You can clone with
HTTPS or Subversion.
Decide on and implement some form of authentication. Most likely token based similar to how links/tags work. I.E.
GET /applications/some_app/token - Generates a new token for usage
DELETE /applications/some_app/token - Pass token id as JSON body
PUT /applications/some_app/token - Allow a user generated token for access control
Lame-ass token generator implemented. Need to wire it up.