Repo sync

content/apps/oauth-apps/using-oauth-apps/index.md

@@ -14,5 +14,6 @@ children:
   - /authorizing-oauth-apps
   - /reviewing-your-authorized-oauth-apps
   - /connecting-with-third-party-applications
+  - /internal-oauth-apps
 ---
 

content/apps/oauth-apps/using-oauth-apps/internal-oauth-apps.md

@@ -0,0 +1,29 @@
+---
+title: Internal OAuth apps
+intro: 'Some {% data variables.product.prodname_oauth_apps %} are internal apps, owned by {% data variables.product.company_short %}, that are granted special capabilities.'
+versions:
+  fpt: '*'
+  ghes: '*'
+  ghae: '*'
+  ghec: '*'
+shortTitle: Internal apps
+---
+
+Some {% data variables.product.prodname_oauth_apps %} are internal apps. These apps are owned by {% data variables.product.company_short %} and are granted special capabilities. For example, even if an organization owner has restricted access by {% data variables.product.prodname_oauth_apps %} to the organization's data, users can still authorize these apps and use them to access data from the organization.
+
+Some of these internal apps are automatically included with {% data variables.product.company_short %} and do not require user authorization. These apps will not appear in your list of authorized {% data variables.product.prodname_oauth_apps %}.
+
+These internal apps will appear in the user security log, but will not appear in organization{% ifversion ghes or ghae or ghec %} or enterprise{% endif %} audit logs. {% ifversion ghes or ghae or ghec %}For more information, see "[AUTOTITLE](/authentication/keeping-your-account-and-data-secure/reviewing-your-security-log)," "[AUTOTITLE](/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/reviewing-the-audit-log-for-your-organization)", and "[AUTOTITLE](/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/about-the-audit-log-for-your-enterprise)."{% else %}For more information, see "[AUTOTITLE](/authentication/keeping-your-account-and-data-secure/reviewing-your-security-log)" and "[AUTOTITLE](/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/reviewing-the-audit-log-for-your-organization)."{% endif %}
+
+These {% data variables.product.prodname_oauth_apps %} are :
+
+- Git Credentials Manager
+- GitHub Android
+- {% data variables.product.prodname_cli %}
+- {% data variables.product.prodname_desktop %}
+- GitHub for Unity
+- GitHub for VSCode
+- GitHub iOS
+- GitHub Mac
+- GitHub Windows
+- Visual Studio

content/apps/oauth-apps/using-oauth-apps/reviewing-your-authorized-oauth-apps.md

@@ -28,3 +28,4 @@ shortTitle: Review OAuth apps
 {% ifversion fpt or ghec %}
 - "[AUTOTITLE](/get-started/exploring-integrations/about-integrations)"{% endif %}
 - "[AUTOTITLE](/apps/using-github-apps/reviewing-your-authorized-integrations)"
+- "[AUTOTITLE](/apps/oauth-apps/using-oauth-apps/internal-oauth-apps)"

content/organizations/managing-oauth-access-to-your-organizations-data/about-oauth-app-access-restrictions.md

@@ -22,6 +22,8 @@ shortTitle: '{% data variables.product.prodname_oauth_app %} restrictions'
 {% ifversion limit-app-access-requests %}
 {% data reusables.organizations.restricted-app-access-requests %}{% endif %}
 
+Even if you restrict {% data variables.product.prodname_oauth_apps %} access in your organization, users can still authorize internal {% data variables.product.prodname_oauth_apps %} apps and use them to access data from the organization. For more information, see "[AUTOTITLE](/apps/oauth-apps/using-oauth-apps/internal-oauth-apps)."
+
 {% data reusables.organizations.oauth_app_restrictions_default %}
 
 {% tip %}

content/organizations/managing-oauth-access-to-your-organizations-data/enabling-oauth-app-access-restrictions-for-your-organization.md

@@ -17,6 +17,8 @@ shortTitle: Restrict {% data variables.product.prodname_oauth_apps %}
 
 {% data reusables.organizations.oauth_app_restrictions_default %}
 
+Even if you restrict {% data variables.product.prodname_oauth_apps %} access in your organization, users can still authorize internal {% data variables.product.prodname_oauth_apps %} and use them to access data from the organization. For more information, see "[AUTOTITLE](/apps/oauth-apps/using-oauth-apps/internal-oauth-apps)."
+
 {% warning %}
 
 **Warnings**: