opt in to the Organization Permissions API. This functionality will apply to all API consumers <a href="/changes/2015-06-10-breaking-changes-to-organization-permissions-coming-on-june-24/">beginning June 24, 2015</a>. Please see the <a href="/changes/2015-01-07-prepare-for-organization-permissions-changes/">blog post</a> for full details.
70
-
</p>
71
-
72
-
<p>
73
-
To access the API during the migration period, you must provide a custom <a href="/v3/media">media type</a> in the <code>Accept</code> header:
74
-
<pre>application/vnd.github.moondragon+json</pre>
75
-
</p>
76
-
</div>
50
+
This method only lists*public* memberships, regardless of authentication. If you need to fetch all of the organization memberships (public and private) for the authenticated user, use the[List your organizations](#list-your-organizations) API instead.
Copy file name to clipboardExpand all lines: content/v3/orgs/members.md
+1-45Lines changed: 1 addition & 45 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -21,21 +21,10 @@ be returned.
21
21
Name | Type | Description
22
22
--------|---------|--------------
23
23
`filter`|`string` | Filter members returned in the list. Can be one of:<br/>*`2fa_disabled`: Members without[two-factor authentication][2fa-blog] enabled. Available for organization admins.<br/>*`all`: All members the authenticated user can see.<br/><br/>Default:`all`
24
-
`role` |`string` | Filter members returned by their role. If specified, must be set to`admin`, which will only return users with admin permissions on the org.**This parameter requires a custom media type to be specified. Please see more in the alert below.**
24
+
`role` |`string` | Filter members returned by their role. If specified, must be set to`admin`, which will only return users with admin permissions on the org.
We're currently offering a migration period allowing applications to opt in to the Organization Permissions API. This functionality will apply to all API consumers <a href="/changes/2015-06-10-breaking-changes-to-organization-permissions-coming-on-june-24/">beginning June 24, 2015</a>. Please see the <a href="/changes/2015-01-07-prepare-for-organization-permissions-changes/">blog post</a> for full details.
31
-
</p>
32
-
33
-
<p>
34
-
To access the API during the migration period, you must provide a custom <a href="/v3/media">media type</a> in the <code>Accept</code> header:
@@ -130,17 +119,6 @@ The user can publicize their own membership.
130
119
131
120
##Get organization membership
132
121
133
-
<divclass="alert">
134
-
<p>
135
-
We're currently offering a migration period allowing applications to opt in to the Organization Permissions API. Please see the <a href="/changes/2015-01-07-prepare-for-organization-permissions-changes/">blog post</a> for full details.
136
-
</p>
137
-
138
-
<p>
139
-
To access this API method during the migration period, you must provide a custom <a href="/v3/media">media type</a> in the <code>Accept</code> header:
140
-
<pre>application/vnd.github.moondragon+json</pre>
141
-
</p>
142
-
</div>
143
-
144
122
In order to get a user's membership with an organization, the authenticated user must be an organization admin.
145
123
146
124
GET /orgs/:org/memberships/:username
@@ -162,17 +140,6 @@ In order to get a user's membership with an organization, the authenticated user
162
140
163
141
##Add or update organization membership
164
142
165
-
<divclass="alert">
166
-
<p>
167
-
We're currently offering a migration period allowing applications to opt in to the Organization Permissions API. Please see the <a href="/changes/2015-01-07-prepare-for-organization-permissions-changes/">blog post</a> for full details.
168
-
</p>
169
-
170
-
<p>
171
-
To access this API method during the migration period, you must provide a custom <a href="/v3/media">media type</a> in the <code>Accept</code> header:
172
-
<pre>application/vnd.github.moondragon+json</pre>
173
-
</p>
174
-
</div>
175
-
176
143
In order to create or update a user's membership with an organization, the authenticated user must be an organization admin.
177
144
178
145
PUT /orgs/:org/memberships/:username
@@ -195,17 +162,6 @@ Name | Type | Description
195
162
196
163
##Remove organization membership
197
164
198
-
<divclass="alert">
199
-
<p>
200
-
We're currently offering a migration period allowing applications to opt in to the Organization Permissions API. Please see the <a href="/changes/2015-01-07-prepare-for-organization-permissions-changes/">blog post</a> for full details.
201
-
</p>
202
-
203
-
<p>
204
-
To access this API method during the migration period, you must provide a custom <a href="/v3/media">media type</a> in the <code>Accept</code> header:
205
-
<pre>application/vnd.github.moondragon+json</pre>
206
-
</p>
207
-
</div>
208
-
209
165
In order to remove a user's membership with an organization, the authenticated user must be an organization admin.
With the new Organization Permissions API (described below), this*will* include
21
-
repositories owned by organizations which the user can access. If you provide
22
-
the custom media type (described below), you won't need to use other APIs to
23
-
list the authenticated user's organization-owned repositories.
24
-
25
-
<divclass="alert">
26
-
<p>
27
-
We're currently offering a migration period allowing applications to opt in to the Organization Permissions API. This functionality will apply to all API consumers <a href="/changes/2015-06-10-breaking-changes-to-organization-permissions-coming-on-june-24/">beginning June 24, 2015</a>. Please see the <a href="/changes/2015-01-07-prepare-for-organization-permissions-changes/">blog post</a> for full details.
28
-
</p>
29
-
30
-
<p>
31
-
To access the API during the migration period, you must provide a custom <a href="/v3/media">media type</a> in the <code>Accept</code> header:
32
-
<pre>application/vnd.github.moondragon+json</pre>
33
-
</p>
34
-
</div>
12
+
List repositories that are accessible to the authenticated user.
13
+
14
+
This includes repositories owned by the authenticated user, repositories where
15
+
the authenticated user is a collaborator, and repositories that the
16
+
authenticated user has access to through an organization membership.
