Permissions required for GitHub Apps

About GitHub App permissions

GitHub Apps are created with a set of permissions. Permissions define what resources the GitHub App can access via the API. For more information, see "Choosing permissions for a GitHub App."

To help you choose the correct permissions, you will receive the X-Accepted-GitHub-Permissions header in the REST API response. The header will tell you what permissions are required in order to access the endpoint. For more information, see "Troubleshooting."

Some endpoints require additional permissions. When this is the case, the "Additional permissions" column will indicate the other permissions that are required to use the endpoint.

Endpoint	Access	Token types	Additional permissions
GET /enterprises/{enterprise}/actions/cache/usage	write	UAT IAT	✖️
PUT /enterprises/{enterprise}/actions/oidc/customization/issuer	write	UAT IAT	✖️
GET /enterprises/{enterprise}/settings/billing/actions	write	UAT IAT	✖️
GET /enterprises/{enterprise}/settings/billing/advanced-security	write	UAT IAT	✖️
GET /enterprises/{enterprise}/settings/billing/packages	write	UAT IAT	✖️
GET /enterprises/{enterprise}/settings/billing/shared-storage	write	UAT IAT	✖️
GET /scim/v2/Groups	write	UAT IAT	✖️
POST /scim/v2/Groups	write	UAT IAT	✖️
GET /scim/v2/Groups/{scim_group_id}	write	UAT IAT	✖️
PUT /scim/v2/Groups/{scim_group_id}	write	UAT IAT	✖️
PATCH /scim/v2/Groups/{scim_group_id}	write	UAT IAT	✖️
DELETE /scim/v2/Groups/{scim_group_id}	write	UAT IAT	✖️
GET /scim/v2/Users	write	UAT IAT	✖️
POST /scim/v2/Users	write	UAT IAT	✖️
GET /scim/v2/Users/{scim_user_id}	write	UAT IAT	✖️
PUT /scim/v2/Users/{scim_user_id}	write	UAT IAT	✖️
DELETE /scim/v2/Users/{scim_user_id}	write	UAT IAT	✖️
GET /enterprise-installation/{enterprise_or_org}/server-statistics	read	UAT IAT	Organization permissions for "Administration"
GET /enterprises/{enterprise}/audit-log	read	UAT IAT	✖️

Endpoint	Access	Token types	Additional permissions
PATCH /orgs/{org}	write	UAT IAT	✖️
DELETE /orgs/{org}	write	UAT IAT	✖️
PUT /orgs/{org}/actions/oidc/customization/sub	write	UAT IAT	✖️
PUT /orgs/{org}/actions/permissions	write	UAT IAT	✖️
PUT /orgs/{org}/actions/permissions/repositories	write	UAT IAT	✖️
PUT /orgs/{org}/actions/permissions/repositories/{repository_id}	write	UAT IAT	Repository permissions for "Metadata"
DELETE /orgs/{org}/actions/permissions/repositories/{repository_id}	write	UAT IAT	Repository permissions for "Metadata"
PUT /orgs/{org}/actions/permissions/selected-actions	write	UAT IAT	✖️
PUT /orgs/{org}/actions/permissions/workflow	write	UAT IAT	✖️
DELETE /orgs/{org}/credential-authorizations/{credential_id}	write	UAT IAT	✖️
PUT /orgs/{org}/interaction-limits	write	UAT IAT	✖️
DELETE /orgs/{org}/interaction-limits	write	UAT IAT	✖️
GET /orgs/{org}/rulesets	write	UAT IAT	✖️
POST /orgs/{org}/rulesets	write	UAT IAT	✖️
GET /orgs/{org}/rulesets/rule-suites	write	UAT IAT	✖️
GET /orgs/{org}/rulesets/rule-suites/{rule_suite_id}	write	UAT IAT	✖️
GET /orgs/{org}/rulesets/{ruleset_id}	write	UAT IAT	✖️
PUT /orgs/{org}/rulesets/{ruleset_id}	write	UAT IAT	✖️
DELETE /orgs/{org}/rulesets/{ruleset_id}	write	UAT IAT	✖️
PUT /orgs/{org}/security-managers/teams/{team_slug}	write	UAT IAT	✖️
DELETE /orgs/{org}/security-managers/teams/{team_slug}	write	UAT IAT	✖️
POST /orgs/{org}/{security_product}/{enablement}	write	UAT IAT	✖️
GET /enterprise-installation/{enterprise_or_org}/server-statistics	read	UAT IAT	Business permissions for "Enterprise administration"
GET /organizations/{organization_id}/custom_roles	read	UAT IAT	Organization permissions for "Custom repository roles"
GET /orgs/{org}/actions/cache/usage	read	UAT IAT	✖️
GET /orgs/{org}/actions/cache/usage-by-repository	read	UAT IAT	✖️
GET /orgs/{org}/actions/oidc/customization/sub	read	UAT IAT	✖️
GET /orgs/{org}/actions/permissions	read	UAT IAT	✖️
GET /orgs/{org}/actions/permissions/repositories	read	UAT IAT	✖️
GET /orgs/{org}/actions/permissions/selected-actions	read	UAT IAT	✖️
GET /orgs/{org}/actions/permissions/workflow	read	UAT IAT	✖️
GET /orgs/{org}/audit-log	read	UAT IAT	✖️
GET /orgs/{org}/credential-authorizations	read	UAT IAT	✖️
GET /orgs/{org}/custom-repository-roles	read	UAT IAT	Organization permissions for "Custom repository roles"
GET /orgs/{org}/custom-repository-roles/{role_id}	read	UAT IAT	Organization permissions for "Custom repository roles"
GET /orgs/{org}/custom_roles/{role_id}	read	UAT IAT	Organization permissions for "Custom repository roles"
GET /orgs/{org}/fine_grained_permissions	read	UAT IAT	Organization permissions for "Custom repository roles"
GET /orgs/{org}/installations	read	UAT IAT	✖️
GET /orgs/{org}/interaction-limits	read	UAT IAT	✖️
GET /orgs/{org}/security-managers	read	UAT IAT	✖️
GET /orgs/{org}/settings/billing/actions	read	UAT IAT	✖️
GET /orgs/{org}/settings/billing/advanced-security	read	UAT IAT	✖️
GET /orgs/{org}/settings/billing/packages	read	UAT IAT	✖️
GET /orgs/{org}/settings/billing/shared-storage	read	UAT IAT	✖️

