mirror of
https://codeberg.org/forgejo/docs.git
synced 2024-11-25 18:19:26 -05:00
9af05bfb01
Reviewed-on: https://codeberg.org/forgejo/website/pulls/323 # Conflicts: # v1.19/admin/command-line.md # v1.19/admin/config-cheat-sheet.md # v1.19/admin/database-preparation.md # v1.19/admin/email-setup.md # v1.19/admin/incoming-email.md # v1.19/admin/index.md # v1.19/admin/logging-documentation.md # v1.19/admin/reverse-proxy.md # v1.19/admin/seek-assistance.md # v1.19/admin/upgrade.md # v1.19/developer/code-forgejo-org.md # v1.19/developer/index.md # v1.19/index.md # v1.19/license.md # v1.19/user/agit-support.md # v1.19/user/api-usage.md # v1.19/user/authentication.md # v1.19/user/email-settings.md # v1.19/user/first-repository.md # v1.19/user/index.md # v1.19/user/issue-pull-request-templates.md # v1.19/user/issue-tracking-basics.md # v1.19/user/labels.md # v1.19/user/linked-references.md # v1.19/user/merge-message-templates.md # v1.19/user/oauth2-provider.md # v1.19/user/packages/cargo.md # v1.19/user/packages/chef.md # v1.19/user/packages/composer.md # v1.19/user/packages/conan.md # v1.19/user/packages/conda.md # v1.19/user/packages/container.md # v1.19/user/packages/generic.md # v1.19/user/packages/helm.md # v1.19/user/packages/index.md # v1.19/user/packages/maven.md # v1.19/user/packages/npm.md # v1.19/user/packages/nuget.md # v1.19/user/packages/pub.md # v1.19/user/packages/pypi.md # v1.19/user/packages/rubygems.md # v1.19/user/packages/storage.md # v1.19/user/packages/vagrant.md # v1.19/user/project.md # v1.19/user/protection.md # v1.19/user/push-options.md # v1.19/user/push-to-create.md # v1.19/user/repo-permissions.md # v1.19/user/webhooks.md # v1.19/user/wiki.md # v1.20/user/semver.md
6.3 KiB
6.3 KiB
| title | license | origin_url |
|---|---|---|
| Access Token scope | Apache-2.0 | 62ac3251fa/docs/content/doc/development/oauth2-provider.en-us.md |
Forgejo supports scoped access tokens, which allow users to restrict tokens to operate only on selected url routes. Scopes are grouped by high-level API routes, and further refined to the following:
read:GETrouteswrite:POST,PUT,PATCH, andDELETEroutes (in addition toGET)
Forgejo token scopes are as follows:
| Name | Description |
|---|---|
| (no scope) | Not supported. A scope is required even for public repositories. |
| activitypub | activitypub API routes: ActivityPub related operations. |
| read:activitypub | Grants read access for ActivityPub operations. |
| write:activitypub | Grants read/write/delete access for ActivityPub operations. |
| admin | /admin/* API routes: Site-wide administrative operations (hidden for non-admin accounts). |
| read:admin | Grants read access for admin operations, such as getting cron jobs or registered user emails. |
| write:admin | Grants read/write/delete access for admin operations, such as running cron jobs or updating user accounts. |
| issue | issues/*, labels/*, milestones/* API routes: Issue-related operations. |
| read:issue | Grants read access for issues operations, such as getting issue comments, issue attachments, and milestones. |
| write:issue | Grants read/write/delete access for issues operations, such as posting or editing an issue comment or attachment, and updating milestones. |
| misc | miscellaneous and settings top-level API routes. |
| read:misc | Grants read access to miscellaneous operations, such as getting label and gitignore templates. |
| write:misc | Grants read/write/delete access to miscellaneous operations, such as markup utility operations. |
| notification | notification/* API routes: user notification operations. |
| read:notification | Grants read access to user notifications, such as which notifications users are subscribed to and read new notifications. |
| write:notification | Grants read/write/delete access to user notifications, such as marking notifications as read. |
| organization | orgs/* and teams/* API routes: Organization and team management operations. |
| read:organization | Grants read access to org and team status, such as listing all orgs a user has visibility to, teams, and team members. |
| write:organization | Grants read/write/delete access to org and team status, such as creating and updating teams and updating org settings. |
| package | /packages/* API routes: Packages operations |
| read:package | Grants read access to package operations, such as reading and downloading available packages. |
| write:package | Grants read/write/delete access to package operations. Currently the same as read:package. |
| repository | /repos/* API routes except /repos/issues/*: Repository file, pull-request, and release operations. |
| read:repository | Grants read access to repository operations, such as getting repository files, releases, collaborators. |
| write:repository | Grants read/write/delete access to repository operations, such as getting updating repository files, creating pull requests, updating collaborators. |
| user | /user/* and /users/* API routes: User-related operations. |
| read:user | Grants read access to user operations, such as getting user repo subscriptions and user settings. |
| write:user | Grants read/write/delete access to user operations, such as updating user repo subscriptions, followed users, and user settings. |