organization: member-added webhook should include invite id #45932
Replies: 4 comments 3 replies
-
We're having the same issue here when it comes to automating users provisioning/revocation. As a bad workaround, we're currently asking new employees to send us their github username, this way we can invite them and we can map employee <==> github user. |
Beta Was this translation helpful? Give feedback.
-
@Iron-Ham @jmeridth Is there a formal way to have this bug tracked instead of just having it lost in the ether? I have another detailed writeup of the issue here: https://github.com/orgs/community/discussions/45673 |
Beta Was this translation helpful? Give feedback.
-
@andrewaustin Hi there, Please note, contacting any member of GitHub Staff via unsolicited mentions or pings is strongly discouraged and may be considered a violation of our prohibition against harassment. Please review our Code of Conduct for more information. Let's work together to keep GitHub Community a place where people feel safe to participate by being respectful of them and their time. Any repeat and future violations may result in a temporary or indefinite block from the Community. Thanks for understanding. |
Beta Was this translation helpful? Give feedback.
-
@andrewaustin I had the same issue and did an interesting workaround that kinda works well enough (I mark users with unlinked emails as suspicious in case the webhook fails). |
Beta Was this translation helpful? Give feedback.
-
Select Topic Area
Bug
Body
The Problem
I want to invite and remove organization members programmatically by email. Inviting is easy using the organization "create invitation" REST endpoint.( documented here: https://docs.github.com/en/rest/orgs/members?apiVersion=2022-11-28#create-an-organization-invitation ). However, once the user has accepted the invite, one cannot map their username to the invite since it was via email and not via github username. This means one cannot revoke a user's access to an organization because one does not know an invited user's username (only their email).
This seems like a major gap in the REST API.
Bug Fix
The organization: member-added webhook ( documented here: https://docs.github.com/developers/webhooks-and-events/webhooks/webhook-events-and-payloads?actionType=member_added#organization ) should include the invite id that has been accepted so that callers of the invite API can tie an invite sent with the accepted member. This would allow developers to revoke organization membership programmatically that was invited via email.
Other Thoughts
Since invites via email can be accepted by a github account with a different email address, removing a user from an organization by email is not sufficient to solve this issue.
Beta Was this translation helpful? Give feedback.
All reactions