Back to all posts

Feature request — auto-authorize GitHub usernames to unblock deploys

Hi Base44 team — could you add a Just-in-Time GitHub Access feature to reduce friction when deploying from Base44 to GitHub/Railway?

What we need

  • When I link my GitHub (@txxxxx) to Base44 and choose an org repo (e.g., base44dev/txxxxx-xxxx), Base44 should:

    1. Auto-add my GitHub user as Write/Maintain (outside collaborator or team) on that repo,

    2. Auto-scope the Railway GitHub App to that repo (“Only selected repositories”),

    3. Prompt/verify SAML/SSO authorization, and

    4. Show a clear status banner (linked ✓, SSO ✓, App installed ✓, repo visible in Railway ✓).

Expanded proposal (for the platform/infra team)

Problem

Developers frequently hit blockers connecting Base44 projects to org-scoped GitHub repos and Railway because adding collaborators, scoping the Railway GitHub App, and approving SAML/SSO require org-owner intervention. This creates deployment delays and support load.

Proposed solution: “Just-in-Time GitHub Access”

When a user links GitHub in Base44 and selects an org/repo:

  1. Identity link

    • User links GitHub; Base44 records verified handle (e.g., @txxxx).

  2. Auto authorization workflow

    • If user lacks repo access, Base44 (via a GitHub App with org-approved permissions) either:

      • Auto-adds the user as an outside collaborator with Write (or Maintain per policy), or

      • Adds the user to a pre-approved team with correct scope.

    • If the Railway GitHub App isn’t scoped to the repo, Base44 calls the GitHub Apps API to add the repo under “Only selected repositories.”

    • If SAML/SSO is enforced, Base44 surfaces a one-click “Authorize SSO” step and verifies completion.

  3. Status UI

    • Inline checklist with live checks: Repo access, Railway app scoped, SSO authorized, Repo visible in Railway.

    • If any step needs owner approval, Base44 triggers an approval request to org owners (email/Slack with Approve button) and updates status in real time.

  4. Security & governance

    • Least privilege: Write/Maintain only on the selected repo.

    • Time-boxed access (e.g., auto-revoke after 30 days unless renewed).

    • Audit log (who requested, who approved, timestamps, scopes).

    • Org controls: allowlist of GitHub usernames/teams, default roles, branch-protection compatibility, 2FA enforcement checks.

Please authenticate to join the conversation.

Upvoters
Status

In Review

Board
💡

Feature Request

Date

5 months ago

Author

Delivoz Inc

Subscribe to post

Get notified by email when there are changes.