"Enable you to trigger actions in GitHub"

Hi, I’m developing a GitHub app, and when users authenticate for the app, they see the following:

actions

Which app setting causes the “Actions” access request? Looking at the app permissions, the only user permission that is requested is Email.

Thanks :smile:

:wave: @oadk––welcome to the GitHub Support Community, and thanks for raising this question here! :sunglasses:

In a GitHub App’s Settings, there’s a Permissions & events tab outlining the different permissions the application requests access to. For this particular case:

  • Actions is scoped under Repository permissions
  • Email addresses is scoped under User permissions

Out of curiosity, are you seeing Actions requested despite its level of access being set to No access under Repository permissions? If so, please confirm that with us and we can take the next steps around how and/or why that might be the case. :male_detective:

Hi @francisfuzz thanks for your reply :smile:

Out of curiosity, are you seeing Actions requested despite its level of access being set to No access under Repository permissions ?

Yes, that is exactly the problem, and it’s why I was surprised to see “Actions” access request. Here’s a screenshot from the Permissions and Events tab of my app:

Thanks for your help

@oadk - Thanks for clarifying! Our team recently deployed an update to GitHub.com so that message about requesting Actions shouldn’t be shown there unless the permission is set. Could I ask that you please check again and let us know if you’re still seeing that view?

Hi @francisfuzz, the screen looks a bit different now, but instead of Actions, it now says Act on your behalf, which is still unexpected, as the only user permission requested is Email addresses.

Screenshot 2020-06-20 at 16.49.42

@oadk - That’s a great question! I reached out to our engineers about this internally so they can offer their input on what the implications of having that “Act on your behalf” means if the app is granted that authorization. As soon as I get an update, I’ll follow up here. :v:

1 Like

Great, thank you @francisfuzz! :smile:

Hi @francisfuzz did you get an update on this? It seems that people trying to install my app are still seeing “Act on your behalf”, and it’s causing some of them to abort the app installation, as they don’t know what this permission means.

TBH I can understand why they find it concerning.

Do you know which permissions cause “act on your behalf” to be shown?

Some relevant information from @lee-dohm in this thread: Why does this forum need permission to act on my behalf?

Because of the way GitHub Apps work for this sign-in-as scenario (or other user-to-server applications), it has the ability to act on your behalf or know which resources you can access, but only within the scope of the permissions we’ve requested, in other words verifying your identity and reading your account’s email address.

We understand that this is poorly and confusingly worded for this kind of scenario. We’ve given this feedback to the team that is responsible for how this dialog is designed. We’ll be working with them to improve it to hopefully make it more clear and understandable as to what exactly is being requested so that you can be more confident in the decision you’re being asked to make.

This change is really needed. As I mentioned above, the current wording is causing users to abort installation of my app. (I was lucky enough to get direct feedback from some of them about this, but I hate to think how many have aborted the install without telling me). The problem must be affecting many apps.

@lee-dohm do you know what the current status of the wording change is?

Currently, there’s nothing to report and, unfortunately, we can’t give an ETA on when this change might happen. Your best bet is to keep an eye on the GitHub Changelog and the GitHub Public Roadmap.

2 Likes

Hi @lee-dohm, thanks for the update. It’s disappointing that there isn’t anything to report. I’ve checked the issues in the roadmap, but unfortunately can’t see an entry for this problem. It must be affecting thousands of apps and tens of thousands of users every day.

I understand that this isn’t something you have control over personally, and I appreciate your efforts with looking into it (indeed, it sounds like you’ve already given the team some constructive feedback about a redesign of the dialog - great stuff!!). If there’s anything you can do to raise the priority of this issue with the other team, that would be very much appreciated :smile:

1 Like