diff --git a/assets/images/help/apps/github-app-acting-on-your-behalf.png b/assets/images/help/apps/github-app-acting-on-your-behalf.png new file mode 100644 index 0000000000..b70013ce4a Binary files /dev/null and b/assets/images/help/apps/github-app-acting-on-your-behalf.png differ diff --git a/assets/images/help/apps/github-apps-new-issue.png b/assets/images/help/apps/github-apps-new-issue.png deleted file mode 100644 index 3537053808..0000000000 Binary files a/assets/images/help/apps/github-apps-new-issue.png and /dev/null differ diff --git a/assets/images/help/apps/github_apps_new_permissions_post2dot13.png b/assets/images/help/apps/github_apps_new_permissions_post2dot13.png deleted file mode 100644 index 8dc90c0e29..0000000000 Binary files a/assets/images/help/apps/github_apps_new_permissions_post2dot13.png and /dev/null differ diff --git a/content/apps/creating-github-apps/creating-github-apps/creating-a-github-app.md b/content/apps/creating-github-apps/creating-github-apps/creating-a-github-app.md index a155f49656..749edf9e93 100644 --- a/content/apps/creating-github-apps/creating-github-apps/creating-a-github-app.md +++ b/content/apps/creating-github-apps/creating-github-apps/creating-a-github-app.md @@ -77,8 +77,7 @@ topics: {% endnote %} -1. In "Permissions", choose the permissions your app will request. For each type of permission, use the drop-down menu and click **Read-only**, **Read & write**, or **No access**. -![Various permissions for your GitHub App](/assets/images/github-apps/github_apps_new_permissions_post2dot13.png) +1. Under "Permissions", choose the permissions your app will request. For each type of permission, select the dropdown menu and click **Read-only**, **Read & write**, or **No access**. 1. In "Subscribe to events", choose the events you want your app to receive. 1. To choose where the app can be installed, select either **Only on this account** or **Any account**. For more information on installation options, see "[AUTOTITLE](/apps/creating-github-apps/creating-github-apps/making-a-github-app-public-or-private)." ![Installation options for your GitHub App](/assets/images/github-apps/github_apps_installation_options.png) diff --git a/content/apps/using-github-apps/authorizing-github-apps.md b/content/apps/using-github-apps/authorizing-github-apps.md index 73ce84c3f5..76905ee560 100644 --- a/content/apps/using-github-apps/authorizing-github-apps.md +++ b/content/apps/using-github-apps/authorizing-github-apps.md @@ -14,7 +14,7 @@ redirect_from: - /authentication/keeping-your-account-and-data-secure/authorizing-github-apps --- -Third-party applications that need to verify your {% data variables.product.prodname_dotcom %} identity, or interact with the data on {% data variables.product.prodname_dotcom %} on your behalf, can ask you to authorize the {% data variables.product.prodname_github_app %} to do so. +Third-party applications that need to verify your {% data variables.product.prodname_dotcom %} identity, or interact with the data on {% data variables.product.prodname_dotcom %} on your behalf, can ask you to authorize the {% data variables.product.prodname_github_app %} to do so. When authorizing the {% data variables.product.prodname_github_app %}, you should ensure you trust the application, review who it's developed by, and review the kinds of information the application wants to access. @@ -25,22 +25,22 @@ During authorization, you'll be prompted to grant the {% data variables.product. When authorized, the {% data variables.product.prodname_github_app %} will be able to programmatically read the _private_ {% data variables.product.prodname_dotcom %} resources that you can access (such as private {% data variables.product.prodname_dotcom %} repositories) _where_ an installation of the {% data variables.product.prodname_github_app %} is also present. The application may use this, for example, so that it can show you an appropriate list of repositories. * **Act on your behalf**
The application may need to perform tasks on {% data variables.product.prodname_dotcom %}, as you. This might include creating an issue, or commenting on a pull request. This ability to act on your behalf is limited to the {% data variables.product.prodname_dotcom %} resources where _both_ you and the {% data variables.product.prodname_github_app %} have access. In some cases, however, the application may never make any changes on your behalf. - + ## When does a {% data variables.product.prodname_github_app %} act on your behalf? -The situations in which a {% data variables.product.prodname_github_app %} acts on your behalf vary according to the purpose of the {% data variables.product.prodname_github_app %} and the context in which it is being used. +The situations in which a {% data variables.product.prodname_github_app %} acts on your behalf vary according to the purpose of the {% data variables.product.prodname_github_app %} and the context in which it is being used. For example, an integrated development environment (IDE) may use a {% data variables.product.prodname_github_app %} to interact on your behalf in order to push changes you have authored through the IDE back to repositories on {% data variables.product.prodname_dotcom %}. The {% data variables.product.prodname_github_app %} will achieve this through a [user-to-server request](/get-started/quickstart/github-glossary#user-to-server-request). When a {% data variables.product.prodname_github_app %} acts on your behalf in this way, this is identified on GitHub via a special icon that shows a small avatar for the {% data variables.product.prodname_github_app %} overlaid onto your own avatar, similar to the one shown below. -![An issue created by a "user-to-server" request from a {% data variables.product.prodname_github_app %}](/assets/images/help/apps/github-apps-new-issue.png) +![Screenshot of a comment that has the special avatar with an overlaid bot icon. The avatar is highlighted with an orange outline.](/assets/images/help/apps/github-app-acting-on-your-behalf.png) ## To what extent can a {% data variables.product.prodname_github_app %} know which resources you can access and act on your behalf? The extent to which a {% data variables.product.prodname_github_app %} can know which resources you can access and act on your behalf, after you have authorized it, is limited by: -* The organizations or repositories on which the app is installed +* The organizations or repositories on which the app is installed * The permissions the app has requested * Your access to {% data variables.product.prodname_dotcom %} resources @@ -48,7 +48,7 @@ Let's use an example to explain this. {% data variables.product.prodname_dotcom %} user Alice logs into a third-party web application, ExampleApp, using their {% data variables.product.prodname_dotcom %} identity. During this process, Alice authorizes ExampleApp to perform actions on their behalf. -However, the activity ExampleApp is able to perform on Alice's behalf in {% data variables.product.prodname_dotcom %} is constrained by: the repositories on which ExampleApp is installed, the permissions ExampleApp has requested, and Alice's access to {% data variables.product.prodname_dotcom %} resources. +However, the activity ExampleApp is able to perform on Alice's behalf in {% data variables.product.prodname_dotcom %} is constrained by: the repositories on which ExampleApp is installed, the permissions ExampleApp has requested, and Alice's access to {% data variables.product.prodname_dotcom %} resources. This means that, in order for ExampleApp to create an issue on Alice's behalf, in a repository called Repo A, all of the following must be true: