Skip to content

Commit 1731439

Browse files
davidfischerdavidfischer
committed
Document connected account permissions
1 parent e50345c commit 1731439

File tree

1 file changed

+62
-1
lines changed

1 file changed

+62
-1
lines changed

docs/connected-accounts.rst

Lines changed: 62 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,5 @@
11
Connecting Your Account
2-
-----------------------
2+
=======================
33

44
If you are going to import repositories from GitHub, Bitbucket, or GitLab,
55
you should connect your Read the Docs account to your repository host first.
@@ -18,3 +18,64 @@ and select `Connected Services <https://readthedocs.org/accounts/social/connecti
1818
From here, you'll be able to connect to your GitHub, Bitbucket or GitLab
1919
account. This process will ask you to authorize a connection to Read the Docs,
2020
that allows us to read information about and clone your repositories.
21+
22+
23+
Permissions for connected accounts
24+
----------------------------------
25+
26+
Read the Docs does **not** ask for write permission to your repositories' code
27+
and since we only connect to public repositories we don't need special permissions to read them.
28+
However, we do need permissions for authorizing your account
29+
so that you can login to Read the Docs with your connected account credentials
30+
and to setup :doc:`webhooks`
31+
which allow us to build your documentation on every change to your repository.
32+
33+
34+
GitHub
35+
~~~~~~
36+
37+
Read the Docs requests the following permissions (more precisely, `OAuth scopes`_)
38+
when connecting your Read the Docs account to GitHub.
39+
40+
.. _OAuth scopes: https://developer.github.com/apps/building-oauth-apps/understanding-scopes-for-oauth-apps/
41+
42+
Read access to your email address (``user:email``)
43+
We ask for this so you can create a Read the Docs account and login with your GitHub credentials.
44+
45+
Administering webhooks (``admin:repo_hook``)
46+
We ask for this so we can create webhooks on your repositories when you import them into Read the Docs.
47+
This allows us to build the docs when you push new commits.
48+
49+
Read access to your organizations (``read:org``)
50+
We ask for this so we know which organizations you have access to.
51+
This allows you to filter repositories by organization when importing repositories.
52+
53+
Repository status (``repo:status``)
54+
Repository statuses allow Read the Docs to report the status
55+
(eg. passed, failed, pending) of pull requests to GitHub.
56+
This is used for a feature currently in beta testing
57+
that builds documentation on each pull request similar to a continuous integration service.
58+
59+
.. note::
60+
61+
:doc:`Read the Docs for Business </commercial/index>`
62+
asks for one additional permission (``repo``) to allow access to private repositories
63+
and to allow us to setup SSH keys to clone your private repositories.
64+
65+
Bitbucket
66+
~~~~~~~~~
67+
68+
For similar reasons to those above for GitHub, we request permissions for:
69+
70+
* Reading your account information including your email address
71+
* Read access to your team memberships
72+
* Read access to your repositories
73+
* Read and write access to webhooks
74+
75+
GitLab
76+
~~~~~~
77+
78+
Like the others, we request permissions for:
79+
80+
* Reading your account information (``read_user``)
81+
* API access (``api``) which is needed to create webhooks in GitLab

0 commit comments

Comments
 (0)