Skip to content

Getting "OAuth App access restrictions" for GraphQL mutations but not same V3 action #24488

Discussion options

You must be logged in to vote

HI @rnystrom,

The GraphQL mutation works because you are using a personal access token. A personal access token is associated with a user, and a user isn’t subject to OAuth app access restrictions.

However, if I use a token from our app’s Basic OAuth flow, I get the FORBIDDEN error above.

 

This is expected, though admittedly confusing behavior. The babel organization has OAuth App access restrictions enabled:

https://help.github.com/articles/about-oauth-app-access-restrictions/

Because this feature is enabled, only owner-approved OAuth Apps can access the organization’s resources. In this case, Ryan’s application, GitHawk, needs to be listed as one of babel's approved OAuth applicati…

Replies: 3 comments

Comment options

You must be logged in to vote
0 replies
Answer selected
Comment options

You must be logged in to vote
0 replies
Comment options

You must be logged in to vote
0 replies
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
3 participants