c9b4766254
* Add custom media type info and update subsection cross-refs * Update the permissions for GH Apps page * Add temporary JSON files Replace these with the autogenerated ones from github/github, when the associated PR over there is merged. * Change json+sarif to sarif+json * Condition media types section This new section will only become accurate in GHES 3.1 * Add temporary copies of decorated & dereferenced files * Add new endpoints to the permissions page /rest/reference/permissions-required-for-github-apps * Update temp JSON files * Update JSON files * Add github-ae: '*' * Add github-ae: '*' * Add github-ae: '*' * Update content/rest/reference/code-scanning.md * Update JSON files * Update content/github/finding-security-vulnerabilities-and-errors-in-your-code/sarif-support-for-code-scanning.md Co-authored-by: Shati Patel <42641846+shati-patel@users.noreply.github.com> * Update content/github/finding-security-vulnerabilities-and-errors-in-your-code/uploading-a-sarif-file-to-github.md Co-authored-by: Shati Patel <42641846+shati-patel@users.noreply.github.com> * Update content/rest/reference/code-scanning.md Co-authored-by: Shati Patel <42641846+shati-patel@users.noreply.github.com> * Update content/rest/reference/code-scanning.md Co-authored-by: Shati Patel <42641846+shati-patel@users.noreply.github.com> * Update content/rest/reference/permissions-required-for-github-apps.md Co-authored-by: Shati Patel <42641846+shati-patel@users.noreply.github.com> * Make review comment changes * Remove development mode JSON files * Update OpenAPI Descriptions (#17857) * Update OpenAPI Descriptions * Add decorated OpenAPI schema files * Remove development mode JSON files * Update OpenAPI JSON files (#17869) * Update OpenAPI Descriptions * Add decorated OpenAPI schema files Co-authored-by: github-openapi-bot <security+github-openapi-bot@github.com> * Remove development mode JSON files * Update OpenAPI Descriptions (#17863) * Update OpenAPI Descriptions * Add decorated OpenAPI schema files * Update content/rest/reference/permissions-required-for-github-apps.md Co-authored-by: Shati Patel <42641846+shati-patel@users.noreply.github.com> * Update content/rest/reference/permissions-required-for-github-apps.md * Update content/rest/reference/permissions-required-for-github-apps.md * Update content/rest/reference/permissions-required-for-github-apps.md * Update content/rest/reference/permissions-required-for-github-apps.md * Update content/rest/reference/code-scanning.md Co-authored-by: Shati Patel <42641846+shati-patel@users.noreply.github.com> Co-authored-by: github-openapi-bot <69533958+github-openapi-bot@users.noreply.github.com> Co-authored-by: github-openapi-bot <security+github-openapi-bot@github.com>
73 KiB
73 KiB
title, intro, redirect_from, versions
| title | intro | redirect_from | versions | |||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Permissions required for GitHub Apps | You can find the required permissions for each {% data variables.product.prodname_github_app %}-compatible endpoint. |
|
|
About {% data variables.product.prodname_github_app %} permissions
{% data variables.product.prodname_github_app %}s are created with a set of permissions. Permissions define what resources the {% data variables.product.prodname_github_app %} can access via the API. For more information, see "Setting permissions for GitHub Apps."
Metadata permissions
GitHub Apps have the Read-only metadata permission by default. The metadata permission provides access to a collection of read-only endpoints with metadata for various resources. These endpoints do not leak sensitive private repository information.
{% data reusables.apps.metadata-permissions %}
GET /GET /codes_of_conductGET /codes_of_conduct/:keyGET /emojisGET /feedsGET /licensesGET /licenses/:keyPOST /markdownPOST /markdown/rawGET /metaGET /organizationsGET /orgs/:orgGET /orgs/:org/projectsGET /orgs/:org/reposGET /rate_limitGET /repos/:owner/:repo{% if currentVersion == "free-pro-team@latest" %}GET /repos/:owner/:repo/community/profile{% endif %}GET /repos/:owner/:repo/contributorsGET /repos/:owner/:repo/forksGET /repos/:owner/:repo/languagesGET /repos/:owner/:repo/licenseGET /repos/:owner/:repo/stargazersGET /repos/:owner/:repo/stats/code_frequencyGET /repos/:owner/:repo/stats/commit_activityGET /repos/:owner/:repo/stats/contributorsGET /repos/:owner/:repo/stats/participationGET /repos/:owner/:repo/stats/punch_cardGET /repos/:owner/:repo/subscribersGET /repos/:owner/:repo/tagsGET /repos/:owner/:repo/topicsGET /repositoriesGET /user/reposGET /user/starredGET /user/subscriptionsGET /usersGET /users/:usernameGET /users/:username/followersGET /users/:username/followingGET /users/:username/following/:target_userGET /users/:username/gpg_keysGET /users/:username/orgsGET /users/:username/received_eventsGET /users/:username/received_events/publicGET /users/:username/reposGET /users/:username/subscriptions
Collaborators
Commit comments
GET /repos/:owner/:repo/commentsGET /repos/:owner/:repo/comments/:comment_idGET /repos/:owner/:repo/comments/:comment_id/reactionsGET /repos/:owner/:repo/commits/:sha/comments
Events
GET /eventsGET /networks/:owner/:repo/eventsGET /orgs/:org/eventsGET /repos/:owner/:repo/eventsGET /users/:username/eventsGET /users/:username/events/public
Git
Keys
Organization members
GET /orgs/:org/membersGET /orgs/:org/members/:usernameGET /orgs/:org/public_membersGET /orgs/:org/public_members/:username
Search
GET /search/codeGET /search/commitsGET /search/issuesGET /search/labelsGET /search/repositoriesGET /search/topicsGET /search/users
{% if currentVersion == "free-pro-team@latest" or currentVersion ver_gt "enterprise-server@2.21" %}
Permission on "actions"
GET /repos/:owner/:repo/actions/artifacts(:read)GET /repos/:owner/:repo/actions/artifacts/:artifact_id(:read)DELETE /repos/:owner/:repo/actions/artifacts/:artifact_id(:write)GET /repos/:owner/:repo/actions/artifacts/:artifact_id/zip(:read)GET /repos/:owner/:repo/actions/jobs/:job_id(:read)GET /repos/:owner/:repo/actions/jobs/:job_id/logs(:read)GET /repos/:owner/:repo/actions/runs(:read)GET /repos/:owner/:repo/actions/runs/:run_id(:read)GET /repos/:owner/:repo/actions/runs/:run_id/artifacts(:read)POST /repos/:owner/:repo/actions/runs/:run_id/cancel(:write)GET /repos/:owner/:repo/actions/runs/:run_id/jobs(:read)GET /repos/:owner/:repo/actions/runs/:run_id/logs(:read)DELETE /repos/:owner/:repo/actions/runs/:run_id/logs(:write)POST /repos/:owner/:repo/actions/runs/:run_id/rerun(:write)GET /repos/:owner/:repo/actions/workflows(:read)GET /repos/:owner/:repo/actions/workflows/:workflow_id(:read)GET /repos/:owner/:repo/actions/workflows/:workflow_id/runs(:read) {% endif %}
Permission on "administration"
POST /orgs/:org/repos(:write)PATCH /repos/:owner/:repo(:write)DELETE /repos/:owner/:repo(:write) {% if currentVersion == "free-pro-team@latest" %}GET /repos/:owner/:repo/actions/runners/downloads(:read)GET /repos/:owner/:repo/actions/runners(:read)GET /repos/:owner/:repo/actions/runners/:runner_id(:read)DELETE /repos/:owner/:repo/actions/runners/:runner_id(:write)POST /repos/:owner/:repo/actions/runners/registration-token(:write)POST /repos/:owner/:repo/actions/runners/remove-token(:write) {% endif %} {% if currentVersion == "free-pro-team@latest" %}PUT /repos/:owner/:repo/automated-security-fixes(:write) {% endif %} {% if currentVersion == "free-pro-team@latest" %}DELETE /repos/:owner/:repo/automated-security-fixes(:write) {% endif %}POST /repos/:owner/:repo/forks(:write) {% if currentVersion == "free-pro-team@latest" %}GET /repos/:owner/:repo/interaction-limits(:read) {% endif %} {% if currentVersion == "free-pro-team@latest" %}PUT /repos/:owner/:repo/interaction-limits(:write) {% endif %} {% if currentVersion == "free-pro-team@latest" %}DELETE /repos/:owner/:repo/interaction-limits(:write) {% endif %}PUT /repos/:owner/:repo/topics(:write)POST /repos/:owner/:repo/transfer(:write) {% if currentVersion == "free-pro-team@latest" %}GET /repos/:owner/:repo/vulnerability-alerts(:write) {% endif %} {% if currentVersion == "free-pro-team@latest" %}PUT /repos/:owner/:repo/vulnerability-alerts(:write) {% endif %} {% if currentVersion == "free-pro-team@latest" %}DELETE /repos/:owner/:repo/vulnerability-alerts(:write) {% endif %}PATCH /user/repository_invitations/:invitation_id(:write)DELETE /user/repository_invitations/:invitation_id(:write)
Branches
GET /repos/:owner/:repo/branches/:branch/protection(:read)PUT /repos/:owner/:repo/branches/:branch/protection(:write)DELETE /repos/:owner/:repo/branches/:branch/protection(:write)GET /repos/:owner/:repo/branches/:branch/protection/enforce_admins(:read)POST /repos/:owner/:repo/branches/:branch/protection/enforce_admins(:write)DELETE /repos/:owner/:repo/branches/:branch/protection/enforce_admins(:write)GET /repos/:owner/:repo/branches/:branch/protection/required_pull_request_reviews(:read)PATCH /repos/:owner/:repo/branches/:branch/protection/required_pull_request_reviews(:write)DELETE /repos/:owner/:repo/branches/:branch/protection/required_pull_request_reviews(:write)GET /repos/:owner/:repo/branches/:branch/protection/required_signatures(:read)POST /repos/:owner/:repo/branches/:branch/protection/required_signatures(:write)DELETE /repos/:owner/:repo/branches/:branch/protection/required_signatures(:write)GET /repos/:owner/:repo/branches/:branch/protection/required_status_checks(:read)PATCH /repos/:owner/:repo/branches/:branch/protection/required_status_checks(:write)DELETE /repos/:owner/:repo/branches/:branch/protection/required_status_checks(:write)GET /repos/:owner/:repo/branches/:branch/protection/required_status_checks/contexts(:read)POST /repos/:owner/:repo/branches/:branch/protection/required_status_checks/contexts(:write)PUT /repos/:owner/:repo/branches/:branch/protection/required_status_checks/contexts(:write)DELETE /repos/:owner/:repo/branches/:branch/protection/required_status_checks/contexts(:write)GET /repos/:owner/:repo/branches/:branch/protection/restrictions(:read)DELETE /repos/:owner/:repo/branches/:branch/protection/restrictions(:write)GET /repos/:owner/:repo/branches/:branch/protection/restrictions/teams(:read)POST /repos/:owner/:repo/branches/:branch/protection/restrictions/teams(:write)PUT /repos/:owner/:repo/branches/:branch/protection/restrictions/teams(:write)DELETE /repos/:owner/:repo/branches/:branch/protection/restrictions/teams(:write)GET /repos/:owner/:repo/branches/:branch/protection/restrictions/users(:read)POST /repos/:owner/:repo/branches/:branch/protection/restrictions/users(:write)PUT /repos/:owner/:repo/branches/:branch/protection/restrictions/users(:write)DELETE /repos/:owner/:repo/branches/:branch/protection/restrictions/users(:write) {% if currentVersion == "free-pro-team@latest" or currentVersion ver_gt "enterprise-server@3.0" or currentVersion == "github-ae@latest" %}POST /repos/:owner/:repo/branches/:branch/rename(:write) {% endif %}
Collaborators
PUT /repos/:owner/:repo/collaborators/:username(:write)DELETE /repos/:owner/:repo/collaborators/:username(:write)
Invitations
GET /repos/:owner/:repo/invitations(:read)PATCH /repos/:owner/:repo/invitations/:invitation_id(:write)DELETE /repos/:owner/:repo/invitations/:invitation_id(:write)
Keys
GET /repos/:owner/:repo/keys(:read)POST /repos/:owner/:repo/keys(:write)GET /repos/:owner/:repo/keys/:key_id(:read)DELETE /repos/:owner/:repo/keys/:key_id(:write)
Teams
GET /repos/:owner/:repo/teams(:read)PUT /teams/:team_id/repos/:owner/:repo(:write)DELETE /teams/:team_id/repos/:owner/:repo(:write)
{% if currentVersion == "free-pro-team@latest" %} Traffic
GET /repos/:owner/:repo/traffic/clones(:read)GET /repos/:owner/:repo/traffic/popular/paths(:read)GET /repos/:owner/:repo/traffic/popular/referrers(:read)GET /repos/:owner/:repo/traffic/views(:read) {% endif %}
{% if currentVersion == "free-pro-team@latest" %}
Permission on "blocking"
GET /user/blocks(:read)GET /user/blocks/:username(:read)PUT /user/blocks/:username(:write)DELETE /user/blocks/:username(:write) {% endif %}
Permission on "checks"
POST /repos/:owner/:repo/check-runs(:write)GET /repos/:owner/:repo/check-runs/:check_run_id(:read)PATCH /repos/:owner/:repo/check-runs/:check_run_id(:write)GET /repos/:owner/:repo/check-runs/:check_run_id/annotations(:read)POST /repos/:owner/:repo/check-suites(:write)GET /repos/:owner/:repo/check-suites/:check_suite_id(:read)GET /repos/:owner/:repo/check-suites/:check_suite_id/check-runs(:read)POST /repos/:owner/:repo/check-suites/:check_suite_id/rerequest(:write)PATCH /repos/:owner/:repo/check-suites/preferences(:write)GET /repos/:owner/:repo/commits/:sha/check-runs(:read)GET /repos/:owner/:repo/commits/:sha/check-suites(:read)
Permission on "contents"
GET /repos/:owner/:repo/:archive_format/:ref(:read) {% if currentVersion == "free-pro-team@latest" %}GET /repos/:owner/:repo/actions/artifacts/:artifact_id(:read) {% endif %} {% if currentVersion == "free-pro-team@latest" %}DELETE /repos/:owner/:repo/actions/artifacts/:artifact_id(:write) {% endif %} {% if currentVersion == "free-pro-team@latest" %}GET /repos/:owner/:repo/actions/artifacts/:artifact_id/zip(:read) {% endif %} {% if currentVersion == "free-pro-team@latest" %}GET /repos/:owner/:repo/actions/jobs/:job_id(:read) {% endif %} {% if currentVersion == "free-pro-team@latest" %}GET /repos/:owner/:repo/actions/jobs/:job_id/logs(:read) {% endif %} {% if currentVersion == "free-pro-team@latest" %}GET /repos/:owner/:repo/actions/runs(:read) {% endif %} {% if currentVersion == "free-pro-team@latest" %}GET /repos/:owner/:repo/actions/runs/:run_id(:read) {% endif %} {% if currentVersion == "free-pro-team@latest" %}GET /repos/:owner/:repo/actions/runs/:run_id/artifacts(:read) {% endif %} {% if currentVersion == "free-pro-team@latest" %}POST /repos/:owner/:repo/actions/runs/:run_id/cancel(:write) {% endif %} {% if currentVersion == "free-pro-team@latest" %}GET /repos/:owner/:repo/actions/runs/:run_id/jobs(:read) {% endif %} {% if currentVersion == "free-pro-team@latest" %}GET /repos/:owner/:repo/actions/runs/:run_id/logs(:read) {% endif %} {% if currentVersion == "free-pro-team@latest" %}DELETE /repos/:owner/:repo/actions/runs/:run_id/logs(:write) {% endif %} {% if currentVersion == "free-pro-team@latest" %}POST /repos/:owner/:repo/actions/runs/:run_id/rerun(:write) {% endif %} {% if currentVersion == "free-pro-team@latest" %}GET /repos/:owner/:repo/actions/secrets(:write) {% endif %} {% if currentVersion == "free-pro-team@latest" %}GET /repos/:owner/:repo/actions/secrets/:name(:write) {% endif %} {% if currentVersion == "free-pro-team@latest" %}PUT /repos/:owner/:repo/actions/secrets/:name(:write) {% endif %} {% if currentVersion == "free-pro-team@latest" %}DELETE /repos/:owner/:repo/actions/secrets/:name(:write) {% endif %} {% if currentVersion == "free-pro-team@latest" %}GET /repos/:owner/:repo/actions/secrets/public-key(:write) {% endif %} {% if currentVersion == "free-pro-team@latest" %}GET /repos/:owner/:repo/actions/workflows(:read) {% endif %} {% if currentVersion == "free-pro-team@latest" %}GET /repos/:owner/:repo/actions/workflows/:workflow_id(:read) {% endif %} {% if currentVersion == "free-pro-team@latest" %}GET /repos/:owner/:repo/actions/workflows/:workflow_id/runs(:read) {% endif %}GET /repos/:owner/:repo/check-runs/:check_run_id(:read)GET /repos/:owner/:repo/check-runs/:check_run_id/annotations(:read)GET /repos/:owner/:repo/check-suites/:check_suite_id(:read)GET /repos/:owner/:repo/check-suites/:check_suite_id/check-runs(:read)POST /repos/:owner/:repo/check-suites/:check_suite_id/rerequest(:write)GET /repos/:owner/:repo/commits(:read)GET /repos/:owner/:repo/commits/:sha(:read)GET /repos/:owner/:repo/commits/:sha/check-runs(:read)GET /repos/:owner/:repo/commits/:sha/check-suites(:read)GET /repos/:owner/:repo/community/code_of_conduct(:read)GET /repos/:owner/:repo/compare/:base...:head(:read)GET /repos/:owner/:repo/contents/:path(:read) {% if currentVersion == "free-pro-team@latest" or currentVersion ver_gt "enterprise-server@2.20" or currentVersion == "github-ae@latest" %}POST /repos/:owner/:repo/dispatches(:write) {% endif %}POST /repos/:owner/:repo/forks(:read)POST /repos/:owner/:repo/merges(:write)PUT /repos/:owner/:repo/pulls/:pull_number/merge(:write)GET /repos/:owner/:repo/readme(?:/(.*))?(:read)
