Hi, I’m developing an application that will helps user to discover repositories. I would like to be able to star any public repository.
This require the scope ‘public_repo’ which I think give too much access to my Oauth App and could frigthen some users from registering.
When I call the GraphQL API with a mutation, for some repositories it returns FORBIDDEN.
Although you appear to have the correct authorization credentials, the `zeit` organization has enabled OAuth App access restrictions, meaning that data access to third-parties is limited. For more information on these restrictions, including how to whitelist this app, visit https://help.github.com/articles/restricting-access-to-your-organization-s-data/
This could be a sub scope which would give less access to the OauthApp and then not being targetted by restriction access.
I believe this restriction is limiting the users experience for discovering repositories.
I would like to get what your developers team/ux team think about that.