How to restrict user REST API access to specific Github organization?

Yashukumar-kc · March 30, 2021, 2:43am

I’m looking for a way to block REST API access to all the users for a specific Github organization.

I’ve tried quite a few things like block user/block IP range etc… But these options are blocking all the operations including git clone, pull, and push. I’d like to block only REST API access.

Any suggestions on how I could do this?

Thanks so much.

byrneh · March 30, 2021, 12:59pm

@Yashukumar-kc, welcome to the community

I do not recall reading anything that allows you to explicitly block REST API access (FYI there is a also an GRAPHQL API mechanism), that would override whatever permissions/roles you have given a user within your organization and its repositories. When you say all users, do you literally mean ALL users, including organization owners as well?

I do not really understand your use case, Perhaps it would hep the community reply or provide suggestions if you can explain further what you trying to achieve and why?

Yashukumar-kc · April 6, 2021, 8:49am

Thanks for the response @byrneh. Yes, I need to block All the users because users can impersonate the Personal Access Token(PAT).