Github Auth plugin scope
-
I've recently added the Github Auth plugin to allow staff within my Github organisation to access XOA with 2FA. Seems like a sensible idea as we use Github anyway.
When I set the plugin up and tested it all seems great and working. I then tested with a user outside of my GitHub org and that let them in too! (Although with no permissions). I need to reduce the scope of the access to only users in my GitHub org.
I can't see anywhere on the OAuth App settings which specifies scope. Does anyone have any experience of this?
-
@Flying9167 It's indeed not possible at this to filter which users are allowed to sign in with XO auth plugins.
At this time it should be handled at the authentication provider itself and it does not look like GitHub OAuth implementation supports it.
-
F Flying9167 marked this topic as a question on
-
F Flying9167 has marked this topic as solved on
Hello! It looks like you're interested in this conversation, but you don't have an account yet.
Getting fed up of having to scroll through the same posts each visit? When you register for an account, you'll always come back to exactly where you were before, and choose to be notified of new replies (either via email, or push notification). You'll also be able to save bookmarks and upvote posts to show your appreciation to other community members.
With your input, this post could be even better 💗
Register Login