Gitlab access scope `api` must be optional
Closed this issue · 1 comments
GAS85 commented
Hello dear community,
by first run integration makes proposals how to create a token, it is enough to have only read_api
, read_user
and read_repository
for basic functionality.
Scope api
grants complete read/write access to the API and from security purpose should not be used here, even if it used, than read_api
, read_user
and read_repository
are redundant and are not needed. Please add note that api
scope is optional.
julien-nc commented
Then api
scope should not be asked when using OAuth. Done, pushed, next release coming soon.