Github access token scopes

You can find documentation about creating creating Github access tokens here:

Classic Access Token

Git for Confluence requests the following scopes:

• repo

The repo scope is the only scope that grants read access to source code. Reading git content is the only permission that Git for Confluence really needs to make the app work with Github. However, due to this limitation in the available scopes we have to request these permissions from you.

You could use the Fine Grained access tokens to further limit the access to source code.

Fine-grained Access Token (BETA)

Github introduced a new type of access token which has more customization options. When creating a fined-grained token, you have the option to give read-only access to several repositories. This is currently the only permission that Git for Confluence needs to operate.

API endpoints

These are the endpoints that are being called with an access token.

Retrieve content from a repository

This endpoint is being used to retrieve the contents of a resource so we can display it on a Confluence page for you. The content is not being saved on the servers of Git for Confluence. This means that every time a file, or folder, is being viewed on a Confluence page, we will have to retrieve its contents using this endpoint.

Retrieve repository information

Sometimes an error can occur when retrieving content from Github. Github tells us that the resource can not be found if it does not exist, or if you do not have access to it. Yet we would like to let you know what the actual problem is.

We use this endpoint to check if the repository exists, if that is the case we assume that the resource does not exist and show that to you in the UI.

If we can not find the repository, we assume that you do not have access to the resource that you are trying to share.