Home Product Introducing GitHub Apps for improved user access control

Introducing GitHub Apps for improved user access control

Author

Date

Category

We are very excited to announce our recent migration to GitHub Apps to improve the experience of GitHub Cloud users. Now, you have better control over the level of access granted to Codacy to your GitHub organizations and repositories. The migration also provides a set-up to add additional functionalities, available exclusively to GitHub Apps users, to Codacy in the future.

GitHub Apps Vs. OAuth Apps integration

GitHub officially recognizes GitHub Apps as the preferred way of building products that work with its repositories. It offers many advantages over pure OAuth-based sign-in, previously used by Codacy. 

OAuth-Based integration

With OAuth-based integration, you must grant Codacy access to everything in your GitHub account. It lacks the ability to exclude Codacy from repositories or organizations that you do not want to use (or would not use) with Codacy’s static analysis tool. 

GitHub Apps integration

However, with GitHub Apps’ targeted permissions, you may allow access to only what is needed, rather than everything your account has access to. Unlike OAuth Apps, you can choose to grant access to specific accounts, organizations and repositories. Also, you can always grant additional access to Codacy later —  it does not need to be upon initial signup. 

This new feature is particularly exciting for those who want to only grant Codacy access to specific GitHub organizations or repositories.

What does the migration mean for Codacy users?

As mentioned, users can now effectively manage Codacy’s access to organizations and repositories on their GitHub account. Upon initial use, be prepared for the following steps related to account permissions:

Initial Sign In

GitHub Cloud users are prompted to use GitHub Apps when they first authenticate with Codacy. 

Upon accessing Codacy, users undertake steps to reflect the change in permissions. These include:

  1. Sign out then sign back in to Codacy 
  2. Select the desired account to install Codacy
  3. Adjust repositories
  4. Accept permissions 

This permissions process applies to both app installation for individual Codacy accounts and admin installations for organizations.

For additional information on permissions, including details related to repositories, users, organizations and email addresses, please see our support documentation

Also, please note, existing integrations will continue to work for users.

Future

The Apps migration also unlocks our ability to access new APIs available almost exclusively to GitHub Apps users.

For Codacy, this includes GitHub Checks, which we are very excited to integrate. For more information on our planned implementation of Checks, please check out the feature on our product roadmap.  

References and documentation 

In addition to the support documentation above, we offer additional reference material regarding the Apps migration. This includes the announcement and troubleshooting articles from the Codacy team:

If you haven’t yet given it a try yet, sign in to Codacy and start using GitHub Cloud with new Apps integration. 

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Subscribe to our newsletter

To be updated with all the latest news, offers and special announcements.

Recent posts

What are Static Analysis Tools?

Static analysis tools are carried out on a software product in a non-runtime environment. This means that it is unnecessary to execute a program...

Your Static Code Analysis Guide

Errors - A word that is not so peaceful in the world of developers and software development. So, without any doubt, developers work hard...

Technical Debt In Coding

In this world, everybody has some kind of debt. And if we talk about the technical debt, it sounds like some kind of a...

Why we implemented Offline days at Codacy

Since the Coronavirus outbreak, like most people, we are facing a unique reality that is challenging us in many ways at the...

Pair programming at Codacy and why we do it

Pair programming, also known as pairing or “dynamic duo” model is not a new concept, and it was pioneered by C/C++ guru...