create-github-app-token icon indicating copy to clipboard operation
create-github-app-token copied to clipboard

Published 20 hours ago verified publisher icon actions

Support Client ID as an alternative input to Client Secret

Open cloudshiftchris opened this issue 1 year ago • 6 comments

GitHub now recommends using the clientId instead of the appId/privateKey

Augment the options to allow clientId/clientSecret, validating that either this pair or appId/privateKey are provided, and pass these options along in the call to createAppAuth.

cloudshiftchris avatar May 12 '24 16:05 cloudshiftchris

Just to clarify, you cannot use the Client Secret, the private key is still required. But the OAuth Client ID is now recommended to be used as a substitute to the numeric app ID for github.com, and probably GitHub Enterprise Server 3.14+

We just shipped support for passing the client ID to Octokit's app authentication strategy: https://github.com/octokit/auth-app.js/releases/tag/v7.1.0

gr2m avatar May 13 '24 04:05 gr2m

@cloudshiftchris edit title to clarify that support is sought for using clientId instead of appId?

@gr2m are you saying this is already supported via https://github.com/octokit/auth-app.js/pull/606 ?

joebowbeer avatar Aug 07 '24 23:08 joebowbeer

@gr2m are you saying this is already supported via octokit/auth-app.js#606 ?

yes

gr2m avatar Aug 08 '24 06:08 gr2m