Better Documentation for auth scopes

[Hornswoggles]

Many of the scopes listed by running

anaconda auth -x

are undocumented. Our organization would like to leverage the authentication token infrastructure provided by anaconda cloud but are having difficulty figuring out which scopes to use. Is there more documentation about each of the scopes and what they provide access to do?

[srossross]

Thanks @Hornswoggles. We will be looking into this soon.

[goanpeca]

Is this something that is worth documenting @electronwill @csoja ? or not at this point?

[electronwill]

I see this from anaconda auth -x with anaconda-client 1.6.14:

$ anaconda auth -x
Using Anaconda API: https://api.anaconda.org
all
  Allow all operations

api
  Allow all API operations

api:modify-group
  Allow addition and modification of groups

api:read
  Allow read access to the API site

api:write
  Allow write access to the API site

conda
  Allow all operations on Conda repositories

conda:download
  Allow private downloads from Conda repositories

kapsel:upload
  No Documentation

pypi
  Allow all operations on PyPI repositories

pypi:download
  Allow private downloads from PyPI repositories

pypi:upload
  Allow uploads to PyPI repositories

repos
  Allow access to all package repositories



Examples

To allow access to only conda downloads from your account you can run:

    anaconda auth --create --scopes 'repos conda:download'

To allow full access to your account:

    anaconda auth --create --scopes 'all'

For kapsel:upload we could link to https://github.com/conda/kapsel and its readme file.

[electronwill]

We could also add a page at docs.anaconda.com with more text and detail about each of these and what they do. The docs team would need a draft from the developers to work from, with more detail than the inline help.

[goanpeca]

Hmm we should probably remove that kapsel thing :-\

[electronwill]

Oh, good point! That would be better.