Branches
GET /repos/:owner/:repo/branches(:read)GET /repos/:owner/:repo/branches/:branch(:read)GET /repos/:owner/:repo/branches/:branch/protection/restrictions/apps(:write)POST /repos/:owner/:repo/branches/:branch/protection/restrictions/apps(:write)PUT /repos/:owner/:repo/branches/:branch/protection/restrictions/apps(:write)DELETE /repos/:owner/:repo/branches/:branch/protection/restrictions/apps(:write) {% if currentVersion == "free-pro-team@latest" or currentVersion ver_gt "enterprise-server@3.0" or currentVersion == "github-ae@latest" %}POST /repos/:owner/:repo/branches/:branch/rename(:write) {% endif %}
Commit comments
PATCH /repos/:owner/:repo/comments/:comment_id(:write)DELETE /repos/:owner/:repo/comments/:comment_id(:write)POST /repos/:owner/:repo/comments/:comment_id/reactions(:read)POST /repos/:owner/:repo/commits/:sha/comments(:read)
Git
POST /repos/:owner/:repo/git/blobs(:write)GET /repos/:owner/:repo/git/blobs/:sha(:read)POST /repos/:owner/:repo/git/commits(:write)GET /repos/:owner/:repo/git/commits/:commit_id(:read)POST /repos/:owner/:repo/git/refs(:write)GET /repos/:owner/:repo/git/ref/:ref(:read)GET /repos/:owner/:repo/git/matching-refs/:ref(:read)PATCH /repos/:owner/:repo/git/refs/:ref(:write)DELETE /repos/:owner/:repo/git/refs/:ref(:write)POST /repos/:owner/:repo/git/tags(:write)GET /repos/:owner/:repo/git/tags/:tag_id(:read)POST /repos/:owner/:repo/git/trees(:write)GET /repos/:owner/:repo/git/trees/:sha(:read)
{% if currentVersion == "free-pro-team@latest" %} Import
GET /repos/:owner/:repo/import(:read)PUT /repos/:owner/:repo/import(:write)PATCH /repos/:owner/:repo/import(:write)DELETE /repos/:owner/:repo/import(:write)GET /repos/:owner/:repo/import/authors(:read)PATCH /repos/:owner/:repo/import/authors/:author_id(:write)GET /repos/:owner/:repo/import/large_files(:read)PATCH /repos/:owner/:repo/import/lfs(:write) {% endif %}
Reactions
{% if currentVersion == "free-pro-team@latest" or currentVersion ver_gt "enterprise-server@2.20" or currentVersion == "github-ae@latest" %}
DELETE /reactions/:reaction_id(:write){% else %}-DELETE /reactions/:reaction_id(:write){% endif %}{% if currentVersion == "free-pro-team@latest" or currentVersion ver_gt "enterprise-server@2.20" or currentVersion == "github-ae@latest" %}DELETE /repos/:owner/:repo/comments/:comment_id/reactions/:reaction_id(:write)DELETE /repos/:owner/:repo/issues/:issue_number/reactions/:reaction_id(:write)DELETE /repos/:owner/:repo/issues/comments/:comment_id/reactions/:reaction_id(:write)DELETE /repos/:owner/:repo/pulls/comments/:comment_id/reactions/:reaction_id(:write)DELETE /orgs/:org/teams/:team_slug/discussions/:discussion_number/reactions/:reaction_id(:write)DELETE /orgs/:org/teams/:team_slug/discussions/:discussion_number/comments/:comment_number/reactions/:reaction_id(:write){% endif %}
Releases
GET /repos/:owner/:repo/releases(:read)POST /repos/:owner/:repo/releases(:write)GET /repos/:owner/:repo/releases/:release_id(:read)PATCH /repos/:owner/:repo/releases/:release_id(:write)DELETE /repos/:owner/:repo/releases/:release_id(:write)GET /repos/:owner/:repo/releases/:release_id/assets(:read)GET /repos/:owner/:repo/releases/assets/:asset_id(:read)PATCH /repos/:owner/:repo/releases/assets/:asset_id(:write)DELETE /repos/:owner/:repo/releases/assets/:asset_id(:write)GET /repos/:owner/:repo/releases/latest(:read)GET /repos/:owner/:repo/releases/tags/:tag(:read)
Permission on "deployments"
GET /repos/:owner/:repo/deployments(:read)POST /repos/:owner/:repo/deployments(:write)GET /repos/:owner/:repo/deployments/:deployment_id(:read){% if currentVersion == "free-pro-team@latest" or currentVersion ver_gt "enterprise-server@2.20" or currentVersion == "github-ae@latest" %}DELETE /repos/:owner/:repo/deployments/:deployment_id(:write){% endif %}GET /repos/:owner/:repo/deployments/:deployment_id/statuses(:read)POST /repos/:owner/:repo/deployments/:deployment_id/statuses(:write)GET /repos/:owner/:repo/deployments/:deployment_id/statuses/:status_id(:read)
{% if currentVersion == "free-pro-team@latest" or enterpriseServerVersions contains currentVersion %}
Permission on "emails"
{% if currentVersion == "free-pro-team@latest" %}
PATCH /user/email/visibility(:write) {% endif %}GET /user/emails(:read)POST /user/emails(:write)DELETE /user/emails(:write)GET /user/public_emails(:read) {% endif %}
Permission on "followers"
GET /user/followers(:read)GET /user/following(:read)GET /user/following/:username(:read)PUT /user/following/:username(:write)DELETE /user/following/:username(:write)
Permission on "gpg keys"
GET /user/gpg_keys(:read)POST /user/gpg_keys(:write)GET /user/gpg_keys/:gpg_key_id(:read)DELETE /user/gpg_keys/:gpg_key_id(:write)
Permission on "issues"
Issues and pull requests are closely related. For more information, see "List issues assigned to the authenticated user." If your GitHub App has permissions on issues but not on pull requests, these endpoints will be limited to issues. Endpoints that return both issues and pull requests will be filtered. Endpoints that allow operations on both issues and pull requests will be restricted to issues.
GET /repos/:owner/:repo/issues(:read)POST /repos/:owner/:repo/issues(:write)GET /repos/:owner/:repo/issues/:issue_number(:read)PATCH /repos/:owner/:repo/issues/:issue_number(:write)GET /repos/:owner/:repo/issues/:issue_number/comments(:read)POST /repos/:owner/:repo/issues/:issue_number/comments(:write)PUT /repos/:owner/:repo/issues/:issue_number/lock(:write)DELETE /repos/:owner/:repo/issues/:issue_number/lock(:write)GET /repos/:owner/:repo/issues/:issue_number/reactions(:read)POST /repos/:owner/:repo/issues/:issue_number/reactions(:write)GET /repos/:owner/:repo/issues/:issue_number/timeline(:read)GET /repos/:owner/:repo/issues/comments(:read)GET /repos/:owner/:repo/issues/comments/:comment_id(:read)PATCH /repos/:owner/:repo/issues/comments/:comment_id(:write)DELETE /repos/:owner/:repo/issues/comments/:comment_id(:write)GET /repos/:owner/:repo/issues/comments/:comment_id/reactions(:read)POST /repos/:owner/:repo/issues/comments/:comment_id/reactions(:write)
Assignees
GET /repos/:owner/:repo/assignees(:read)GET /repos/:owner/:repo/assignees/:username(:read)POST /repos/:owner/:repo/issues/:issue_number/assignees(:write)DELETE /repos/:owner/:repo/issues/:issue_number/assignees(:write)
Events
GET /repos/:owner/:repo/issues/:issue_number/events(:read)GET /repos/:owner/:repo/issues/events/:event_id(:read)
Labels
GET /repos/:owner/:repo/issues/:issue_number/labels(:read)POST /repos/:owner/:repo/issues/:issue_number/labels(:write)PUT /repos/:owner/:repo/issues/:issue_number/labels(:write)DELETE /repos/:owner/:repo/issues/:issue_number/labels(:write)DELETE /repos/:owner/:repo/issues/:issue_number/labels/:name(:write)GET /repos/:owner/:repo/labels(:read)POST /repos/:owner/:repo/labels(:write)GET /repos/:owner/:repo/labels/:name(:read)PATCH /repos/:owner/:repo/labels/:name(:write)DELETE /repos/:owner/:repo/labels/:name(:write)
Milestones
GET /repos/:owner/:repo/milestones(:read)POST /repos/:owner/:repo/milestones(:write)GET /repos/:owner/:repo/milestones/:milestone_number(:read)PATCH /repos/:owner/:repo/milestones/:milestone_number(:write)DELETE /repos/:owner/:repo/milestones/:milestone_number(:write)GET /repos/:owner/:repo/milestones/:milestone_number/labels(:read)
Reactions
GET /repos/:owner/:repo/issues/comments/:comment_id/reactions(:read)POST /repos/:owner/:repo/issues/comments/:comment_id/reactions(:write)GET /repos/:owner/:repo/issues/:issue_number/reactions(:read)POST /repos/:owner/:repo/issues/:issue_number/reactions(:write) {% if currentVersion == "free-pro-team@latest" or currentVersion ver_gt "enterprise-server@2.20" or currentVersion == "github-ae@latest" %}DELETE /reactions/:reaction_id(:write)DELETE /repos/:owner/:repo/comments/:comment_id/reactions/:reaction_id(:write)DELETE /repos/:owner/:repo/issues/:issue_number/reactions/:reaction_id(:write)DELETE /repos/:owner/:repo/issues/comments/:comment_id/reactions/:reaction_id(:write)DELETE /repos/:owner/:repo/pulls/comments/:comment_id/reactions/:reaction_id(:write)DELETE /orgs/:org/teams/:team_slug/discussions/:discussion_number/reactions/:reaction_id(:write)DELETE /orgs/:org/teams/:team_slug/discussions/:discussion_number/comments/:comment_number/reactions/:reaction_id(:write){% else %}DELETE /reactions/:reaction_id(:write){% endif %}
Permission on "keys"
Keys
GET /user/keys(:read)POST /user/keys(:write)GET /user/keys/:key_id(:read)DELETE /user/keys/:key_id(:write)
Permission on "members"
{% if currentVersion == "free-pro-team@latest" %}
GET /organizations/:org_id/team/:team_id/team-sync/group-mappings(:write) {% endif %} {% if currentVersion == "free-pro-team@latest" %}PATCH /organizations/:org_id/team/:team_id/team-sync/group-mappings(:write) {% endif %}GET /orgs/:org/outside_collaborators(:read)PUT /orgs/:org/outside_collaborators/:username(:write)DELETE /orgs/:org/outside_collaborators/:username(:write) {% if currentVersion == "free-pro-team@latest" %}GET /orgs/:org/team-sync/groups(:write) {% endif %}GET /orgs/:org/team/:team_id(:read) {% if currentVersion == "free-pro-team@latest" %}GET /scim/v2/orgs/:org/Users(:read) {% endif %} {% if currentVersion == "free-pro-team@latest" %}POST /scim/v2/orgs/:org/Users(:write) {% endif %} {% if currentVersion == "free-pro-team@latest" %}GET /scim/v2/orgs/:org/Users/:external_identity_guid(:read) {% endif %} {% if currentVersion == "free-pro-team@latest" %}PUT /scim/v2/orgs/:org/Users/:external_identity_guid(:write) {% endif %} {% if currentVersion == "free-pro-team@latest" %}PATCH /scim/v2/orgs/:org/Users/:external_identity_guid(:write) {% endif %} {% if currentVersion == "free-pro-team@latest" %}DELETE /scim/v2/orgs/:org/Users/:external_identity_guid(:write) {% endif %}
{% if currentVersion == "free-pro-team@latest" %} Invitations
GET /orgs/:org/invitations(:read)POST /orgs/:org/invitations(:write)GET /orgs/:org/invitations/:invitation_id/teams(:read)GET /teams/:team_id/invitations(:read) {% endif %}
Organization members
DELETE /orgs/:org/members/:username(:write)GET /orgs/:org/memberships/:username(:read)PUT /orgs/:org/memberships/:username(:write)DELETE /orgs/:org/memberships/:username(:write)PUT /orgs/:org/public_members/:username(:write)DELETE /orgs/:org/public_members/:username(:write)GET /user/memberships/orgs(:read)GET /user/memberships/orgs/:org(:read)PATCH /user/memberships/orgs/:org(:write)
Team members
GET /teams/:team_id/members(:read)GET /teams/:team_id/memberships/:username(:read)PUT /teams/:team_id/memberships/:username(:write)DELETE /teams/:team_id/memberships/:username(:write)
Teams
GET /orgs/:org/teams(:read)POST /orgs/:org/teams(:write)GET /orgs/:org/teams/:team_slug(:read) {% if enterpriseServerVersions contains currentVersion and currentVersion ver_lt "enterprise-server@2.21" %}GET /teams/:team_id(:read) {% endif %}PATCH /teams/:team_id(:write)DELETE /teams/:team_id(:write) {% if currentVersion == "free-pro-team@latest" or currentVersion ver_gt "enterprise-server@2.20" or currentVersion == "github-ae@latest" %}GET /teams/:team_id/projects(:read)GET /teams/:team_id/projects/:project_id(:read)PUT /teams/:team_id/projects/:project_id(:read)DELETE /teams/:team_id/projects/:project_id(:read) {% endif %}GET /teams/:team_id/repos(:read)GET /teams/:team_id/repos/:owner/:repo(:read)PUT /teams/:team_id/repos/:owner/:repo(:read)DELETE /teams/:team_id/repos/:owner/:repo(:write)GET /teams/:team_id/teams(:read)
Permission on "organization administration"
PATCH /orgs/:org(:write) {% if currentVersion == "free-pro-team@latest" %}GET /orgs/:org/interaction-limits(:read) {% endif %} {% if currentVersion == "free-pro-team@latest" %}PUT /orgs/:org/interaction-limits(:write) {% endif %} {% if currentVersion == "free-pro-team@latest" %}DELETE /orgs/:org/interaction-limits(:write) {% endif %}
Permission on "organization hooks"
GET /orgs/:org/hooks(:read)POST /orgs/:org/hooks(:write)GET /orgs/:org/hooks/:hook_id(:read)PATCH /orgs/:org/hooks/:hook_id(:write)DELETE /orgs/:org/hooks/:hook_id(:write)POST /orgs/:org/hooks/:hook_id/pings(:write)
Teams
{% if enterpriseServerVersions contains currentVersion %}
Permission on "organization pre receive hooks"
GET /orgs/:org/pre-receive-hooks(:read)GET /orgs/:org/pre-receive-hooks/:pre_receive_hook_id(:read)PATCH /orgs/:org/pre-receive-hooks/:pre_receive_hook_id(:write)DELETE /orgs/:org/pre-receive-hooks/:pre_receive_hook_id(:write) {% endif %}
Permission on "organization projects"
POST /orgs/:org/projects(:write)GET /projects/:project_id(:read)PATCH /projects/:project_id(:write)DELETE /projects/:project_id(:write)POST /projects/:project_id/cards(:write)GET /projects/:project_id/columns(:read)POST /projects/:project_id/columns(:write)GET /projects/columns/:column_id(:read)PATCH /projects/columns/:column_id(:write)DELETE /projects/columns/:column_id(:write)GET /projects/columns/:column_id/cards(:read)POST /projects/columns/:column_id/cards(:write)POST /projects/columns/:column_id/moves(:write)GET /projects/columns/cards/:card_id(:read)PATCH /projects/columns/cards/:card_id(:write)DELETE /projects/columns/cards/:card_id(:write)POST /projects/columns/cards/:card_id/moves(:write)
{% if currentVersion == "free-pro-team@latest" %}
Permission on "organization user blocking"
GET /orgs/:org/blocks(:read)GET /orgs/:org/blocks/:username(:read)PUT /orgs/:org/blocks/:username(:write)DELETE /orgs/:org/blocks/:username(:write) {% endif %}
Permission on "pages"
GET /repos/:owner/:repo/pages(:read)POST /repos/:owner/:repo/pages(:write)PUT /repos/:owner/:repo/pages(:write)DELETE /repos/:owner/:repo/pages(:write)GET /repos/:owner/:repo/pages/builds(:read)POST /repos/:owner/:repo/pages/builds(:write)GET /repos/:owner/:repo/pages/builds/:build_id(:read)GET /repos/:owner/:repo/pages/builds/latest(:read)
Permission on "pull requests"
Pull requests and issues are closely related.. If your GitHub App has permissions on pull requests but not on issues, these endpoints will be limited to pull requests. Endpoints that return both pull requests and issues will be filtered. Endpoints that allow operations on both pull requests and issues will be restricted to pull requests.
PATCH /repos/:owner/:repo/issues/:issue_number(:write)GET /repos/:owner/:repo/issues/:issue_number/comments(:read)POST /repos/:owner/:repo/issues/:issue_number/comments(:write)PUT /repos/:owner/:repo/issues/:issue_number/lock(:write)DELETE /repos/:owner/:repo/issues/:issue_number/lock(:write)GET /repos/:owner/:repo/issues/:issue_number/timeline(:read)GET /repos/:owner/:repo/issues/comments(:read)GET /repos/:owner/:repo/issues/comments/:comment_id(:read)PATCH /repos/:owner/:repo/issues/comments/:comment_id(:write)DELETE /repos/:owner/:repo/issues/comments/:comment_id(:write)GET /repos/:owner/:repo/pulls(:read)POST /repos/:owner/:repo/pulls(:write)GET /repos/:owner/:repo/pulls/:pull_number(:read)PATCH /repos/:owner/:repo/pulls/:pull_number(:write)GET /repos/:owner/:repo/pulls/:pull_number/comments(:read)POST /repos/:owner/:repo/pulls/:pull_number/comments(:write)GET /repos/:owner/:repo/pulls/:pull_number/commits(:read)GET /repos/:owner/:repo/pulls/:pull_number/files(:read)GET /repos/:owner/:repo/pulls/:pull_number/merge(:read)GET /repos/:owner/:repo/pulls/comments(:read)GET /repos/:owner/:repo/pulls/comments/:comment_id(:read)PATCH /repos/:owner/:repo/pulls/comments/:comment_id(:write)DELETE /repos/:owner/:repo/pulls/comments/:comment_id(:write)
Assignees
GET /repos/:owner/:repo/assignees(:read)GET /repos/:owner/:repo/assignees/:username(:read)POST /repos/:owner/:repo/issues/:issue_number/assignees(:write)DELETE /repos/:owner/:repo/issues/:issue_number/assignees(:write)
Events
GET /repos/:owner/:repo/issues/:issue_number/events(:read)GET /repos/:owner/:repo/issues/events/:event_id(:read)POST /repos/:owner/:repo/pulls/:pull_number/reviews/:review_id/events(:write)
Labels
GET /repos/:owner/:repo/issues/:issue_number/labels(:read)POST /repos/:owner/:repo/issues/:issue_number/labels(:write)PUT /repos/:owner/:repo/issues/:issue_number/labels(:write)DELETE /repos/:owner/:repo/issues/:issue_number/labels(:write)DELETE /repos/:owner/:repo/issues/:issue_number/labels/:name(:write)GET /repos/:owner/:repo/labels(:read)POST /repos/:owner/:repo/labels(:write)GET /repos/:owner/:repo/labels/:name(:read)PATCH /repos/:owner/:repo/labels/:name(:write)DELETE /repos/:owner/:repo/labels/:name(:write)
Milestones
GET /repos/:owner/:repo/milestones(:read)POST /repos/:owner/:repo/milestones(:write)GET /repos/:owner/:repo/milestones/:milestone_number(:read)PATCH /repos/:owner/:repo/milestones/:milestone_number(:write)DELETE /repos/:owner/:repo/milestones/:milestone_number(:write)GET /repos/:owner/:repo/milestones/:milestone_number/labels(:read)
Reactions
POST /repos/:owner/:repo/issues/:issue_number/reactions(:write)GET /repos/:owner/:repo/issues/comments/:comment_id/reactions(:read)POST /repos/:owner/:repo/issues/comments/:comment_id/reactions(:write)GET /repos/:owner/:repo/pulls/comments/:comment_id/reactions(:read)POST /repos/:owner/:repo/pulls/comments/:comment_id/reactions(:write) {% if currentVersion == "free-pro-team@latest" or currentVersion ver_gt "enterprise-server@2.20" or currentVersion == "github-ae@latest" %}DELETE /reactions/:reaction_id(:write)DELETE /repos/:owner/:repo/comments/:comment_id/reactions/:reaction_id(:write)DELETE /repos/:owner/:repo/issues/:issue_number/reactions/:reaction_id(:write)DELETE /repos/:owner/:repo/issues/comments/:comment_id/reactions/:reaction_id(:write)DELETE /repos/:owner/:repo/pulls/comments/:comment_id/reactions/:reaction_id(:write)DELETE /orgs/:org/teams/:team_slug/discussions/:discussion_number/reactions/:reaction_id(:write)DELETE /orgs/:org/teams/:team_slug/discussions/:discussion_number/comments/:comment_number/reactions/:reaction_id(:write){% else %}-DELETE /reactions/:reaction_id(:write){% endif %}
Requested reviewers
GET /repos/:owner/:repo/pulls/:pull_number/requested_reviewers(:read)POST /repos/:owner/:repo/pulls/:pull_number/requested_reviewers(:write)DELETE /repos/:owner/:repo/pulls/:pull_number/requested_reviewers(:write)
Reviews
GET /repos/:owner/:repo/pulls/:pull_number/reviews(:read)POST /repos/:owner/:repo/pulls/:pull_number/reviews(:write)GET /repos/:owner/:repo/pulls/:pull_number/reviews/:review_id(:read)PUT /repos/:owner/:repo/pulls/:pull_number/reviews/:review_id(:write)DELETE /repos/:owner/:repo/pulls/:pull_number/reviews/:review_id(:write)GET /repos/:owner/:repo/pulls/:pull_number/reviews/:review_id/comments(:read)PUT /repos/:owner/:repo/pulls/:pull_number/reviews/:review_id/dismissals(:write)
Permission on "repository hooks"
GET /repos/:owner/:repo/hooks(:read)POST /repos/:owner/:repo/hooks(:write)GET /repos/:owner/:repo/hooks/:hook_id(:read)PATCH /repos/:owner/:repo/hooks/:hook_id(:write)DELETE /repos/:owner/:repo/hooks/:hook_id(:write)POST /repos/:owner/:repo/hooks/:hook_id/pings(:read)POST /repos/:owner/:repo/hooks/:hook_id/tests(:read)
{% if enterpriseServerVersions contains currentVersion %}
Permission on "repository pre receive hooks"
GET /repos/:owner/:repo/pre-receive-hooks(:read)GET /repos/:owner/:repo/pre-receive-hooks/:pre_receive_hook_id(:read)PATCH /repos/:owner/:repo/pre-receive-hooks/:pre_receive_hook_id(:write)DELETE /repos/:owner/:repo/pre-receive-hooks/:pre_receive_hook_id(:write) {% endif %}
Permission on "repository projects"
