0
0
Fork 0
mirror of https://codeberg.org/forgejo/docs.git synced 2024-12-25 22:40:42 -05:00
forgejo-docs/user/token-scope.md
Caesar Schinas 9af05bfb01
refactor: use astro content collections for docs
Reviewed-on: https://codeberg.org/forgejo/website/pulls/323

# Conflicts:
#	v1.19/admin/command-line.md
#	v1.19/admin/config-cheat-sheet.md
#	v1.19/admin/database-preparation.md
#	v1.19/admin/email-setup.md
#	v1.19/admin/incoming-email.md
#	v1.19/admin/index.md
#	v1.19/admin/logging-documentation.md
#	v1.19/admin/reverse-proxy.md
#	v1.19/admin/seek-assistance.md
#	v1.19/admin/upgrade.md
#	v1.19/developer/code-forgejo-org.md
#	v1.19/developer/index.md
#	v1.19/index.md
#	v1.19/license.md
#	v1.19/user/agit-support.md
#	v1.19/user/api-usage.md
#	v1.19/user/authentication.md
#	v1.19/user/email-settings.md
#	v1.19/user/first-repository.md
#	v1.19/user/index.md
#	v1.19/user/issue-pull-request-templates.md
#	v1.19/user/issue-tracking-basics.md
#	v1.19/user/labels.md
#	v1.19/user/linked-references.md
#	v1.19/user/merge-message-templates.md
#	v1.19/user/oauth2-provider.md
#	v1.19/user/packages/cargo.md
#	v1.19/user/packages/chef.md
#	v1.19/user/packages/composer.md
#	v1.19/user/packages/conan.md
#	v1.19/user/packages/conda.md
#	v1.19/user/packages/container.md
#	v1.19/user/packages/generic.md
#	v1.19/user/packages/helm.md
#	v1.19/user/packages/index.md
#	v1.19/user/packages/maven.md
#	v1.19/user/packages/npm.md
#	v1.19/user/packages/nuget.md
#	v1.19/user/packages/pub.md
#	v1.19/user/packages/pypi.md
#	v1.19/user/packages/rubygems.md
#	v1.19/user/packages/storage.md
#	v1.19/user/packages/vagrant.md
#	v1.19/user/project.md
#	v1.19/user/protection.md
#	v1.19/user/push-options.md
#	v1.19/user/push-to-create.md
#	v1.19/user/repo-permissions.md
#	v1.19/user/webhooks.md
#	v1.19/user/wiki.md
#	v1.20/user/semver.md
2023-08-13 17:07:06 +01:00

6.3 KiB

title license origin_url
Access Token scope Apache-2.0 62ac3251fa/docs/content/doc/development/oauth2-provider.en-us.md

Forgejo supports scoped access tokens, which allow users to restrict tokens to operate only on selected url routes. Scopes are grouped by high-level API routes, and further refined to the following:

  • read: GET routes
  • write: POST, PUT, PATCH, and DELETE routes (in addition to GET)

Forgejo token scopes are as follows:

Name Description
(no scope) Not supported. A scope is required even for public repositories.
activitypub activitypub API routes: ActivityPub related operations.
    read:activitypub Grants read access for ActivityPub operations.
    write:activitypub Grants read/write/delete access for ActivityPub operations.
admin /admin/* API routes: Site-wide administrative operations (hidden for non-admin accounts).
    read:admin Grants read access for admin operations, such as getting cron jobs or registered user emails.
    write:admin Grants read/write/delete access for admin operations, such as running cron jobs or updating user accounts.
issue issues/*, labels/*, milestones/* API routes: Issue-related operations.
    read:issue Grants read access for issues operations, such as getting issue comments, issue attachments, and milestones.
    write:issue Grants read/write/delete access for issues operations, such as posting or editing an issue comment or attachment, and updating milestones.
misc miscellaneous and settings top-level API routes.
    read:misc Grants read access to miscellaneous operations, such as getting label and gitignore templates.
    write:misc Grants read/write/delete access to miscellaneous operations, such as markup utility operations.
notification notification/* API routes: user notification operations.
    read:notification Grants read access to user notifications, such as which notifications users are subscribed to and read new notifications.
    write:notification Grants read/write/delete access to user notifications, such as marking notifications as read.
organization orgs/* and teams/* API routes: Organization and team management operations.
    read:organization Grants read access to org and team status, such as listing all orgs a user has visibility to, teams, and team members.
    write:organization Grants read/write/delete access to org and team status, such as creating and updating teams and updating org settings.
package /packages/* API routes: Packages operations
    read:package Grants read access to package operations, such as reading and downloading available packages.
    write:package Grants read/write/delete access to package operations. Currently the same as read:package.
repository /repos/* API routes except /repos/issues/*: Repository file, pull-request, and release operations.
    read:repository Grants read access to repository operations, such as getting repository files, releases, collaborators.
    write:repository Grants read/write/delete access to repository operations, such as getting updating repository files, creating pull requests, updating collaborators.
user /user/* and /users/* API routes: User-related operations.
    read:user Grants read access to user operations, such as getting user repo subscriptions and user settings.
    write:user Grants read/write/delete access to user operations, such as updating user repo subscriptions, followed users, and user settings.