Skip to content

Add github_organization_credential_authorization table#552

Open
Kanthi-Hegde wants to merge 2 commits into
turbot:mainfrom
Kanthi-Hegde:add-org-credential-authorization-table
Open

Add github_organization_credential_authorization table#552
Kanthi-Hegde wants to merge 2 commits into
turbot:mainfrom
Kanthi-Hegde:add-org-credential-authorization-table

Conversation

@Kanthi-Hegde

Copy link
Copy Markdown

Description

The plugin currently has no way to query classic personal access tokens (PATs) that members have authorized against an organization. This PR adds a new github_organization_credential_authorization table to close that gap.

It wraps GitHub's List SAML SSO authorizations for an organization REST API (GET /orgs/{org}/credential-authorizations), which is the only API GitHub exposes for classic PATs at the org level. The same endpoint also returns authorized SSH keys, distinguishable via the credential_type column.

What's included

  • New table: github_organization_credential_authorization
  • Registration in plugin.go
  • Docs page with usage guide, required permissions, and example queries

Columns

login, credential_id, token_last_eight, scopes, credential_type, credential_authorized_at, credential_accessed_at, authorized_credential_id, authorized_credential_note, authorized_credential_expires_at, authorized_credential_title, fingerprint.

Notes

  • The organization qualifier is required.
  • This endpoint requires an organization owner token (admin:org) and is only available for organizations on GitHub Enterprise Cloud with SAML SSO enabled; other orgs return no rows. A 403/404 is treated as an empty result, consistent with other org-scoped tables in this plugin.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant