Context:
I have a Github App that centralizes a bunch of Github services for my clients. One of them is transfer a repository between orgs
(same enterprise).
It requires my client’s access token, but if he doesn’t have owner permission on both orgs, I can’t transfer de repo.
What i’m doing:
Currently the bot:
- Makes a
POST
tohttps://github.com/login/device/code
with theclientId
as a parameter. - Receive the
user_code
anddevice_code
- Asks my client to manually go to
https://github.com/login/device
, type theuser_code
and authorize the App to transfer - Polls
https://github.com/login/oauth/access_token
waiting for the user authorization - Transfer the repository
Ref 01
Ref 02
Ref 03 (step 5 for the polling)
Problem
It works great when my client is owner of both orgs. But that’s not most cases.
I’d like to transfer a repo between orgs even if my client isn’t owner of any of the orgs.
What I’d like to do
My App have write
permission on all orgs. Can’t I use its token to transfer a repo? If so, how can I get only one token to “controls” all orgs at the same time?
Currently I’m getting the App’s token by making a POST
here https://api.github.com/app/installations/${installationId}/access_tokens
, what gives me one token per ORG, which does not help me on transferring a repo between orgs.