Permissions required for GitHub Apps

About GitHub App permissions

GitHub Apps are created with a set of permissions. Permissions define what resources the GitHub App can access via the API. For more information, see "Choosing permissions for a GitHub App."

To help you choose the correct permissions, you will receive the X-Accepted-GitHub-Permissions header in the REST API response. The header will tell you what permissions are required in order to access the endpoint. For more information, see "Troubleshooting the REST API."

These permissions are required to access private resources. Some endpoints can also be used to access public resources without these permissions. To see whether an endpoint can access public resources without a permission, see the documentation for that endpoint.

Some endpoints require more than one permission. Other endpoints work with any one permission from a set of permissions. In these cases, the "Additional permissions" column will include a checkmark. For full details about the permissions that are required to use the endpoint, see the documentation for that endpoint.

Business permissions for "Enterprise administration"

Endpoint	Access	Token types
GET /enterprises/{enterprise}/actions/cache/usage	write	UAT IAT
GET /enterprises/{enterprise}/actions/cache/usage-policy	write	UAT IAT
PATCH /enterprises/{enterprise}/actions/cache/usage-policy	write	UAT IAT
GET /enterprises/{enterprise}/settings/billing/advanced-security	write	UAT IAT
GET /scim/v2/enterprises/{enterprise}/Groups	write	UAT IAT
POST /scim/v2/enterprises/{enterprise}/Groups	write	UAT IAT
GET /scim/v2/enterprises/{enterprise}/Groups/{scim_group_id}	write	UAT IAT
PUT /scim/v2/enterprises/{enterprise}/Groups/{scim_group_id}	write	UAT IAT
PATCH /scim/v2/enterprises/{enterprise}/Groups/{scim_group_id}	write	UAT IAT
DELETE /scim/v2/enterprises/{enterprise}/Groups/{scim_group_id}	write	UAT IAT
GET /scim/v2/enterprises/{enterprise}/Users	write	UAT IAT
POST /scim/v2/enterprises/{enterprise}/Users	write	UAT IAT
GET /scim/v2/enterprises/{enterprise}/Users/{scim_user_id}	write	UAT IAT
PUT /scim/v2/enterprises/{enterprise}/Users/{scim_user_id}	write	UAT IAT
PATCH /scim/v2/enterprises/{enterprise}/Users/{scim_user_id}	write	UAT IAT
DELETE /scim/v2/enterprises/{enterprise}/Users/{scim_user_id}	write	UAT IAT
GET /enterprises/{enterprise}/audit-log	read	UAT IAT

Organization permissions for "Administration"

Endpoint	Access	Token types	Additional permissions
PATCH /orgs/{org}	write	UAT IAT
DELETE /orgs/{org}	write	UAT IAT
PUT /orgs/{org}/actions/oidc/customization/sub	write	UAT IAT
PUT /orgs/{org}/actions/permissions	write	UAT IAT
PUT /orgs/{org}/actions/permissions/repositories	write	UAT IAT
PUT /orgs/{org}/actions/permissions/repositories/{repository_id}	write	UAT IAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.
DELETE /orgs/{org}/actions/permissions/repositories/{repository_id}	write	UAT IAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.
PUT /orgs/{org}/actions/permissions/selected-actions	write	UAT IAT
PUT /orgs/{org}/actions/permissions/workflow	write	UAT IAT
GET /orgs/{org}/rulesets	write	UAT IAT
POST /orgs/{org}/rulesets	write	UAT IAT
GET /orgs/{org}/rulesets/rule-suites	write	UAT IAT
GET /orgs/{org}/rulesets/rule-suites/{rule_suite_id}	write	UAT IAT
GET /orgs/{org}/rulesets/{ruleset_id}	write	UAT IAT
PUT /orgs/{org}/rulesets/{ruleset_id}	write	UAT IAT
DELETE /orgs/{org}/rulesets/{ruleset_id}	write	UAT IAT
PUT /orgs/{org}/security-managers/teams/{team_slug}	write	UAT IAT
DELETE /orgs/{org}/security-managers/teams/{team_slug}	write	UAT IAT
POST /orgs/{org}/{security_product}/{enablement}	write	UAT IAT
GET /organizations/{organization_id}/custom_roles	read	UAT IAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.
GET /orgs/{org}/actions/cache/usage	read	UAT IAT
GET /orgs/{org}/actions/cache/usage-by-repository	read	UAT IAT
GET /orgs/{org}/actions/oidc/customization/sub	read	UAT IAT
GET /orgs/{org}/actions/permissions	read	UAT IAT
GET /orgs/{org}/actions/permissions/repositories	read	UAT IAT
GET /orgs/{org}/actions/permissions/selected-actions	read	UAT IAT
GET /orgs/{org}/actions/permissions/workflow	read	UAT IAT
GET /orgs/{org}/audit-log	read	UAT IAT
GET /orgs/{org}/custom-repository-roles	read	UAT IAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.
GET /orgs/{org}/custom-repository-roles/{role_id}	read	UAT IAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.
GET /orgs/{org}/installations	read	UAT IAT
GET /orgs/{org}/repository-fine-grained-permissions	read	UAT IAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.
GET /orgs/{org}/security-managers	read	UAT IAT
GET /orgs/{org}/settings/billing/advanced-security	read	UAT IAT

