OAuth App cannot access scope user:email #46257
Unanswered
lukehinds
asked this question in
Enterprise
Replies: 2 comments 2 replies
-
good day @lukehinds to retrieve the email addresses, you need to have at least the "user" scope granted. Also worth checking the repository or organization's permission settings on GitHub to ensure that the necessary permissions are set. If you don't have the necessary scope granted, you won't be able to retrieve the email addresses even if you have a valid OAuth token. |
Beta Was this translation helpful? Give feedback.
0 replies
-
@jge162 I know i need the scope granted, but how do I grant the scope? - where would I do that? |
Beta Was this translation helpful? Give feedback.
2 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
Select Topic Area
Question
Body
A user logins via github, which consists of my app posting to
https://github.com/login/oauth/access_token
with the scope ofscope=user:email
(alongside theclient_id
and theclient_secret
and oauth2code
I then get returned a oauth2 style token:
gho_xyz...
But I don't have the needed scope granted. I can see this in the response from GitHubs API.
I then post to the
https://api.github.com/user/emails
with the token as the authentication bearer and the result is:I have verified it is not my code, by using the exact same code, but to post to
https://api.github.com/user
instead which returns information correctly.One thing I have noted from following the docs here
The result shows only
repo
as a oauth scope (I got this running curl with an active oauth2 token):If I hard code a PAT token an email is returned, so it seems to be a permissions thing.
I thought maybe the scope needed to reflect permissions in the UI set up screen, but unlike a GitHub app, there are no fine grained access controls.
Any ideas?
Beta Was this translation helpful? Give feedback.
All reactions