Hi, I'm developing an application that will helps user to discover repositories. I would like to be able to star any public repository.
This require the scope 'public_repo' which I think give too much access to my Oauth App and could frigthen some users from registering.
When I call the GraphQL API with a mutation, for some repositories it returns FORBIDDEN.
Although you appear to have the correct authorization credentials, the `zeit` organization has enabled OAuth App access restrictions, meaning that data access to third-parties is limited. For more information on these restrictions, including how to whitelist this app, visit https://help.github.com/articles/restricting-access-to-your-organization-s-data/
This could be a sub scope which would give less access to the OauthApp and then not being targetted by restriction access.
I believe this restriction is limiting the users experience for discovering repositories.
I would like to get what your developers team/ux team think about that.
Thanks for this feedback! We're always working to improve GitHub and the GitHub Community Forum, and we consider every suggestion we receive. I've logged your feature request in our internal feature request list. Though I can't guarantee anything or share a timeline for this, I can tell you that it's been shared with the appropriate teams for consideration.