This version of GitHub Enterprise was discontinued on 2020-11-12. No patch releases will be made, even for critical security issues. For better performance, improved security, and new features, upgrade to the latest version of GitHub Enterprise. For help with the upgrade, contact GitHub Enterprise support.

Setting permissions for GitHub Apps

When you create a GitHub App, you set the permissions that define the resources the app can access via the REST API.

When you create a GitHub App, you can select the permissions it needs to access end user data. Permissions can also be added and removed. For more information, see "Editing a GitHub App's permissions."

Metadata permissions

By default, GitHub Apps have Read-only access to metadata endpoints. Metadata is a collection of read-only endpoints that provide general information about resources that the authorized installation can access.

If you set the metadata permission to No access and select a permission that requires repository access, GitHub will override your selection and set the metadata permission back to Read-only. To set the metadata permission to No access, you must set all permissions that require repository access to No access first. For a list of metadata endpoints, see "Metadata permissions."