jprdonnelly/docs
1
0
Fork 0
mirror of synced 2025-12-22 11:26:57 -05:00
Code Issues Projects Releases Wiki Activity

Merge branch 'main' into sophie-6156-content

Browse Source
This commit is contained in:
Sophie
2022-03-17 14:11:46 +01:00
committed by GitHub
parent 31b8ebb4a4 4173044de3
commit 69c6952237
79 changed files with 170 additions and 150 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
content/developers/apps/building-github-apps/creating-a-github-app.md
View File

@@ -52,7 +52,9 @@ topics:
1. By default, to improve your app's security, your app will use expiring user authorization tokens. To opt-out of using expiring user tokens, you must deselect "Expire user authorization tokens". To learn more about setting up a refresh token flow and the benefits of expiring user tokens, see "[Refreshing user-to-server access tokens](/apps/building-github-apps/refreshing-user-to-server-access-tokens/)."
![Option to opt-in to expiring user tokens during GitHub Apps setup](/assets/images/github-apps/expire-user-tokens-selection.png)
1. If your app authorizes users using the OAuth flow, you can select **Request user authorization (OAuth) during installation** to allow people to authorize the app when they install it, saving a step. If you select this option, the "Setup URL" becomes unavailable and users will be redirected to your "User authorization callback URL" after installing the app. See "[Authorizing users during installation](/apps/installing-github-apps/#authorizing-users-during-installation)" for more information.
![Request user authorization during installation](/assets/images/github-apps/github_apps_request_auth_upon_install.png)
![Request user authorization during installation](/assets/images/github-apps/github_apps_request_auth_upon_install.png){% if device-flow-is-opt-in %}
1. If your GitHub App will use the device flow to identify and authorize users, click **Enable Device Flow**. For more information about the device flow, see "[Authorizing OAuth Apps](/developers/apps/building-oauth-apps/authorizing-oauth-apps#device-flow)."
![Screenshot showing field for enabling device flow](/assets/images/oauth-apps/enable-device-flow.png){% endif %}
1. If additional setup is required after installation, add a "Setup URL" to redirect users to after they install your app.
![Field for the setup URL of your GitHub App ](/assets/images/github-apps/github_apps_setup_url.png)

4
content/developers/apps/building-github-apps/identifying-and-authorizing-users-for-github-apps.md
View File

@@ -124,9 +124,9 @@ curl -H "Authorization: token OAUTH-TOKEN" {% data variables.product.api_url_pre
{% endnote %}
The device flow allows you to authorize users for a headless app, such as a CLI tool or Git credential manager.
The device flow allows you to authorize users for a headless app, such as a CLI tool or Git credential manager.
For more information about authorizing users using the device flow, see "[Authorizing OAuth Apps](/developers/apps/authorizing-oauth-apps#device-flow)".
{% if device-flow-is-opt-in %}Before you can use the device flow to identify and authorize users, you must first enable it in your app's settings. For more information on enabling device flow, see "[Modifying a GitHub App](/developers/apps/managing-github-apps/modifying-a-github-app)." {% endif %}For more information about authorizing users using the device flow, see "[Authorizing OAuth Apps](/developers/apps/authorizing-oauth-apps#device-flow)."
## Check which installation's resources a user can access