Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

How do you create a clientid/secret for Enterprise? #327

Closed
ayoung opened this issue Dec 21, 2017 · 9 comments
Closed

How do you create a clientid/secret for Enterprise? #327

ayoung opened this issue Dec 21, 2017 · 9 comments

Comments

@ayoung
Copy link

ayoung commented Dec 21, 2017

I'm having a hard time finding out where to create the ID and secret for Gitify. All the oauth supports require a URL with a webhook or callback.
@stephancom
Copy link

+1 for this, some documentation would be very helpful.

@adamu
Copy link

adamu commented Feb 9, 2018

You can find it in GHE (v2.11) in SettingsOAuth ApplicationsDeveloper Applications. Leaving the callback URL blank seems to work fine.

@netvl
Copy link

netvl commented Mar 29, 2018

If you don't specify the callback url, it takes it from the home page url, which is a required field.

Why is requiring OAuth credentials is necessary at all? I was under impression that features available through the regular API (which only requires to generate a token) are the same as for OAuth apps.

@tiii
Copy link

tiii commented Apr 23, 2018

I'm also puzzled by this... What are the urls to specify?

@bmeeder22
Copy link

I got it to work by just specifying https://www.gitify.io/. After entering that as both the application URL and callback URL I was given the client id and secret, pasted those into gitify, and was then prompted by gitify to login to my enterprise account.

@ivandov ivandov mentioned this issue Apr 2, 2020
Closed
@lilyball
Copy link

Is there a reason Gitify can't use a Personal Access Token instead? It seems overkill to create an OAuth app just for myself to get a token.

@lilyball
Copy link

Looks like it's not just overkill; Gitify is showing the OAuth login dialog itself rather than deferring to the browser. This is really concerning because it defeats the whole point of OAuth; Gitify is in a position to intercept my username and password. Using the browser would require having a callback URL that actually went back to the app, but that's certainly possible on macOS and I would sure hope it's possible on Windows and Linux too.

Or just use a Personal Access Token and bypass all of this. PATs are used the same way that OAuth tokens are.

@lilyball
Copy link

Actually this issue affects regular GitHub too; I hadn't tried it before, but it's doing the same in-app browser window for login there, which means it's in a position to steal my GitHub username/password.

@bmulholland
Copy link
Collaborator

bmulholland commented Oct 4, 2023
edited
Loading

Personal access tokens are supported now, so this is maybe completed? I've also started work on moving OAuth to happen in a normal browser. See #654. Help is very welcomed.

There's several other issues about the OAuth login process linked in that PR, so closing this one as completed/duplicate.

Let me know if I'm missing a detail.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
8 participants
@lilyball @ayoung @stephancom @bmulholland @netvl @adamu @tiii @bmeeder22