GET /projects/:project_id(:read)PATCH /projects/:project_id(:write)DELETE /projects/:project_id(:write)POST /projects/:project_id/cards(:write)GET /projects/:project_id/columns(:read)POST /projects/:project_id/columns(:write)GET /projects/columns/:column_id(:read)PATCH /projects/columns/:column_id(:write)DELETE /projects/columns/:column_id(:write)GET /projects/columns/:column_id/cards(:read)POST /projects/columns/:column_id/cards(:write)POST /projects/columns/:column_id/moves(:write)GET /projects/columns/cards/:card_id(:read)PATCH /projects/columns/cards/:card_id(:write)DELETE /projects/columns/cards/:card_id(:write)POST /projects/columns/cards/:card_id/moves(:write)GET /repos/:owner/:repo/projects(:read)POST /repos/:owner/:repo/projects(:write)
Teams
{% if currentVersion == "free-pro-team@latest" %}
Permission on "secrets"
GET /repos/:owner/:repo/actions/secrets/public-key(:read)GET /repos/:owner/:repo/actions/secrets(:read)GET /repos/:owner/:repo/actions/secrets/:secret_name(:read)PUT /repos/:owner/:repo/actions/secrets/:secret_name(:write)DELETE /repos/:owner/:repo/actions/secrets/:secret_name(:write)GET /orgs/:org/actions/secrets/public-key(:read)GET /orgs/:org/actions/secrets(:read)GET /orgs/:org/actions/secrets/:secret_name(:read)PUT /orgs/:org/actions/secrets/:secret_name(:write)GET /orgs/:org/actions/secrets/:secret_name/repositories(:read)PUT /orgs/:org/actions/secrets/:secret_name/repositories(:write)PUT /orgs/:org/actions/secrets/:secret_name/repositories/:repository_id(:write)DELETE /orgs/:org/actions/secrets/:secret_name/repositories/:repository_id(:write)DELETE /orgs/:org/actions/secrets/:secret_name(:write) {% endif %}
{% if currentVersion == "free-pro-team@latest" or currentVersion ver_gt "enterprise-server@3.0" %}
Permission on "secret scanning alerts"
-
GET /repos/:owner/:repo/secret-scanning/alerts/:alert_number(:read) -
PATCH /repos/:owner/:repo/secret-scanning/alerts/:alert_number(:write) {% endif %}
{% if currentVersion == "free-pro-team@latest" or currentVersion ver_gt "enterprise-server@2.21" %}
Permission on "security events"
GET /repos/:owner/:repo/code-scanning/alerts(:read)GET /repos/:owner/:repo/code-scanning/alerts/:alert_number(:read)PATCH /repos/:owner/:repo/code-scanning/alerts/:alert_number(:write) {% endif %} {% if currentVersion == "free-pro-team@latest" or currentVersion ver_gt "enterprise-server@3.0" %}GET /repos/:owner/:repo/code-scanning/alerts/:alert_number/instances(:read) {% endif %} {% if currentVersion == "free-pro-team@latest" or currentVersion ver_gt "enterprise-server@2.21" %}GET /repos/:owner/:repo/code-scanning/analyses(:read) {% endif %} {% if currentVersion == "free-pro-team@latest" or currentVersion ver_gt "enterprise-server@3.0" %}GET /repos/:owner/:repo/code-scanning/analyses/:analysis_id(:read) {% endif %} {% if currentVersion == "free-pro-team@latest" or currentVersion ver_gt "enterprise-server@3.0" %}DELETE /repos/:owner/:repo/code-scanning/analyses/:analysis_id(:write) {% endif %} {% if currentVersion == "free-pro-team@latest" or currentVersion ver_gt "enterprise-server@2.21" %}POST /repos/:owner/:repo/code-scanning/sarifs(:write) {% endif %} {% if currentVersion == "free-pro-team@latest" or currentVersion ver_gt "enterprise-server@3.0" %}GET /repos/:owner/:repo/code-scanning/sarifs/:sarif_id(:read) {% endif %}
{% if currentVersion == "free-pro-team@latest" %}
Permission on "self-hosted runners"
GET /orgs/:org/actions/runners/downloads(:read)POST /orgs/:org/actions/runners/registration-token(:write)GET /orgs/:org/actions/runners(:read)GET /orgs/:org/actions/runners/:runner_id(:read)POST /orgs/:org/actions/runners/remove-token(:write)DELETE /orgs/:org/actions/runners/:runner_id(:write) {% endif %}
Permission on "single file"
GET /repos/:owner/:repo/contents/:path(:read)PUT /repos/:owner/:repo/contents/:path(:write)DELETE /repos/:owner/:repo/contents/:path(:write)
Permission on "starring"
GET /user/starred/:owner/:repo(:read)PUT /user/starred/:owner/:repo(:write)DELETE /user/starred/:owner/:repo(:write)
Permission on "statuses"
GET /repos/:owner/:repo/commits/:ref/status(:read)GET /repos/:owner/:repo/commits/:ref/statuses(:read)POST /repos/:owner/:repo/statuses/:sha(:write)
Permission on "team discussions"
GET /teams/:team_id/discussions(:read)POST /teams/:team_id/discussions(:write)GET /teams/:team_id/discussions/:discussion_number(:read)PATCH /teams/:team_id/discussions/:discussion_number(:write)DELETE /teams/:team_id/discussions/:discussion_number(:write)GET /teams/:team_id/discussions/:discussion_number/comments(:read)POST /teams/:team_id/discussions/:discussion_number/comments(:write)GET /teams/:team_id/discussions/:discussion_number/comments/:comment_number(:read)PATCH /teams/:team_id/discussions/:discussion_number/comments/:comment_number(:write)DELETE /teams/:team_id/discussions/:discussion_number/comments/:comment_number(:write)GET /teams/:team_id/discussions/:discussion_number/comments/:comment_number/reactions(:read)POST /teams/:team_id/discussions/:discussion_number/comments/:comment_number/reactions(:write)GET /teams/:team_id/discussions/:discussion_number/reactions(:read)POST /teams/:team_id/discussions/:discussion_number/reactions(:write)