Organization permissions for "Custom repository roles"

Endpoint	Access	Token types	Additional permissions
POST /orgs/{org}/custom-repository-roles	write	UAT IAT
PATCH /orgs/{org}/custom-repository-roles/{role_id}	write	UAT IAT
DELETE /orgs/{org}/custom-repository-roles/{role_id}	write	UAT IAT
GET /organizations/{organization_id}/custom_roles	read	UAT IAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.
GET /orgs/{org}/custom-repository-roles	read	UAT IAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.
GET /orgs/{org}/custom-repository-roles/{role_id}	read	UAT IAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.
GET /orgs/{org}/repository-fine-grained-permissions	read	UAT IAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.

Organization permissions for "Events"

Endpoint	Access	Token types	Additional permissions
GET /users/{username}/events/orgs/{org}	read	UAT

Organization permissions for "Members"

Endpoint	Access	Token types
GET /orgs/{org}/external-group/{group_id}	write	UAT IAT
GET /orgs/{org}/external-groups	write	UAT IAT
DELETE /orgs/{org}/members/{username}	write	UAT IAT
PUT /orgs/{org}/memberships/{username}	write	UAT IAT
DELETE /orgs/{org}/memberships/{username}	write	UAT IAT
PUT /orgs/{org}/outside_collaborators/{username}	write	UAT IAT
DELETE /orgs/{org}/outside_collaborators/{username}	write	UAT IAT
PUT /orgs/{org}/public_members/{username}	write	UAT
DELETE /orgs/{org}/public_members/{username}	write	UAT
POST /orgs/{org}/teams	write	UAT IAT
GET /orgs/{org}/teams/{team_slug}/external-groups	write	UAT IAT
PATCH /orgs/{org}/teams/{team_slug}/external-groups	write	UAT IAT
DELETE /orgs/{org}/teams/{team_slug}/external-groups	write	UAT IAT
PUT /teams/{team_id}/members/{username}	write	UAT IAT
DELETE /teams/{team_id}/members/{username}	write	UAT IAT
PATCH /user/memberships/orgs/{org}	write	UAT
GET /orgs/{org}/members	read	UAT IAT
GET /orgs/{org}/members/{username}	read	UAT IAT
GET /orgs/{org}/memberships/{username}	read	UAT IAT
GET /orgs/{org}/outside_collaborators	read	UAT IAT
GET /orgs/{org}/public_members	read	UAT IAT
GET /orgs/{org}/public_members/{username}	read	UAT IAT
GET /orgs/{org}/teams	read	UAT IAT
GET /teams/{team_id}/members/{username}	read	UAT IAT
GET /user/memberships/orgs/{org}	read	UAT

Organization permissions for "Organization announcement banners"

Endpoint	Access	Token types
PATCH /orgs/{org}/announcement	write	UAT IAT
DELETE /orgs/{org}/announcement	write	UAT IAT
GET /orgs/{org}/announcement	read	UAT IAT

Organization permissions for "Organization dependabot secrets"

Endpoint	Access	Token types	Additional permissions
PUT /orgs/{org}/dependabot/secrets/{secret_name}	write	UAT IAT
DELETE /orgs/{org}/dependabot/secrets/{secret_name}	write	UAT IAT
PUT /orgs/{org}/dependabot/secrets/{secret_name}/repositories	write	UAT IAT
PUT /orgs/{org}/dependabot/secrets/{secret_name}/repositories/{repository_id}	write	UAT IAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.
DELETE /orgs/{org}/dependabot/secrets/{secret_name}/repositories/{repository_id}	write	UAT IAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.
GET /orgs/{org}/dependabot/secrets	read	UAT IAT
GET /orgs/{org}/dependabot/secrets/public-key	read	UAT IAT
GET /orgs/{org}/dependabot/secrets/{secret_name}	read	UAT IAT
GET /orgs/{org}/dependabot/secrets/{secret_name}/repositories	read	UAT IAT