Endpoint	Access	Token types	Additional permissions
PUT /orgs/{org}/blocks/{username}	write	UAT IAT	✖️
DELETE /orgs/{org}/blocks/{username}	write	UAT IAT	✖️
GET /orgs/{org}/blocks	read	UAT IAT	✖️
GET /orgs/{org}/blocks/{username}	read	UAT IAT	✖️

Endpoint	Access	Token types	Additional permissions
POST /orgs/{org}/custom-repository-roles	write	UAT IAT	✖️
PATCH /orgs/{org}/custom-repository-roles/{role_id}	write	UAT IAT	✖️
DELETE /orgs/{org}/custom-repository-roles/{role_id}	write	UAT IAT	✖️
POST /orgs/{org}/custom_roles	write	UAT IAT	✖️
PATCH /orgs/{org}/custom_roles/{role_id}	write	UAT IAT	✖️
DELETE /orgs/{org}/custom_roles/{role_id}	write	UAT IAT	✖️
GET /organizations/{organization_id}/custom_roles	read	UAT IAT	Organization permissions for "Administration"
GET /orgs/{org}/custom-repository-roles	read	UAT IAT	Organization permissions for "Administration"
GET /orgs/{org}/custom-repository-roles/{role_id}	read	UAT IAT	Organization permissions for "Administration"
GET /orgs/{org}/custom_roles/{role_id}	read	UAT IAT	Organization permissions for "Administration"
GET /orgs/{org}/fine_grained_permissions	read	UAT IAT	Organization permissions for "Administration"

Endpoint	Access	Token types	Additional permissions
GET /orgs/{org}/copilot/billing	write	UAT IAT	✖️
GET /orgs/{org}/copilot/billing/seats	write	UAT IAT	✖️
POST /orgs/{org}/copilot/billing/selected_teams	write	UAT IAT	✖️

Endpoint	Access	Token types	Additional permissions
GET /orgs/{org}/external-group/{group_id}	write	UAT IAT	✖️
GET /orgs/{org}/external-groups	write	UAT IAT	✖️
POST /orgs/{org}/invitations	write	UAT IAT	✖️
DELETE /orgs/{org}/invitations/{invitation_id}	write	UAT IAT	✖️
DELETE /orgs/{org}/members/{username}	write	UAT IAT	✖️
PUT /orgs/{org}/memberships/{username}	write	UAT IAT	✖️
DELETE /orgs/{org}/memberships/{username}	write	UAT IAT	✖️
PUT /orgs/{org}/outside_collaborators/{username}	write	UAT IAT	✖️
DELETE /orgs/{org}/outside_collaborators/{username}	write	UAT IAT	✖️
PUT /orgs/{org}/public_members/{username}	write	UAT	✖️
DELETE /orgs/{org}/public_members/{username}	write	UAT	✖️
GET /orgs/{org}/team-sync/groups	write	UAT IAT	✖️
POST /orgs/{org}/teams	write	UAT IAT	✖️
GET /orgs/{org}/teams/{team_slug}/external-groups	write	UAT IAT	✖️
PATCH /orgs/{org}/teams/{team_slug}/external-groups	write	UAT IAT	✖️
DELETE /orgs/{org}/teams/{team_slug}/external-groups	write	UAT IAT	✖️
POST /scim/v2/organizations/{org}/Users	write	UAT IAT	✖️
PUT /scim/v2/organizations/{org}/Users/{scim_user_id}	write	UAT IAT	✖️
PATCH /scim/v2/organizations/{org}/Users/{scim_user_id}	write	UAT IAT	✖️
DELETE /scim/v2/organizations/{org}/Users/{scim_user_id}	write	UAT IAT	✖️
PUT /teams/{team_id}/members/{username}	write	UAT IAT	✖️
DELETE /teams/{team_id}/members/{username}	write	UAT IAT	✖️
PATCH /user/memberships/orgs/{org}	write	UAT	✖️
GET /orgs/{org}/failed_invitations	read	UAT IAT	✖️
GET /orgs/{org}/invitations	read	UAT IAT	✖️
GET /orgs/{org}/invitations/{invitation_id}/teams	read	UAT IAT	✖️
GET /orgs/{org}/members	read	UAT IAT	✖️
GET /orgs/{org}/members/{username}	read	UAT IAT	✖️
GET /orgs/{org}/memberships/{username}	read	UAT IAT	✖️
GET /orgs/{org}/outside_collaborators	read	UAT IAT	✖️
GET /orgs/{org}/public_members	read	UAT IAT	✖️
GET /orgs/{org}/public_members/{username}	read	UAT IAT	✖️
GET /orgs/{org}/teams	read	UAT IAT	✖️
GET /scim/v2/organizations/{org}/Users	read	UAT IAT	✖️
GET /scim/v2/organizations/{org}/Users/{scim_user_id}	read	UAT IAT	✖️
GET /teams/{team_id}/members/{username}	read	UAT IAT	✖️
GET /user/memberships/orgs/{org}	read	UAT	✖️

Endpoint	Access	Token types	Additional permissions
PATCH /orgs/{org}/announcement	write	UAT IAT	✖️
DELETE /orgs/{org}/announcement	write	UAT IAT	✖️
GET /orgs/{org}/announcement	read	UAT IAT	✖️

Endpoint	Access	Token types	Additional permissions
PUT /orgs/{org}/codespaces/secrets/{secret_name}	write	UAT IAT	✖️
DELETE /orgs/{org}/codespaces/secrets/{secret_name}	write	UAT IAT	✖️
PUT /orgs/{org}/codespaces/secrets/{secret_name}/repositories	write	UAT IAT	✖️
PUT /orgs/{org}/codespaces/secrets/{secret_name}/repositories/{repository_id}	write	UAT IAT	Repository permissions for "Metadata"
DELETE /orgs/{org}/codespaces/secrets/{secret_name}/repositories/{repository_id}	write	UAT IAT	Repository permissions for "Metadata"
GET /orgs/{org}/codespaces/secrets	read	UAT IAT	✖️
GET /orgs/{org}/codespaces/secrets/public-key	read	UAT IAT	✖️
GET /orgs/{org}/codespaces/secrets/{secret_name}	read	UAT IAT	✖️
GET /orgs/{org}/codespaces/secrets/{secret_name}/repositories	read	UAT IAT	✖️

Endpoint	Access	Token types	Additional permissions
PUT /orgs/{org}/codespaces/access	write	UAT IAT	✖️
POST /orgs/{org}/codespaces/access/selected_users	write	UAT IAT	✖️
DELETE /orgs/{org}/codespaces/access/selected_users	write	UAT IAT	✖️

Endpoint	Access	Token types	Additional permissions
DELETE /orgs/{org}/members/{username}/codespaces/{codespace_name}	write	UAT IAT	Repository permissions for "Codespaces"
POST /orgs/{org}/members/{username}/codespaces/{codespace_name}/stop	write	UAT IAT	Repository permissions for "Codespaces lifecycle admin"
GET /orgs/{org}/codespaces	read	UAT IAT	Repository permissions for "Codespaces"
GET /orgs/{org}/members/{username}/codespaces	read	UAT IAT	Repository permissions for "Codespaces"

Endpoint	Access	Token types	Additional permissions
PUT /orgs/{org}/dependabot/secrets/{secret_name}	write	UAT IAT	✖️
DELETE /orgs/{org}/dependabot/secrets/{secret_name}	write	UAT IAT	✖️
PUT /orgs/{org}/dependabot/secrets/{secret_name}/repositories	write	UAT IAT	✖️
PUT /orgs/{org}/dependabot/secrets/{secret_name}/repositories/{repository_id}	write	UAT IAT	Repository permissions for "Metadata"
DELETE /orgs/{org}/dependabot/secrets/{secret_name}/repositories/{repository_id}	write	UAT IAT	Repository permissions for "Metadata"
GET /orgs/{org}/dependabot/secrets	read	UAT IAT	✖️
GET /orgs/{org}/dependabot/secrets/public-key	read	UAT IAT	✖️
GET /orgs/{org}/dependabot/secrets/{secret_name}	read	UAT IAT	✖️
GET /orgs/{org}/dependabot/secrets/{secret_name}/repositories	read	UAT IAT	✖️

Endpoint	Access	Token types	Additional permissions
POST /orgs/{org}/personal-access-token-requests	write	UAT IAT	✖️
POST /orgs/{org}/personal-access-token-requests/{pat_request_id}	write	UAT IAT	✖️
GET /orgs/{org}/personal-access-token-requests	read	UAT IAT	✖️
GET /orgs/{org}/personal-access-token-requests/{pat_request_id}/repositories	read	UAT IAT	✖️

Endpoint	Access	Token types	Additional permissions
POST /orgs/{org}/personal-access-tokens	write	UAT IAT	✖️
POST /orgs/{org}/personal-access-tokens/{pat_id}	write	UAT IAT	✖️
GET /orgs/{org}/personal-access-tokens	read	UAT IAT	✖️
GET /orgs/{org}/personal-access-tokens/{pat_id}/repositories	read	UAT IAT	✖️

Endpoint	Access	Token types	Additional permissions
GET /projects/{project_id}/collaborators	admin	UAT IAT	Repository permissions for "Projects"
PUT /projects/{project_id}/collaborators/{username}	admin	UAT IAT	Repository permissions for "Projects"
DELETE /projects/{project_id}/collaborators/{username}	admin	UAT IAT	Repository permissions for "Projects"
GET /projects/{project_id}/collaborators/{username}/permission	admin	UAT IAT	Repository permissions for "Projects"
POST /orgs/{org}/projects	write	UAT IAT	✖️
PATCH /projects/columns/cards/{card_id}	write	UAT IAT	Repository permissions for "Projects"
DELETE /projects/columns/cards/{card_id}	write	UAT IAT	Repository permissions for "Projects"
POST /projects/columns/cards/{card_id}/moves	write	UAT IAT	Repository permissions for "Projects"
PATCH /projects/columns/{column_id}	write	UAT IAT	Repository permissions for "Projects"
DELETE /projects/columns/{column_id}	write	UAT IAT	Repository permissions for "Projects"
POST /projects/columns/{column_id}/cards	write	UAT IAT	Repository permissions for "Projects"
POST /projects/columns/{column_id}/moves	write	UAT IAT	Repository permissions for "Projects"
PATCH /projects/{project_id}	write	UAT IAT	Repository permissions for "Projects"
DELETE /projects/{project_id}	write	UAT IAT	Repository permissions for "Projects"
POST /projects/{project_id}/columns	write	UAT IAT	Repository permissions for "Projects"
GET /orgs/{org}/projects	read	UAT IAT	✖️
GET /projects/columns/cards/{card_id}	read	UAT IAT	Repository permissions for "Projects"
GET /projects/columns/{column_id}	read	UAT IAT	Repository permissions for "Projects"
GET /projects/columns/{column_id}/cards	read	UAT IAT	Repository permissions for "Projects"
GET /projects/{project_id}	read	UAT IAT	Repository permissions for "Projects"
GET /projects/{project_id}/columns	read	UAT IAT	Repository permissions for "Projects"

Endpoint	Access	Token types	Additional permissions
PUT /orgs/{org}/actions/secrets/{secret_name}	write	UAT IAT	✖️
DELETE /orgs/{org}/actions/secrets/{secret_name}	write	UAT IAT	✖️
PUT /orgs/{org}/actions/secrets/{secret_name}/repositories	write	UAT IAT	✖️
PUT /orgs/{org}/actions/secrets/{secret_name}/repositories/{repository_id}	write	UAT IAT	Repository permissions for "Metadata"
DELETE /orgs/{org}/actions/secrets/{secret_name}/repositories/{repository_id}	write	UAT IAT	Repository permissions for "Metadata"
GET /orgs/{org}/actions/secrets	read	UAT IAT	✖️
GET /orgs/{org}/actions/secrets/public-key	read	UAT IAT	✖️
GET /orgs/{org}/actions/secrets/{secret_name}	read	UAT IAT	✖️
GET /orgs/{org}/actions/secrets/{secret_name}/repositories	read	UAT IAT	✖️

Endpoint	Access	Token types	Additional permissions
POST /orgs/{org}/actions/runner-groups	write	UAT IAT	✖️
PATCH /orgs/{org}/actions/runner-groups/{runner_group_id}	write	UAT IAT	✖️
DELETE /orgs/{org}/actions/runner-groups/{runner_group_id}	write	UAT IAT	✖️
PUT /orgs/{org}/actions/runner-groups/{runner_group_id}/repositories	write	UAT IAT	✖️
PUT /orgs/{org}/actions/runner-groups/{runner_group_id}/repositories/{repository_id}	write	UAT IAT	Repository permissions for "Metadata"
DELETE /orgs/{org}/actions/runner-groups/{runner_group_id}/repositories/{repository_id}	write	UAT IAT	Repository permissions for "Metadata"
PUT /orgs/{org}/actions/runner-groups/{runner_group_id}/runners	write	UAT IAT	✖️
PUT /orgs/{org}/actions/runner-groups/{runner_group_id}/runners/{runner_id}	write	UAT IAT	✖️
DELETE /orgs/{org}/actions/runner-groups/{runner_group_id}/runners/{runner_id}	write	UAT IAT	✖️
POST /orgs/{org}/actions/runners/generate-jitconfig	write	UAT IAT	✖️
POST /orgs/{org}/actions/runners/registration-token	write	UAT IAT	✖️
POST /orgs/{org}/actions/runners/remove-token	write	UAT IAT	✖️
DELETE /orgs/{org}/actions/runners/{runner_id}	write	UAT IAT	✖️
POST /orgs/{org}/actions/runners/{runner_id}/labels	write	UAT IAT	✖️
PUT /orgs/{org}/actions/runners/{runner_id}/labels	write	UAT IAT	✖️
DELETE /orgs/{org}/actions/runners/{runner_id}/labels	write	UAT IAT	✖️
DELETE /orgs/{org}/actions/runners/{runner_id}/labels/{name}	write	UAT IAT	✖️
GET /orgs/{org}/actions/runner-groups	read	UAT IAT	✖️
GET /orgs/{org}/actions/runner-groups/{runner_group_id}	read	UAT IAT	✖️
GET /orgs/{org}/actions/runner-groups/{runner_group_id}/repositories	read	UAT IAT	✖️
GET /orgs/{org}/actions/runner-groups/{runner_group_id}/runners	read	UAT IAT	✖️
GET /orgs/{org}/actions/runners	read	UAT IAT	✖️
GET /orgs/{org}/actions/runners/downloads	read	UAT IAT	✖️
GET /orgs/{org}/actions/runners/{runner_id}	read	UAT IAT	✖️
GET /orgs/{org}/actions/runners/{runner_id}/labels	read	UAT IAT	✖️

Endpoint	Access	Token types	Additional permissions
DELETE /orgs/{org}/teams/{team_slug}/discussions/{discussion_number}/comments/{comment_number}/reactions/{reaction_id}	write	UAT IAT	✖️
DELETE /orgs/{org}/teams/{team_slug}/discussions/{discussion_number}/reactions/{reaction_id}	write	UAT IAT	✖️

Endpoint	Access	Token types	Additional permissions
POST /orgs/{org}/actions/variables	write	UAT IAT	✖️
PATCH /orgs/{org}/actions/variables/{name}	write	UAT IAT	✖️
DELETE /orgs/{org}/actions/variables/{name}	write	UAT IAT	✖️
PUT /orgs/{org}/actions/variables/{name}/repositories	write	UAT IAT	✖️
PUT /orgs/{org}/actions/variables/{name}/repositories/{repository_id}	write	UAT IAT	Repository permissions for "Metadata"
GET /orgs/{org}/actions/variables	read	UAT IAT	✖️
GET /orgs/{org}/actions/variables/{name}	read	UAT IAT	✖️
GET /orgs/{org}/actions/variables/{name}/repositories	read	UAT IAT	✖️

Endpoint	Access	Token types	Additional permissions
POST /orgs/{org}/hooks	write	UAT IAT	✖️
PATCH /orgs/{org}/hooks/{hook_id}	write	UAT IAT	✖️
DELETE /orgs/{org}/hooks/{hook_id}	write	UAT IAT	✖️
PATCH /orgs/{org}/hooks/{hook_id}/config	write	UAT IAT	✖️
POST /orgs/{org}/hooks/{hook_id}/deliveries/{delivery_id}/attempts	write	UAT IAT	✖️
POST /orgs/{org}/hooks/{hook_id}/pings	write	UAT IAT	✖️
GET /orgs/{org}/hooks	read	UAT IAT	✖️
GET /orgs/{org}/hooks/{hook_id}	read	UAT IAT	✖️
GET /orgs/{org}/hooks/{hook_id}/config	read	UAT IAT	✖️
GET /orgs/{org}/hooks/{hook_id}/deliveries	read	UAT IAT	✖️
GET /orgs/{org}/hooks/{hook_id}/deliveries/{delivery_id}	read	UAT IAT	✖️

Endpoint	Access	Token types	Additional permissions
DELETE /repos/{owner}/{repo}/actions/artifacts/{artifact_id}	write	UAT IAT	✖️
DELETE /repos/{owner}/{repo}/actions/caches	write	UAT IAT	✖️
DELETE /repos/{owner}/{repo}/actions/caches/{cache_id}	write	UAT IAT	✖️
POST /repos/{owner}/{repo}/actions/jobs/{job_id}/rerun	write	UAT IAT	✖️
PUT /repos/{owner}/{repo}/actions/oidc/customization/sub	write	UAT IAT	✖️
DELETE /repos/{owner}/{repo}/actions/runs/{run_id}	write	UAT IAT	✖️
POST /repos/{owner}/{repo}/actions/runs/{run_id}/approve	write	UAT IAT	✖️
POST /repos/{owner}/{repo}/actions/runs/{run_id}/cancel	write	UAT IAT	✖️
POST /repos/{owner}/{repo}/actions/runs/{run_id}/force-cancel	write	UAT IAT	✖️
DELETE /repos/{owner}/{repo}/actions/runs/{run_id}/logs	write	UAT IAT	✖️
POST /repos/{owner}/{repo}/actions/runs/{run_id}/rerun	write	UAT IAT	✖️
POST /repos/{owner}/{repo}/actions/runs/{run_id}/rerun-failed-jobs	write	UAT IAT	✖️
PUT /repos/{owner}/{repo}/actions/workflows/{workflow_id}/disable	write	UAT IAT	✖️
POST /repos/{owner}/{repo}/actions/workflows/{workflow_id}/dispatches	write	UAT IAT	✖️
PUT /repos/{owner}/{repo}/actions/workflows/{workflow_id}/enable	write	UAT IAT	✖️
GET /repos/{owner}/{repo}/actions/artifacts	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/actions/artifacts/{artifact_id}	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/actions/artifacts/{artifact_id}/{archive_format}	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/actions/cache/usage	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/actions/caches	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/actions/jobs/{job_id}	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/actions/jobs/{job_id}/logs	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/actions/oidc/customization/sub	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/actions/runs	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/actions/runs/{run_id}	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/actions/runs/{run_id}/approvals	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/actions/runs/{run_id}/artifacts	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/actions/runs/{run_id}/attempts/{attempt_number}	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/actions/runs/{run_id}/attempts/{attempt_number}/jobs	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/actions/runs/{run_id}/attempts/{attempt_number}/logs	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/actions/runs/{run_id}/jobs	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/actions/runs/{run_id}/logs	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/actions/runs/{run_id}/pending_deployments	read	UAT IAT	✖️
POST /repos/{owner}/{repo}/actions/runs/{run_id}/pending_deployments	read	UAT IAT	Repository permissions for "Checks", Repository permissions for "Deployments"
GET /repos/{owner}/{repo}/actions/runs/{run_id}/timing	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/actions/workflows	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/actions/workflows/{workflow_id}	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/actions/workflows/{workflow_id}/runs	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/actions/workflows/{workflow_id}/timing	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/environments	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/environments/{environment_name}	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/environments/{environment_name}/deployment-branch-policies	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/environments/{environment_name}/deployment-branch-policies/{branch_policy_id}	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/environments/{environment_name}/deployment_protection_rules	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/environments/{environment_name}/deployment_protection_rules/apps	read	UAT IAT	✖️

Permissions required for GitHub Apps

In this article

Endpoint	Access	Token types	Additional permissions
POST /orgs/{org}/repos	write	UAT IAT	✖️
PATCH /repos/{owner}/{repo}	write	UAT IAT	✖️
DELETE /repos/{owner}/{repo}	write	UAT IAT	✖️
PUT /repos/{owner}/{repo}/actions/permissions	write	UAT IAT	✖️
PUT /repos/{owner}/{repo}/actions/permissions/access	write	UAT IAT	✖️
PUT /repos/{owner}/{repo}/actions/permissions/selected-actions	write	UAT IAT	✖️
PUT /repos/{owner}/{repo}/actions/permissions/workflow	write	UAT IAT	✖️
POST /repos/{owner}/{repo}/actions/runners/generate-jitconfig	write	UAT IAT	✖️
POST /repos/{owner}/{repo}/actions/runners/registration-token	write	UAT IAT	✖️
POST /repos/{owner}/{repo}/actions/runners/remove-token	write	UAT IAT	✖️
DELETE /repos/{owner}/{repo}/actions/runners/{runner_id}	write	UAT IAT	✖️
POST /repos/{owner}/{repo}/actions/runners/{runner_id}/labels	write	UAT IAT	✖️
PUT /repos/{owner}/{repo}/actions/runners/{runner_id}/labels	write	UAT IAT	✖️
DELETE /repos/{owner}/{repo}/actions/runners/{runner_id}/labels	write	UAT IAT	✖️
DELETE /repos/{owner}/{repo}/actions/runners/{runner_id}/labels/{name}	write	UAT IAT	✖️
POST /repos/{owner}/{repo}/autolinks	write	UAT IAT	✖️
DELETE /repos/{owner}/{repo}/autolinks/{autolink_id}	write	UAT IAT	✖️
PUT /repos/{owner}/{repo}/automated-security-fixes	write	UAT IAT	✖️
DELETE /repos/{owner}/{repo}/automated-security-fixes	write	UAT IAT	✖️
PUT /repos/{owner}/{repo}/branches/{branch}/protection	write	UAT IAT	✖️
DELETE /repos/{owner}/{repo}/branches/{branch}/protection	write	UAT IAT	✖️
POST /repos/{owner}/{repo}/branches/{branch}/protection/enforce_admins	write	UAT IAT	✖️
DELETE /repos/{owner}/{repo}/branches/{branch}/protection/enforce_admins	write	UAT IAT	✖️
PATCH /repos/{owner}/{repo}/branches/{branch}/protection/required_pull_request_reviews	write	UAT IAT	✖️
DELETE /repos/{owner}/{repo}/branches/{branch}/protection/required_pull_request_reviews	write	UAT IAT	✖️
POST /repos/{owner}/{repo}/branches/{branch}/protection/required_signatures	write	UAT IAT	✖️
DELETE /repos/{owner}/{repo}/branches/{branch}/protection/required_signatures	write	UAT IAT	✖️
PATCH /repos/{owner}/{repo}/branches/{branch}/protection/required_status_checks	write	UAT IAT	✖️
DELETE /repos/{owner}/{repo}/branches/{branch}/protection/required_status_checks	write	UAT IAT	✖️
POST /repos/{owner}/{repo}/branches/{branch}/protection/required_status_checks/contexts	write	UAT IAT	✖️
PUT /repos/{owner}/{repo}/branches/{branch}/protection/required_status_checks/contexts	write	UAT IAT	✖️
DELETE /repos/{owner}/{repo}/branches/{branch}/protection/required_status_checks/contexts	write	UAT IAT	✖️
DELETE /repos/{owner}/{repo}/branches/{branch}/protection/restrictions	write	UAT IAT	✖️
POST /repos/{owner}/{repo}/branches/{branch}/protection/restrictions/apps	write	UAT IAT	✖️
PUT /repos/{owner}/{repo}/branches/{branch}/protection/restrictions/apps	write	UAT IAT	✖️
DELETE /repos/{owner}/{repo}/branches/{branch}/protection/restrictions/apps	write	UAT IAT	✖️
POST /repos/{owner}/{repo}/branches/{branch}/protection/restrictions/teams	write	UAT IAT	✖️
PUT /repos/{owner}/{repo}/branches/{branch}/protection/restrictions/teams	write	UAT IAT	✖️
DELETE /repos/{owner}/{repo}/branches/{branch}/protection/restrictions/teams	write	UAT IAT	✖️
POST /repos/{owner}/{repo}/branches/{branch}/protection/restrictions/users	write	UAT IAT	✖️
PUT /repos/{owner}/{repo}/branches/{branch}/protection/restrictions/users	write	UAT IAT	✖️
DELETE /repos/{owner}/{repo}/branches/{branch}/protection/restrictions/users	write	UAT IAT	✖️
PATCH /repos/{owner}/{repo}/code-scanning/default-setup	write	UAT IAT	✖️
PUT /repos/{owner}/{repo}/codespaces/secrets/{secret_name}	write	UAT IAT	Repository permissions for "Codespaces secrets"
DELETE /repos/{owner}/{repo}/codespaces/secrets/{secret_name}	write	UAT IAT	Repository permissions for "Codespaces secrets"
PUT /repos/{owner}/{repo}/collaborators/{username}	write	UAT IAT	✖️
DELETE /repos/{owner}/{repo}/collaborators/{username}	write	UAT IAT	✖️
PUT /repos/{owner}/{repo}/environments/{environment_name}	write	UAT IAT	✖️
DELETE /repos/{owner}/{repo}/environments/{environment_name}	write	UAT IAT	✖️
POST /repos/{owner}/{repo}/environments/{environment_name}/deployment-branch-policies	write	UAT IAT	✖️
PUT /repos/{owner}/{repo}/environments/{environment_name}/deployment-branch-policies/{branch_policy_id}	write	UAT IAT	✖️
DELETE /repos/{owner}/{repo}/environments/{environment_name}/deployment-branch-policies/{branch_policy_id}	write	UAT IAT	✖️
POST /repos/{owner}/{repo}/environments/{environment_name}/deployment_protection_rules	write	UAT IAT	✖️
DELETE /repos/{owner}/{repo}/environments/{environment_name}/deployment_protection_rules/{protection_rule_id}	write	UAT IAT	✖️
POST /repos/{owner}/{repo}/forks	write	UAT IAT	Repository permissions for "Contents"
PUT /repos/{owner}/{repo}/interaction-limits	write	UAT IAT	✖️
DELETE /repos/{owner}/{repo}/interaction-limits	write	UAT IAT	✖️
PATCH /repos/{owner}/{repo}/invitations/{invitation_id}	write	UAT IAT	✖️
DELETE /repos/{owner}/{repo}/invitations/{invitation_id}	write	UAT IAT	✖️
POST /repos/{owner}/{repo}/keys	write	UAT IAT	✖️
DELETE /repos/{owner}/{repo}/keys/{key_id}	write	UAT IAT	✖️
POST /repos/{owner}/{repo}/pages	write	UAT IAT	Repository permissions for "Pages"
PUT /repos/{owner}/{repo}/pages	write	UAT IAT	Repository permissions for "Pages"
DELETE /repos/{owner}/{repo}/pages	write	UAT IAT	Repository permissions for "Pages"
GET /repos/{owner}/{repo}/pages/health	write	UAT IAT	Repository permissions for "Pages"
PUT /repos/{owner}/{repo}/private-vulnerability-reporting	write	UAT IAT	✖️
DELETE /repos/{owner}/{repo}/private-vulnerability-reporting	write	UAT IAT	✖️
POST /repos/{owner}/{repo}/rulesets	write	UAT IAT	✖️
GET /repos/{owner}/{repo}/rulesets/rule-suites	write	UAT IAT	✖️
GET /repos/{owner}/{repo}/rulesets/rule-suites/{rule_suite_id}	write	UAT IAT	✖️
PUT /repos/{owner}/{repo}/rulesets/{ruleset_id}	write	UAT IAT	✖️
DELETE /repos/{owner}/{repo}/rulesets/{ruleset_id}	write	UAT IAT	✖️
POST /repos/{owner}/{repo}/tags/protection	write	UAT IAT	✖️
DELETE /repos/{owner}/{repo}/tags/protection/{tag_protection_id}	write	UAT IAT	✖️
PUT /repos/{owner}/{repo}/topics	write	UAT IAT	✖️
POST /repos/{owner}/{repo}/transfer	write	UAT	✖️
PUT /repos/{owner}/{repo}/vulnerability-alerts	write	UAT IAT	✖️
DELETE /repos/{owner}/{repo}/vulnerability-alerts	write	UAT IAT	✖️
POST /user/repos	write	UAT	✖️
PATCH /user/repository_invitations/{invitation_id}	write	UAT	✖️
DELETE /user/repository_invitations/{invitation_id}	write	UAT	✖️
GET /repos/{owner}/{repo}/actions/permissions	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/actions/permissions/access	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/actions/permissions/selected-actions	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/actions/permissions/workflow	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/actions/runners	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/actions/runners/downloads	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/actions/runners/{runner_id}	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/actions/runners/{runner_id}/labels	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/autolinks	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/autolinks/{autolink_id}	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/automated-security-fixes	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/branches/{branch}/protection	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/branches/{branch}/protection/enforce_admins	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/branches/{branch}/protection/required_pull_request_reviews	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/branches/{branch}/protection/required_signatures	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/branches/{branch}/protection/required_status_checks	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/branches/{branch}/protection/required_status_checks/contexts	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/branches/{branch}/protection/restrictions	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/branches/{branch}/protection/restrictions/apps	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/branches/{branch}/protection/restrictions/teams	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/branches/{branch}/protection/restrictions/users	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/interaction-limits	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/invitations	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/keys	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/keys/{key_id}	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/tags/protection	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/teams	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/traffic/clones	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/traffic/popular/paths	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/traffic/popular/referrers	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/traffic/views	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/vulnerability-alerts	read	UAT IAT	✖️
GET /user/repository_invitations	read	UAT	✖️

Endpoint	Access	Token types	Additional permissions
POST /repos/{owner}/{repo}/check-runs	write	UAT IAT	✖️
PATCH /repos/{owner}/{repo}/check-runs/{check_run_id}	write	UAT IAT	✖️
POST /repos/{owner}/{repo}/check-runs/{check_run_id}/rerequest	write	UAT IAT	✖️
POST /repos/{owner}/{repo}/check-suites	write	UAT IAT	✖️
PATCH /repos/{owner}/{repo}/check-suites/preferences	write	UAT IAT	✖️
POST /repos/{owner}/{repo}/check-suites/{check_suite_id}/rerequest	write	UAT IAT	✖️
POST /repos/{owner}/{repo}/actions/runs/{run_id}/pending_deployments	read	UAT IAT	Repository permissions for "Actions", Repository permissions for "Deployments"
GET /repos/{owner}/{repo}/check-runs/{check_run_id}	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/check-runs/{check_run_id}/annotations	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/check-suites/{check_suite_id}	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/check-suites/{check_suite_id}/check-runs	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/commits/{ref}/check-runs	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/commits/{ref}/check-suites	read	UAT IAT	✖️

