Problem reading name of an Organization


#1

I’m trying to follow a few of the examples I’ve found on the web, and am running into a strange problem. I’m hoping someone here can tell me if I’m doing something wrong, or if this is a bug.

I’m attempting to query the name of the first organization that links to my user account. My query looks like:

query{
  viewer {
    login
    bio
    organizations(first: 1) {
      repos: edges {
        repo: node {
          name
          id
        }
      }
    }
  }
}

Unfortunately, I get the following error:

{
  "data": null,
  "errors": [
    {
      "message": "Your token has not been granted the required scopes to execute this query. The 'name' field requires one of the following scopes: ['admin:org'], but your token has only been granted the: ['read:gpg_key', 'read:org', 'read:public_key', 'read:repo_hook', 'repo', 'user'] scopes. Please modify your token's scopes at: https://github.com/settings/tokens."
    }
  ]
}

I have two tokens on my account – and both have admin:org checked.

My questions are:

  1. If I have two tokens associated with my account, which one gets used from the GraphQL explorer?
  2. Could this error be happening because I’m not an organizational admin on all the orgs I belong to? Do I really need to be an org admin to read the name of the org?

#2

Hey @jaredsmith, thanks for the questions. I’ll try to answer them as best I can.

Because the GraphQL explorer is an OAuth application, it keeps track of tokens on its own. So, short answer, neither of the tokens you see associated with your account is used. It’s another token generated by the OAuth application.

I actually think this is just a bug on our end; I believe we should only be requiring the read:org scope to… well… read org data :wink:

We’re tracking this internally and have a better answer for you soon. Thanks again!


#3

Hi @jaredsmith!

Could this error be happening because I’m not an organizational admin on all the orgs I belong to? Do I really need to be an org admin to read the name of the org?

This was an error on our end. You shouldn’t need to have the admin:org scope in order to read attributes on your organization. Thank you for pointing it out!

I’ve adjusted the scopes, would you mind giving it another try and letting me know if everything works as expected?

Much thanks!
Brooks


#4

It’s no longer throwing an error, but if I change it from “first: 1” to “first: 3”, it’s still only showing the first organization that I’m associated with.

@bswinnerton Can you please re-open this and address?


#5

#6

#7

Sorry about the early close @jaredsmith, we’re still getting used to this new forum : ).

I’m not sure why that’s the case. I just verified the same query with my own account and a test account and was able to get more than one organization back.

One thing that might be causing a little confusion is that you’re aliasing the organization edges to the name “repos”, and the node to “repo”. While this won’t affect the data being returned from the query, it will modify the structure. If you’re looking to get the organization’s repositories, you may want something that looks like this:

{
  viewer {
    login
    bio
    organizations(first: 3) {
      edges {
        organization: node {
          name
          id
          repositories(first: 3) {
            edges {
              repository: node {
                name
              }
            }
          }
        }
      }
    }
  }
}

As for the issue of only having one organization returned, is it possible you’re authenticated into the GitHub GraphQL Explorer as a different user that doesn’t have access to the organizations you expect?


#8

@bswinnerton. Thanks for taking another look at this.

Yes, I understand that my aliases didn’t really match up with what I was actually pulling. Those aliases were just leftovers from testing with repo objects instead of org objects, so we can ignore them for now.

I ran your example above, and I’m still only showing the first three repositories for just one organization (“Fedora Cloud SIG”), even though you can see from my Github profile (https://github.com/jaredsmith) that I’m associated with three organizations. And I only have one Github account, and I’m definitely logged in with that account.

Any other ideas on what I can do to test/debug this?