Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings
This repository was archived by the owner on Nov 1, 2017. It is now read-only.

Sync changes from upstream repository#670

Merged
hubot merged 1 commit intomasterfromupdate-1418416001
Dec 12, 2014
Merged
Show file tree
Hide file tree
Changes fromall commits
Commits
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Original file line numberDiff line numberDiff line change
Expand Up@@ -5,7 +5,7 @@ created_at: 2014-09-23
author_name: jakeboxer
---

**Update:2014-09-30:** In response to feedback from developers, we're delaying the breaking change to the ["Add team member" API][add-team-member] until Monday, **October 6, 2014**. The change will go into effect for all requests on that date.
**UPDATE (2014-09-30):** In response to feedback from developers, we're delaying the breaking change to the ["Add team member" API][add-team-member] until Monday, **October 6, 2014**. The change will go into effect for all requests on that date.

Starting October 6, if you use [the "Add team member" API][add-team-member] to add a user to a team and that user isn't already on another team in your organization, the request will fail. To avoid this, be sure to use the [the "Add team membership" API][add-team-membership].

Expand Down
View file
Open in desktop
Original file line numberDiff line numberDiff line change
Expand Up@@ -4,11 +4,14 @@ title: Preview the upcoming organization permission changes
created_at: 2014-12-08
author_name: jakeboxer
---
**UPDATE (2014-12-12):** The [List your organizations][list-your-organizations] API is now included in this preview as well.

We have some upcoming changes that will affect the way organization members and repositories are managed. The most important changes are:

- The Owners team will no longer be special.
- The [List your repositories][list-your-repos] API will include organization-owned repositories.
- The [List user organizations][list-user-organizations] API will only include public organization memberships.
- The [List your organizations][list-your-organizations] API will require `user` scope or `read:org` scope.

## What's happening to the Owners team?

Expand DownExpand Up@@ -58,6 +61,20 @@ Soon, this API will only return public organization memberships.

If your app uses the [List user organizations][list-user-organizations] API to fetch all of the organization memberships (public and private) for the authenticated user, you'll need to update your app to use the [List your organizations][list-your-organizations] API instead. The [List your organizations][list-your-organizations] API returns all organizations (public and private) that your app is authorized to access.

## What's happening to the "List your organizations" API?

OAuth requests will soon require minimum [scopes][] in order to access the [List your organizations][list-your-organizations] API.

Currently, the API response always includes your [public organization memberships][public-org-membership], regardless of the OAuth scopes associated with your request. If you have `user`, `read:org`, `write:org`, or `admin:org` scope, the response also includes your private organization memberships.

Soon, this API will only return organizations that your authorization allows you to operate on in some way (e.g., you can list teams with `read:org` scope, you can publicize your organization membership with `user` scope, etc.). Therefore, this API will require at least `user` or `read:org` scope. (`write:org` and `admin:org` scope implicitly include `read:org` scope.) OAuth requests with insufficient scope will receive a `403 Forbidden` response.

### What should you do?

If you [authenticate via username and password][username-password-authn], you are not affected by this change.

If your app only needs to fetch the user's public organization memberships, you should use the [List user organizations][list-user-organizations] API instead. Since that API only returns public information, it does not require any scopes.

## Preview period

Starting **today**, these new APIs are available for developers to preview. We expect the preview period to last for four weeks. (Stay tuned to the developer blog for updates.) At the end of the preview period, these additions will become official components of the GitHub API.
Expand DownExpand Up@@ -86,3 +103,5 @@ If you have any questions or feedback, please [get in touch with us][contact]!
[list-user-organizations]: /v3/orgs/#list-user-organizations
[list-your-organizations]: /v3/orgs/#list-your-organizations
[public-org-membership]: https://help.github.com/articles/publicizing-or-concealing-organization-membership
[username-password-authn]: /v3/auth/#via-username-and-password
[scopes]: /v3/oauth/#scopes
17 changes: 16 additions & 1 deletioncontent/v3/orgs.md
View file
Open in desktop
Original file line numberDiff line numberDiff line change
Expand Up@@ -13,7 +13,22 @@ List organizations for the authenticated user.

### OAuth scope requirements

When using [OAuth](/v3/oauth/#scopes), authorizations must include `user` scope or `read:org` scope.
Currently, [OAuth](/v3/oauth/#scopes) requests always receive the user's [public organization memberships](https://help.github.com/articles/publicizing-or-concealing-organization-membership), regardless of the OAuth scopes associated with the request. If the OAuth authorization has `user` or `read:org` scope, the response also includes private organization memberships.

With the new Organization Permissions API (described below), this method will only return organizations that your authorization allows you to operate on in some way (e.g., you can list teams with `read:org` scope, you can publicize your organization membership with `user` scope, etc.). Therefore, this API will require at least `user` or `read:org` scope. OAuth requests with insufficient scope will receive a `403 Forbidden` response.

<div class="alert">
<p>
The Organization Permissions API is currently available for developers to preview.
During the preview period, the API may change without notice.
Please see the <a href="/changes/2014-12-08-organization-permissions-api-preview/">blog post</a> for full details.
</p>

<p>
To access the API during the preview period, you must provide a custom <a href="/v3/media">media type</a> in the <code>Accept</code> header:
<pre>application/vnd.github.moondragon-preview+json</pre>
</p>
</div>

GET /user/orgs

Expand Down
[8]ページ先頭
©2009-2025 Movatter.jp