Endpoint	Access	Token types	Additional permissions
GET /repos/{owner}/{repo}/codespaces/devcontainers	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/codespaces/machines	read	UAT IAT	✖️
GET /user/codespaces/{codespace_name}/machines	read	UAT	✖️

Endpoint	Access	Token types	Additional permissions
GET /repos/{owner}/{repo}/codespaces/secrets	write	UAT IAT	✖️
GET /repos/{owner}/{repo}/codespaces/secrets/public-key	write	UAT IAT	✖️
GET /repos/{owner}/{repo}/codespaces/secrets/{secret_name}	write	UAT IAT	✖️
PUT /repos/{owner}/{repo}/codespaces/secrets/{secret_name}	write	UAT IAT	Repository permissions for "Administration"
DELETE /repos/{owner}/{repo}/codespaces/secrets/{secret_name}	write	UAT IAT	Repository permissions for "Administration"

Endpoint	Access	Token types	Additional permissions
POST /repos/{owner}/{repo}/statuses/{sha}	write	UAT IAT	✖️
GET /repos/{owner}/{repo}/commits/{ref}/status	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/commits/{ref}/statuses	read	UAT IAT	✖️

Endpoint	Access	Token types	Additional permissions
PATCH /repos/{owner}/{repo}/dependabot/alerts/{alert_number}	write	UAT IAT	✖️
GET /orgs/{org}/dependabot/alerts	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/dependabot/alerts	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/dependabot/alerts/{alert_number}	read	UAT IAT	✖️

Endpoint	Access	Token types	Additional permissions
PUT /repos/{owner}/{repo}/dependabot/secrets/{secret_name}	write	UAT IAT	✖️
DELETE /repos/{owner}/{repo}/dependabot/secrets/{secret_name}	write	UAT IAT	✖️
GET /repos/{owner}/{repo}/dependabot/secrets	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/dependabot/secrets/public-key	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/dependabot/secrets/{secret_name}	read	UAT IAT	✖️

Endpoint	Access	Token types	Additional permissions
PUT /repositories/{repository_id}/environments/{environment_name}/secrets/{secret_name}	write	UAT IAT	Repository permissions for "Secrets"
DELETE /repositories/{repository_id}/environments/{environment_name}/secrets/{secret_name}	write	UAT IAT	Repository permissions for "Secrets"
POST /repositories/{repository_id}/environments/{environment_name}/variables	write	UAT IAT	Repository permissions for "Variables"
PATCH /repositories/{repository_id}/environments/{environment_name}/variables/{name}	write	UAT IAT	Repository permissions for "Variables"
DELETE /repositories/{repository_id}/environments/{environment_name}/variables/{name}	write	UAT IAT	Repository permissions for "Variables"
GET /repositories/{repository_id}/environments/{environment_name}/secrets	read	UAT IAT	Repository permissions for "Secrets"
GET /repositories/{repository_id}/environments/{environment_name}/secrets/public-key	read	UAT IAT	Repository permissions for "Secrets"
GET /repositories/{repository_id}/environments/{environment_name}/secrets/{secret_name}	read	UAT IAT	Repository permissions for "Secrets"
GET /repositories/{repository_id}/environments/{environment_name}/variables	read	UAT IAT	Repository permissions for "Variables"
GET /repositories/{repository_id}/environments/{environment_name}/variables/{name}	read	UAT IAT	Repository permissions for "Variables"

Endpoint	Access	Token types	Additional permissions
POST /repos/{owner}/{repo}/issues	write	UAT IAT	✖️
PATCH /repos/{owner}/{repo}/issues/comments/{comment_id}	write	UAT IAT	Repository permissions for "Pull requests"
DELETE /repos/{owner}/{repo}/issues/comments/{comment_id}	write	UAT IAT	Repository permissions for "Pull requests"
POST /repos/{owner}/{repo}/issues/comments/{comment_id}/reactions	write	UAT IAT	✖️
DELETE /repos/{owner}/{repo}/issues/comments/{comment_id}/reactions/{reaction_id}	write	UAT IAT	✖️
PATCH /repos/{owner}/{repo}/issues/{issue_number}	write	UAT IAT	Repository permissions for "Pull requests"
POST /repos/{owner}/{repo}/issues/{issue_number}/assignees	write	UAT IAT	Repository permissions for "Pull requests"
DELETE /repos/{owner}/{repo}/issues/{issue_number}/assignees	write	UAT IAT	Repository permissions for "Pull requests"
POST /repos/{owner}/{repo}/issues/{issue_number}/comments	write	UAT IAT	Repository permissions for "Pull requests"
POST /repos/{owner}/{repo}/issues/{issue_number}/labels	write	UAT IAT	Repository permissions for "Pull requests"
PUT /repos/{owner}/{repo}/issues/{issue_number}/labels	write	UAT IAT	Repository permissions for "Pull requests"
DELETE /repos/{owner}/{repo}/issues/{issue_number}/labels	write	UAT IAT	Repository permissions for "Pull requests"
DELETE /repos/{owner}/{repo}/issues/{issue_number}/labels/{name}	write	UAT IAT	Repository permissions for "Pull requests"
PUT /repos/{owner}/{repo}/issues/{issue_number}/lock	write	UAT IAT	Repository permissions for "Pull requests"
DELETE /repos/{owner}/{repo}/issues/{issue_number}/lock	write	UAT IAT	Repository permissions for "Pull requests"
POST /repos/{owner}/{repo}/issues/{issue_number}/reactions	write	UAT IAT	✖️
DELETE /repos/{owner}/{repo}/issues/{issue_number}/reactions/{reaction_id}	write	UAT IAT	✖️
POST /repos/{owner}/{repo}/labels	write	UAT IAT	Repository permissions for "Pull requests"
PATCH /repos/{owner}/{repo}/labels/{name}	write	UAT IAT	Repository permissions for "Pull requests"
DELETE /repos/{owner}/{repo}/labels/{name}	write	UAT IAT	Repository permissions for "Pull requests"
POST /repos/{owner}/{repo}/milestones	write	UAT IAT	Repository permissions for "Pull requests"
PATCH /repos/{owner}/{repo}/milestones/{milestone_number}	write	UAT IAT	Repository permissions for "Pull requests"
DELETE /repos/{owner}/{repo}/milestones/{milestone_number}	write	UAT IAT	Repository permissions for "Pull requests"
GET /repos/{owner}/{repo}/assignees	read	UAT IAT	Repository permissions for "Pull requests"
GET /repos/{owner}/{repo}/assignees/{assignee}	read	UAT IAT	Repository permissions for "Pull requests"
GET /repos/{owner}/{repo}/issues	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/issues/comments	read	UAT IAT	Repository permissions for "Pull requests"
GET /repos/{owner}/{repo}/issues/comments/{comment_id}	read	UAT IAT	Repository permissions for "Pull requests"
GET /repos/{owner}/{repo}/issues/comments/{comment_id}/reactions	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/issues/events	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/issues/events/{event_id}	read	UAT IAT	Repository permissions for "Pull requests"
GET /repos/{owner}/{repo}/issues/{issue_number}	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/issues/{issue_number}/assignees/{assignee}	read	UAT IAT	Repository permissions for "Pull requests"
GET /repos/{owner}/{repo}/issues/{issue_number}/comments	read	UAT IAT	Repository permissions for "Pull requests"
GET /repos/{owner}/{repo}/issues/{issue_number}/events	read	UAT IAT	Repository permissions for "Pull requests"
GET /repos/{owner}/{repo}/issues/{issue_number}/labels	read	UAT IAT	Repository permissions for "Pull requests"
GET /repos/{owner}/{repo}/issues/{issue_number}/reactions	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/issues/{issue_number}/timeline	read	UAT IAT	Repository permissions for "Pull requests"
GET /repos/{owner}/{repo}/labels	read	UAT IAT	Repository permissions for "Pull requests"
GET /repos/{owner}/{repo}/labels/{name}	read	UAT IAT	Repository permissions for "Pull requests"
GET /repos/{owner}/{repo}/milestones	read	UAT IAT	Repository permissions for "Pull requests"
GET /repos/{owner}/{repo}/milestones/{milestone_number}	read	UAT IAT	Repository permissions for "Pull requests"
GET /repos/{owner}/{repo}/milestones/{milestone_number}/labels	read	UAT IAT	Repository permissions for "Pull requests"

