undefined | Better HN

0 points0xbadcafebee5y ago0 comments

> It seems dumb that they don’t have per repo tokens.

Technically you can create one new GitHub account per repo and generate a token for that... But that is highly annoying :)

They need to support IAM / RBAC style policies and tie every authn+z method to those policies, but my guess is they have different auth methods strung all throughout their codebase so implementing it will take a few years. Then of course they have to make it "user friendly" as we all know how painful IAM can be...

0 comments

prepend5y ago

Comically, that’s why my GitHub recommended. Of course that’s a nightmare for a user to manage, violates our sso requirement, and GitHub charges per user.

leetrout5y ago

We do this at work. And you pay per user per team so we’re paying double or triple in some cases by managing access via teams.

j / k navigate · click thread line to collapse

0 comments

prepend5y ago

Comically, that’s why my GitHub recommended. Of course that’s a nightmare for a user to manage, violates our sso requirement, and GitHub charges per user.

leetrout5y ago

We do this at work. And you pay per user per team so we’re paying double or triple in some cases by managing access via teams.

j / k navigate · click thread line to collapse