Home Product Introducing GitHub Apps for improved user access control

Introducing GitHub Apps for improved user access control

Author

Date

Category

We are very excited to announce our recent migration to GitHub Apps to improve the experience of GitHub Cloud users. Now, you have better control over the level of access granted to Codacy to your GitHub organizations and repositories. The migration also provides a set-up to add additional functionalities, available exclusively to GitHub Apps users, to Codacy in the future.

GitHub Apps Vs. OAuth Apps integration

GitHub officially recognizes GitHub Apps as the preferred way of building products that work with its repositories. It offers many advantages over pure OAuth-based sign-in, previously used by Codacy. 

OAuth-Based integration

With OAuth-based integration, you must grant Codacy access to everything in your GitHub account. It lacks the ability to exclude Codacy from repositories or organizations that you do not want to use (or would not use) with Codacy’s static analysis tool. 

GitHub Apps integration

However, with GitHub Apps’ targeted permissions, you may allow access to only what is needed, rather than everything your account has access to. Unlike OAuth Apps, you can choose to grant access to specific accounts, organizations and repositories. Also, you can always grant additional access to Codacy later —  it does not need to be upon initial signup. 

This new feature is particularly exciting for those who want to only grant Codacy access to specific GitHub organizations or repositories.

What does the migration mean for Codacy users?

As mentioned, users can now effectively manage Codacy’s access to organizations and repositories on their GitHub account. Upon initial use, be prepared for the following steps related to account permissions:

Initial Sign In

GitHub Cloud users are prompted to use GitHub Apps when they first authenticate with Codacy. 

Upon accessing Codacy, users undertake steps to reflect the change in permissions. These include:

  1. Sign out then sign back in to Codacy 
  2. Select the desired account to install Codacy
  3. Adjust repositories
  4. Accept permissions 

This permissions process applies to both app installation for individual Codacy accounts and admin installations for organizations.

For additional information on permissions, including details related to repositories, users, organizations and email addresses, please see our support documentation

Also, please note, existing integrations will continue to work for users.

Future

The Apps migration also unlocks our ability to access new APIs available almost exclusively to GitHub Apps users.

For Codacy, this includes GitHub Checks, which we are very excited to integrate. For more information on our planned implementation of Checks, please check out the feature on our product roadmap.  

References and documentation 

In addition to the support documentation above, we offer additional reference material regarding the Apps migration. This includes the announcement and troubleshooting articles from the Codacy team:

If you haven’t yet given it a try yet, sign in to Codacy and start using GitHub Cloud with new Apps integration. 

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Subscribe to our newsletter

To be updated with all the latest news, offers and special announcements.

Recent posts

7 drawbacks of linting tools

Linting tools (also known as linters or static analyzers) help automate the code review process. They perform basic static code analysis by flagging programming...

Using the API to add Codacy Grade details to the Readme

Some context Codacy has a badge mechanism that can be included in your Readme file. It gives you an idea of the grade of your repository, from...

March Product Update: Support for Cloud Infrastructure-as-code, Custom Reports with API endpoints & more 🚀

Here are some fresh updates from March! This month we bring you a new product offering, new features, and product updates, interesting reads, and...

Top 10 ways to perform fast code review

We always want to be fast at code review.. How frequent is it for you to be reviewing code at 3am? When code reviewing, do you...

Interview with Gary McKay, Somos’ Director of Agile Service Delivery

Somos is a proven leader in registry management and data solutions. Somos fosters meaningful connections by delivering value, innovation and confidence to consumers. We...