Organizations now have more granular control over who can request GitHub Apps and OAuth apps. This enhancement helps you implement stricter governance policies while maintaining flexibility for your security posture. This capability is now in public preview.

What’s changed

Previously, organizations could only disable app access requests from outside collaborators. Now, you can choose from three graduated control options:

  • Members and outside collaborators: Members and outside collaborators can request apps (existing default behavior).
  • Members only: Block outside collaborators from requesting apps while permitting organization members to do so.
  • Disable app access requests: Prevent both members and outside collaborators from requesting any apps.

Three options within an organization's settings page to choose who can request GitHub or OAuth apps

To configure this change, navigate to your organization’s settings, select Member Privileges, and choose your preferred option under App access requests. This new control mechanism ensures all third-party apps go through proper approval channels and security reviews before being considered for installation.

To learn more, see “Limiting app requests”. This will be included in GHES 3.21.

How to give feedback

If you have any questions or feedback, visit the GitHub Community.