Codacy cloud uses OAuth to handle logins. We support the following providers:
- GitHub cloud
- BitBucket cloud
Depending on the provider (GitHub, Bitbucket, Google), we may request different permissions due to different OAuth implementations. We strive to request only the necessary permissions.
If you log in with GitHub, Codacy requires the following permissions/scopes:
- 'user' permissions to access GitHub user info.
- 'public_repo' permissions to set PR status on public repositories.
- 'repo' access to access private repositories.
- 'write: public_key' to add ssh keys to the repositories, so that Codacy can have access to the repository.
- 'write:repo_hook' access to add post-commit hooks.
- 'read:org': Read-only access to organization membership, organization repositories, and team membership.
- 'admin:org_hook' to access organization hooks.
If you log in with Bitbucket, Codacy requires the following permissions/scopes:
- Read and modify your account information
- Read and modify your repositories' issues
- Read your team's repository settings and read repositories contained within your team's repositories
- Read and modify your repositories and their pull requests
- Administer your repositories
- Read your team membership information
- Read and modify your repositories webhooks
If you log in with Google, Codacy requires the following permissions/scopes:
- Email permission