Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Gets denied always #141

Closed
prolike opened this issue Sep 17, 2019 · 2 comments
Closed

Gets denied always #141

prolike opened this issue Sep 17, 2019 · 2 comments
Labels

Comments

@prolike
Copy link

prolike commented Sep 17, 2019

Everyone in the organization gets denied

I have an organization with the Oauth app, and the repository is on one of the members account.
But all the members are getting denied.
Is it because the repository has to be owned by the organization?
And does it have to be private?

@stale
Copy link

stale bot commented Nov 16, 2019

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.

@stale stale bot added the wontfix label Nov 16, 2019
@stale stale bot closed this as completed Nov 23, 2019
@wonderbird
Copy link

wonderbird commented Jun 29, 2021

Hi @benbalter and @prolike ,

maybe I have encountered the same issue. After following the Getting Started guide, I ended up with my sample Jekyll page showing the error 403 access denied cat.

Please consider adding the following steps to the documentation. They fixed the problem on my side:

  1. Add a team to your organization containing the members who should have access and configure the GITHUB_TEAM_ID for heroku
  2. Grant OAuth App access to your Jekyll App in your organization

Detailed step descriptions

1. Add a team to your organization containing the members who should have access and configure the GITHUB_TEAM_ID for heroku

  • Create a team within your organisation
  • Create a REST API token for your lokal heroku / jekyll installation
  • Save the REST API token by adding the line GITHUB_TOKEN=<your token> to .env (never commit that!)
  • Find out your numeric team id by jekyll-auth team_id --org <your org name> --team <your team name>
  • Tell heroku your team id by heroku config:set GITHUB_TEAM_ID=<your numeric team id>

2. Grant OAuth App access to your Jekyll App in your organization

  • After the team id was provided to the application, it showed an error 500.
  • Checking the logs on heroku revealed the message
    2021-06-29T03:44:45.449035+00:00 app[web.1]: 2021-06-29 03:44:45 - Octokit::Forbidden - GET https://api.github.com/teams/4923947/members/wonderbird: 403 - Although you appear to have the correct authorization credentials, the boos-systems organization has enabled OAuth App access restrictions, meaning that data access to third-parties is limited. For more information on these restrictions, including how to enable this app, visit https://docs.github.com/articles/restricting-access-to-your-organization-s-data/ // See: https://docs.github.com/rest:
  • Approving OAuth Apps for your organization made the page work. You have to select your heroku application and grant access.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Projects
None yet
Development

No branches or pull requests

2 participants