Endpoint	Access	Token types	Additional permissions
POST /gists	read	UAT	User permissions for "Gists"
PATCH /gists/{gist_id}	read	UAT	User permissions for "Gists"
DELETE /gists/{gist_id}	read	UAT	User permissions for "Gists"
POST /gists/{gist_id}/comments	read	UAT	User permissions for "Gists"
GET /gists/{gist_id}/comments/{comment_id}	read	UAT	✖️
PATCH /gists/{gist_id}/comments/{comment_id}	read	UAT	User permissions for "Gists"
DELETE /gists/{gist_id}/comments/{comment_id}	read	UAT	User permissions for "Gists"
POST /gists/{gist_id}/forks	read	UAT	User permissions for "Gists"
PUT /gists/{gist_id}/star	read	UAT	User permissions for "Gists"
DELETE /gists/{gist_id}/star	read	UAT	User permissions for "Gists"
GET /notifications	read	UAT	User permissions for "Notifications"
PUT /orgs/{org}/actions/permissions/repositories/{repository_id}	read	UAT IAT	Organization permissions for "Administration"
DELETE /orgs/{org}/actions/permissions/repositories/{repository_id}	read	UAT IAT	Organization permissions for "Administration"
PUT /orgs/{org}/actions/runner-groups/{runner_group_id}/repositories/{repository_id}	read	UAT IAT	Organization permissions for "Self-hosted runners"
DELETE /orgs/{org}/actions/runner-groups/{runner_group_id}/repositories/{repository_id}	read	UAT IAT	Organization permissions for "Self-hosted runners"
PUT /orgs/{org}/actions/secrets/{secret_name}/repositories/{repository_id}	read	UAT IAT	Organization permissions for "Secrets"
DELETE /orgs/{org}/actions/secrets/{secret_name}/repositories/{repository_id}	read	UAT IAT	Organization permissions for "Secrets"
PUT /orgs/{org}/actions/variables/{name}/repositories/{repository_id}	read	UAT IAT	Organization permissions for "Variables"
PUT /orgs/{org}/codespaces/secrets/{secret_name}/repositories/{repository_id}	read	UAT IAT	Organization permissions for "Organization codespaces secrets"
DELETE /orgs/{org}/codespaces/secrets/{secret_name}/repositories/{repository_id}	read	UAT IAT	Organization permissions for "Organization codespaces secrets"
PUT /orgs/{org}/dependabot/secrets/{secret_name}/repositories/{repository_id}	read	UAT IAT	Organization permissions for "Organization dependabot secrets"
DELETE /orgs/{org}/dependabot/secrets/{secret_name}/repositories/{repository_id}	read	UAT IAT	Organization permissions for "Organization dependabot secrets"
GET /orgs/{org}/repos	read	UAT IAT	✖️
GET /repos/{owner}/{repo}	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/collaborators	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/collaborators/{username}	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/collaborators/{username}/permission	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/comments	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/comments/{comment_id}	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/comments/{comment_id}/reactions	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/commits/{commit_sha}/comments	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/contributors	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/events	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/forks	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/languages	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/license	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/rules/branches/{branch}	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/rulesets	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/rulesets/{ruleset_id}	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/stargazers	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/stats/code_frequency	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/stats/commit_activity	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/stats/contributors	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/stats/participation	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/stats/punch_card	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/subscribers	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/tags	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/topics	read	UAT IAT	✖️
POST /repos/{template_owner}/{template_repo}/generate	read	UAT	✖️
GET /repositories	read	UAT IAT	✖️
GET /search/labels	read	UAT IAT	✖️
GET /user/codespaces/secrets/{secret_name}/repositories	read	UAT	User permissions for "Codespaces user secrets"
PUT /user/codespaces/secrets/{secret_name}/repositories	read	UAT	User permissions for "Codespaces user secrets"
PUT /user/codespaces/secrets/{secret_name}/repositories/{repository_id}	read	UAT	User permissions for "Codespaces user secrets"
DELETE /user/codespaces/secrets/{secret_name}/repositories/{repository_id}	read	UAT	User permissions for "Codespaces user secrets"
GET /user/installations/{installation_id}/repositories	read	UAT	✖️
GET /user/repos	read	UAT	✖️
GET /users/{username}/repos	read	UAT IAT	✖️