diff --git a/content/apps/oauth-apps/using-oauth-apps/index.md b/content/apps/oauth-apps/using-oauth-apps/index.md index 36c72e78d04e..e350a0b76ad9 100644 --- a/content/apps/oauth-apps/using-oauth-apps/index.md +++ b/content/apps/oauth-apps/using-oauth-apps/index.md @@ -14,5 +14,6 @@ children: - /authorizing-oauth-apps - /reviewing-your-authorized-oauth-apps - /connecting-with-third-party-applications + - /internal-oauth-apps --- diff --git a/content/apps/oauth-apps/using-oauth-apps/internal-oauth-apps.md b/content/apps/oauth-apps/using-oauth-apps/internal-oauth-apps.md new file mode 100644 index 000000000000..55c431d42663 --- /dev/null +++ b/content/apps/oauth-apps/using-oauth-apps/internal-oauth-apps.md @@ -0,0 +1,29 @@ +--- +title: Internal OAuth apps +intro: 'Some {% data variables.product.prodname_oauth_apps %} are internal apps, owned by {% data variables.product.company_short %}, that are granted special capabilities.' +versions: + fpt: '*' + ghes: '*' + ghae: '*' + ghec: '*' +shortTitle: Internal apps +--- + +Some {% data variables.product.prodname_oauth_apps %} are internal apps. These apps are owned by {% data variables.product.company_short %} and are granted special capabilities. For example, even if an organization owner has restricted access by {% data variables.product.prodname_oauth_apps %} to the organization's data, users can still authorize these apps and use them to access data from the organization. + +Some of these internal apps are automatically included with {% data variables.product.company_short %} and do not require user authorization. These apps will not appear in your list of authorized {% data variables.product.prodname_oauth_apps %}. + +These internal apps will appear in the user security log, but will not appear in organization{% ifversion ghes or ghae or ghec %} or enterprise{% endif %} audit logs. {% ifversion ghes or ghae or ghec %}For more information, see "[AUTOTITLE](/authentication/keeping-your-account-and-data-secure/reviewing-your-security-log)," "[AUTOTITLE](/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/reviewing-the-audit-log-for-your-organization)", and "[AUTOTITLE](/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/about-the-audit-log-for-your-enterprise)."{% else %}For more information, see "[AUTOTITLE](/authentication/keeping-your-account-and-data-secure/reviewing-your-security-log)" and "[AUTOTITLE](/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/reviewing-the-audit-log-for-your-organization)."{% endif %} + +These {% data variables.product.prodname_oauth_apps %} are : + +- Git Credentials Manager +- GitHub Android +- {% data variables.product.prodname_cli %} +- {% data variables.product.prodname_desktop %} +- GitHub for Unity +- GitHub for VSCode +- GitHub iOS +- GitHub Mac +- GitHub Windows +- Visual Studio diff --git a/content/apps/oauth-apps/using-oauth-apps/reviewing-your-authorized-oauth-apps.md b/content/apps/oauth-apps/using-oauth-apps/reviewing-your-authorized-oauth-apps.md index 8eeb756adfa1..063043701033 100644 --- a/content/apps/oauth-apps/using-oauth-apps/reviewing-your-authorized-oauth-apps.md +++ b/content/apps/oauth-apps/using-oauth-apps/reviewing-your-authorized-oauth-apps.md @@ -28,3 +28,4 @@ shortTitle: Review OAuth apps {% ifversion fpt or ghec %} - "[AUTOTITLE](/get-started/exploring-integrations/about-integrations)"{% endif %} - "[AUTOTITLE](/apps/using-github-apps/reviewing-your-authorized-integrations)" +- "[AUTOTITLE](/apps/oauth-apps/using-oauth-apps/internal-oauth-apps)" diff --git a/content/organizations/managing-oauth-access-to-your-organizations-data/about-oauth-app-access-restrictions.md b/content/organizations/managing-oauth-access-to-your-organizations-data/about-oauth-app-access-restrictions.md index 27ac8308a6bc..618bf18f74c2 100644 --- a/content/organizations/managing-oauth-access-to-your-organizations-data/about-oauth-app-access-restrictions.md +++ b/content/organizations/managing-oauth-access-to-your-organizations-data/about-oauth-app-access-restrictions.md @@ -22,6 +22,8 @@ shortTitle: '{% data variables.product.prodname_oauth_app %} restrictions' {% ifversion limit-app-access-requests %} {% data reusables.organizations.restricted-app-access-requests %}{% endif %} +Even if you restrict {% data variables.product.prodname_oauth_apps %} access in your organization, users can still authorize internal {% data variables.product.prodname_oauth_apps %} apps and use them to access data from the organization. For more information, see "[AUTOTITLE](/apps/oauth-apps/using-oauth-apps/internal-oauth-apps)." + {% data reusables.organizations.oauth_app_restrictions_default %} {% tip %} diff --git a/content/organizations/managing-oauth-access-to-your-organizations-data/enabling-oauth-app-access-restrictions-for-your-organization.md b/content/organizations/managing-oauth-access-to-your-organizations-data/enabling-oauth-app-access-restrictions-for-your-organization.md index 0484b8f5ebbd..4e8fe8c8fba8 100644 --- a/content/organizations/managing-oauth-access-to-your-organizations-data/enabling-oauth-app-access-restrictions-for-your-organization.md +++ b/content/organizations/managing-oauth-access-to-your-organizations-data/enabling-oauth-app-access-restrictions-for-your-organization.md @@ -17,6 +17,8 @@ shortTitle: Restrict {% data variables.product.prodname_oauth_apps %} {% data reusables.organizations.oauth_app_restrictions_default %} +Even if you restrict {% data variables.product.prodname_oauth_apps %} access in your organization, users can still authorize internal {% data variables.product.prodname_oauth_apps %} and use them to access data from the organization. For more information, see "[AUTOTITLE](/apps/oauth-apps/using-oauth-apps/internal-oauth-apps)." + {% warning %} **Warnings**: