GitHub App Installation Verification

I am looking to create a GitHub App, but I would like to restrict access to the app based on whether the user has an account on my platform. I can’t seem to find a way to do this with the GitHub App Installation flow. It seems as though, once the app is public, anyone can install it with a valid link to the app and all I can do is start receiving events.

It would be great if there was a flow that would allow me to either pass a valid key with the user to the installation page, giving them access to install, OR if, during the install, the user was redirected to my platform to validate the installation request.

Any ideas on how I can achieve this flow?

Hi @mgagliardo91,

Thanks for being here! The only workaround is after someone installs your application, you can then delete the installation via the API if you don’t want to allow them to use it:

https://developer.github.com/v3/apps/#delete-an-installation

I can see how a way to allow this type of restrictions would be helpful and  I’ve taken your feedback and passed it along to the appropriate teams. Thanks again for reaching out :grinning:

1 Like

Thanks for the info! And I definitely appreciate you passing that information on. I think it would be a desirable feature for GitHub Apps to control who can install their app on the public domain.

Thanks!