Authorize 3rd party for my personal repos only


I want to set up Checks (in this case Travis CI) for some of my personal, open source projects.

However, when I am about to authorize Travis CI there is a section that says “Organization access” and lists my employer’s organization (of which I am an administrator).

I don’t want to mix my personal stuff with my employer’s stuff. How can I be sure that Travis CI (or any other 3rd party for that matter) won’t suddenly start meddling with repos in other organizations? I don’t want Travis CI stuff to suddenly become visible to my colleagues when they visit our organization’s page on GitHub or receive emails from Travis CI or in any other way see any Travis CI stuff.

Hope it makes sense.

1 Like

This absolutely does make sense. Keeping things secure while still allowing access when desired is, unfortunately, complicated by nature. We do our best ta make it as understandable as possible but we obviously still have improvements we can make.

I assume that you’re talking about this screen here:

As you can see in my sample here, Travis is asking for access to both my public and private repos, read-only access to my organization membership and teams, etc. What you can see down at the bottom is a list of organizations, including atom and lee-doppelganger-org. The green check mark next to the atom organization means that organization has granted access for that application to organization resources. The X next to lee-doppelganger-org means that organization has not granted access, but because this account is an owner of the lee-doppelganger-org organization there is the “Grant” button that allows me to do so right here.

If you want to ensure that OAuth applications that are not approved by the organization cannot access organization data but still allow them access to user’s personal data (if they choose), you can enable OAuth app access restrictions for your organization. New organizations have this enabled by default, but if your organization has been around for a while it may not be turned on for your organization.

I hope that helps and let us know if you have any questions!

1 Like

My friend you are right all I can assist you is that system is working to you because you owning organization and you registered me as a student, you should not include t5 on github URL,you will be using my automatic confirmation about if there is changes in that organization.The add-on drivers on (" page/) so it like just the way my fellow assisted you.:notebook:

Organization owners can enable oath to prevent unwanted apps accessing organization,