How to Use OAuth Authorization
About 429 wordsAbout 1 min
During development, you may need to use third-party tools (such as IDE plugins, CI tools, project management software, etc.) for collaboration. OAuth authorization provides a secure way to connect your CNB account with these applications without exposing your login credentials.
Benefits of OAuth Authorization
- Secure Connection: Third-party applications only receive temporary access tokens and cannot access your account.
- Controlled Permissions: You understand the scope of permissions granted (e.g., "Read Repository" but not "Delete Repository").
- Revocable at Any Time: You can revoke authorization whenever you no longer trust or need an application.
Steps
1. Initiate Authorization Link
Authorization typically starts from within the third-party app: click "Connect CNB" or "Sign in with CNB", and the browser will redirect to the CNB authorization page.
2. Confirm Authorization
If not logged in to CNB, log in first. After logging in, verify the application name and requested permissions, then click [Authorize].
3. Connection Successful
The page will redirect back to the third-party app. The app now has permission to access your specified resources, and you can operate CNB resources (such as pulling code, viewing tasks) directly without logging in again.
FAQ
1. Is my information secure?
Very secure:
- Credential Isolation: OAuth's core design protects account security. Third-party apps can never access your CNB login credentials
- Temporary Tokens: The system issues encrypted access tokens with an expiration time, valid only for the authorized app
- Security Monitoring: The CNB Security Center audits token usage and immediately intercepts any anomalies
2. What permissions are authorized?
Before clicking "Authorize", you can view the detailed permission list on the authorization page.
Permissions are typically divided into the following categories:
- Basic Info: Read your avatar and nickname (usually to display the current user).
- Read-Only: The app can only view code or tasks but cannot modify them.
- Read/Write: The app can modify code, create tasks, or trigger builds.
3. How to Revoke OAuth Authorization?
You can revoke authorization at any time — the action takes effect immediately:
- Log in to CNB, click your avatar in the top right corner, and select [Settings]
- Find [Authorized Applications] in the left navigation
- Find the application in the list, click [Details], then click [Revoke All Access]
Once revoked, the application can no longer access any of your data until you authorize it again.