Flask

Github Login: How to get List of Private Organization Members from Github API

Our goal is to get all sorts of private information from a GitHub authenticated login.

1. Create an AOuth app and request authorization with the correct scope

First, create an AOuth app from:

For reading private members of an organization, read:org scoped access token needs to be requested when authorizing. For example, with Github-Flask, do:

github.authorize(scope="read:org")

For a detailed list of what scopes enables access to what, see here.

After a successful authentication, GitHub will callback with an access token, which then needs to be applied in the requests that you make.

$ curl -H "Authorization: token OAUTH-TOKEN" https://api.github.com/users/codertocat

For details on the whole OAuth app workflow, see:

2. For organization to grant access

When a authorizing request is sent with scope read:org, the authentication step will include the organization access below:

We need to hit the Request button there, and then as admin of organization, grant access to this at:

Only then, will the access token we retrieved earlier be able to retrieve the full list of members from an organization with:

$ curl -H "Authorization: token OAUTH-TOKEN" https://api.github.com/orgs/:org/members

For details on the member API, see docs here:

Bugshooting

If the length of the member list is longer than 50, you might still not get the full list. In which case, use the per_page and page parameters:

Standard

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.