I’m looking for a way to block REST API access to all the users for a specific Github organization.
I’ve tried quite a few things like block user/block IP range etc… But these options are blocking all the operations including git clone, pull, and push. I’d like to block only REST API access.
Any suggestions on how I could do this?
Thanks so much.
@Yashukumar-kc, welcome to the community
I do not recall reading anything that allows you to explicitly block REST API access (FYI there is a also an GRAPHQL API mechanism), that would override whatever permissions/roles you have given a user within your organization and its repositories. When you say all users, do you literally mean ALL users, including organization owners as well?
I do not really understand your use case, Perhaps it would hep the community reply or provide suggestions if you can explain further what you trying to achieve and why?
Thanks for the response @byrneh. Yes, I need to block All the users because users can impersonate the Personal Access Token(PAT).