Forum Discussion
Hi, I'm assuming you're using the GitHub push feature, and not the codegen synchronization from the "Manage Integration" options, correct?
Please make sure you have access to your repository and your token is correct. You can test it like such:
curl -H "Authorization: token TOKEN" https://api.github.com/orgs/YOUR_ORG/repos
where `TOKEN` is your personal access token, and `YOUR_ORG` is your organization. If you can't see the results here, your token must be bad.
Thanks for responding so quickly. Yes you are correct: I am using the GitHub push feature. I can run the operation you suggested and I can also access the swagger file from my repository using.
curl -H "Authorization: token TOKEN" https://api.github.com/repos/ORG/REPO/contents/DIR/MYAPI.json?ref=master
Is there some other github operation that you try and perform that needs additional scope/permissions? I created a GitHub user that has read-only access to the repository and I've created a token for that user with "repo" scope. Could it be that you require "admin:repo_hook" scope and an admin user so you can set up a web hook to call you when the file is merged into the branch? Is there a more secure way of handling this? One way is to ask users to create their own repo hook using a curl command that you supply. You can read how werker solved this problem here.
Having admin access to your users' github repositories is a security liability that you probably want to avoid.
In any case, reporting the github operation and the error in the email message is probably a nice idea.
- fehguy9 years agoStaff
Hi, you do need write access to your repos because the integration has permission to save the swagger definition to it. You do not need write access--the following should suffice:
Give that a shot and let us know how it goes
Related Content
- 10 years ago
- 10 months ago
- 3 years ago
- 3 years ago
Recent Discussions
- 15 days ago
- 2 months ago