Identifying users flow without callback_url


#1

Hi,
I’m building a bot that comments on GitHub issues. It would be nice to include links to my website on its comments for the user see additional info.

However, Integration docs says:

We have built flows that enable you to identify a user and determine what information you can show them. Currently this is limited to specific situations where a user clicks a link within GitHub and is directed to your site. Beyond this, you shouldn’t allow users to explore additional information that your Integration has.

You can read about the currently supported flows here. In the future, we’ll enable you to more holistically identify users and determine what information to show them.

The only supported flow doesn’t seem to be suited for my use case. I want to build my own links on issues comments. I don’t have a single callback_url. Can I link to my web application on issues comments and authenticate the user by redirecting to https://github.com/integration/#{integration.github_identifier}/auth? This is similar to the supported flow, but without the 1st step.


#2

I have a somewhat related question - given a github user_id is there a way to query which installations they have access to?

I would like to display a list of installations they can access on our site with their associated settings…


#3

:wave: @fjsj,

Unfortunately that flow is not something that’s currently supported. That overall functionality is something that we’d like to empower in the future, so we’ll be sure to update you as we have a more appropriate flow for what you’re looking to do.


#4

:wave: @tommoor,

There isn’t currently an endpoint to allow you to do that, though, similar to the above question, we do hope to empower that functionality in the future. The closest thing available at the moment is the ability to filter repositories an installation has access to, by user. Again, we’ll keep you in the loop as we further develop functionality along these lines.


#5

Thanks for your response @jmilas. I believe the flow I described would work even with the current implementation. But since it isn’t officially supported, I’ll wait for more stable versions of the API.


#6

any news on support for other workflows @jmilas?


#7

@acrobat,

No update or estimated timeline, other than to say these identity flows are something that we are currently working on :slight_smile:. Thanks for the feedback.


#8

The new OAuth flow fixes this, now, right?