CNB Docs

English

简体中文

English

简体中文
简体中文

Appearance

How to Use OAuth Authorization

Copy page

About 505 wordsAbout 2 min

During development, you may need to use various third-party tools (such as IDE plugins, CI tools, project management software, etc.) for collaboration. OAuth authorization provides a secure mechanism that allows you to connect your CNB account with these third-party applications without sharing your login credentials.

Benefits of OAuth Authorization

  • Secure Connection: Third-party applications only receive temporary access tokens and cannot access your account.
  • Controlled Permissions: You clearly understand the scope of permissions granted to third-party applications (e.g., they can "Read Repository" but cannot "Delete Repository").
  • Revocable at Any Time: If you no longer trust or need an application, you can revoke authorization at any time.

Steps

Typically, authorization starts from within the third-party application:

  • In the third-party application, click the "Connect CNB" or "Sign in with CNB" button.
  • After clicking, your browser will automatically redirect to the CNB authorization or login page.

2. Confirm Authorization

If you are not logged in to CNB, the system will ask you to log in first. After logging in, you will see the Authorization Request Page:

Please verify the application name and requested permissions carefully, then click the [Authorize] button.

3. Connection Successful

After clicking authorize, the page will redirect back to the third-party application. The app now has permission to access your specified resources, and you can operate CNB resources (such as pulling code, viewing tasks, etc.) directly within it without logging in again.

FAQ

1. Is my information secure?

Very secure.

  • Credential Isolation: The core design intent of OAuth is to protect account security. Third-party applications can never access your CNB login credentials.
  • Temporary Tokens: The system issues encrypted "access tokens". These tokens have an expiration time and are valid only for the specific application.
  • Security Monitoring: The CNB Security Center audits token usage and will immediately intercept any anomalies.

2. What permissions are authorized?

Before clicking "Authorize", you can view the detailed permission list on the authorization page.

Permissions are typically divided into the following categories:

  • Basic Info: Such as reading your avatar and nickname (usually used to display the current logged-in user).
  • Read-Only: The app can only view your code or tasks but cannot modify them.
  • Read/Write: The app can modify code, create tasks, or trigger builds.

3. How to revoke OAuth authorization?

You can revoke authorization at any time, and the action takes effect immediately:

  1. Log in to CNB, click your avatar in the top right corner, and select [Settings]
  2. Find [Authorized Applications] on the left side
  3. Find the application you want to revoke in the application list, click [Details], then click [Revoke All Access]

Once revoked, the application will no longer be able to access any of your data until you authorize it again.

© 2026 cnb.cool