EditLink Button

Would like to first say love the new home page!

Second, I setup Next and Tina with the github backend guide for nextjs.

I have an issue where I’d either like to prevent other github accounts from being able to edit my site or put the button behind some authentication.

According to the guide I can just add an additional param authScope: “repo” and make my repository private. This should prevent open authoring but it did not work for me for some reason.

Alternatively, I have auth0 setup and could move the button to my layout component but after trying I can’t seem to move the button cause of the cms prop being incorrect when I do.

Any help will be sorely appreciated. I’ve been stuck on this a while now.

HI Chadd, we have our own auth coming up in a few weeks that will enable you to define who can edit your site.

When you say it doesn’t work, what do you mean by that? Is your repo public?

Hi there Frank,

That’s such amazing news! I can’t wait for that feature to become available.

What I mean is when I have my github repo on private and add authScope: “repo”. I can still edit the site with a different github account. Which is undesirable since I don’t want random people editing my site lol

Right now I changed my repo back from private to public since I couldn’t get it working.

And yeah its weird that I can’t move the button it feels like I have to move all of the below with it to be able to move the button:

const github = new GithubClient({
    proxy: "/api/proxy-github",
    authCallbackRoute: "/api/create-github-access-token",
    clientId: process.env.GITHUB_CLIENT_ID,
    baseRepoFullName: process.env.REPO_FULL_NAME,
    baseBranch: process.env.BASE_BRANCH,

  const mediaStore = new NextGithubMediaStore(github);

  const cms = new TinaCMS({
    enabled: pageProps.preview,
    apis: {
    media: mediaStore,
    sidebar: pageProps.preview,
    toolbar: pageProps.preview,

  const onLogin = async () => {
    const token = localStorage.getItem("tinacms-github-token") || null;
    const headers = new Headers();

    if (token) {
      headers.append("Authorization", "Bearer " + token);

    const resp = await fetch(`/api/preview`, { headers: headers });
    const data = await resp.json();

    if (resp.status == 200) window.location.href = window.location.pathname;
    else throw new Error(data.message);

  const onLogout = () => {
    return fetch(`/api/reset-preview`).then(() => {

But yeah man thanks for checking in and I’m really super excited for the auth you guys have planned.

Please register if you haven’t on Early Access | Tina

We do use Tina on a private repository with SSO enabled for our GitHub org, and our config is the same:

      proxy: "/api/proxy-github",
      authCallbackRoute: "/api/create-github-access-token",
      clientId: process.env.GITHUB_CLIENT_ID,
      baseRepoFullName: process.env.REPO_FULL_NAME,
      baseBranch: process.env.BASE_BRANCH,
      authScope: "repo",

Maybe I don’t have SSO enable. I’ll try it out again and update here.

And awesome I’ll sign up now. Can’t wait!

Awesome. Got it to work! Not sure why it works now but it works! Thanks a lot!

1 Like