Organization permissions for "Personal access token requests"

Endpoint	Access	Token types
POST /orgs/{org}/personal-access-token-requests	write	UAT IAT
POST /orgs/{org}/personal-access-token-requests/{pat_request_id}	write	UAT IAT
GET /orgs/{org}/personal-access-token-requests	read	UAT IAT
GET /orgs/{org}/personal-access-token-requests/{pat_request_id}/repositories	read	UAT IAT

Organization permissions for "Personal access tokens"

Endpoint	Access	Token types
POST /orgs/{org}/personal-access-tokens	write	UAT IAT
POST /orgs/{org}/personal-access-tokens/{pat_id}	write	UAT IAT
GET /orgs/{org}/personal-access-tokens	read	UAT IAT
GET /orgs/{org}/personal-access-tokens/{pat_id}/repositories	read	UAT IAT

Organization permissions for "Pre-receive hooks"

Endpoint	Access	Token types
PATCH /orgs/{org}/pre-receive-hooks/{pre_receive_hook_id}	write	UAT IAT
DELETE /orgs/{org}/pre-receive-hooks/{pre_receive_hook_id}	write	UAT IAT
GET /orgs/{org}/pre-receive-hooks	read	UAT IAT
GET /orgs/{org}/pre-receive-hooks/{pre_receive_hook_id}	read	UAT IAT

Organization permissions for "Projects"

Endpoint	Access	Token types	Additional permissions
GET /projects/{project_id}/collaborators	admin	UAT IAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.
PUT /projects/{project_id}/collaborators/{username}	admin	UAT IAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.
DELETE /projects/{project_id}/collaborators/{username}	admin	UAT IAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.
GET /projects/{project_id}/collaborators/{username}/permission	admin	UAT IAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.
POST /orgs/{org}/projects	write	UAT IAT
PATCH /projects/columns/cards/{card_id}	write	UAT IAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.
DELETE /projects/columns/cards/{card_id}	write	UAT IAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.
POST /projects/columns/cards/{card_id}/moves	write	UAT IAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.
PATCH /projects/columns/{column_id}	write	UAT IAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.
DELETE /projects/columns/{column_id}	write	UAT IAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.
POST /projects/columns/{column_id}/cards	write	UAT IAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.
POST /projects/columns/{column_id}/moves	write	UAT IAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.
PATCH /projects/{project_id}	write	UAT IAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.
DELETE /projects/{project_id}	write	UAT IAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.
POST /projects/{project_id}/columns	write	UAT IAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.
GET /orgs/{org}/projects	read	UAT IAT
GET /projects/columns/cards/{card_id}	read	UAT IAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.
GET /projects/columns/{column_id}	read	UAT IAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.
GET /projects/columns/{column_id}/cards	read	UAT IAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.
GET /projects/{project_id}	read	UAT IAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.
GET /projects/{project_id}/columns	read	UAT IAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.

Organization permissions for "Secrets"

Endpoint	Access	Token types	Additional permissions
PUT /orgs/{org}/actions/secrets/{secret_name}	write	UAT IAT
DELETE /orgs/{org}/actions/secrets/{secret_name}	write	UAT IAT
PUT /orgs/{org}/actions/secrets/{secret_name}/repositories	write	UAT IAT
PUT /orgs/{org}/actions/secrets/{secret_name}/repositories/{repository_id}	write	UAT IAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.
DELETE /orgs/{org}/actions/secrets/{secret_name}/repositories/{repository_id}	write	UAT IAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.
GET /orgs/{org}/actions/secrets	read	UAT IAT
GET /orgs/{org}/actions/secrets/public-key	read	UAT IAT
GET /orgs/{org}/actions/secrets/{secret_name}	read	UAT IAT
GET /orgs/{org}/actions/secrets/{secret_name}/repositories	read	UAT IAT

Organization permissions for "Self-hosted runners"

Endpoint	Access	Token types	Additional permissions
POST /orgs/{org}/actions/runner-groups	write	UAT IAT
PATCH /orgs/{org}/actions/runner-groups/{runner_group_id}	write	UAT IAT
DELETE /orgs/{org}/actions/runner-groups/{runner_group_id}	write	UAT IAT
PUT /orgs/{org}/actions/runner-groups/{runner_group_id}/repositories	write	UAT IAT
PUT /orgs/{org}/actions/runner-groups/{runner_group_id}/repositories/{repository_id}	write	UAT IAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.
DELETE /orgs/{org}/actions/runner-groups/{runner_group_id}/repositories/{repository_id}	write	UAT IAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.
PUT /orgs/{org}/actions/runner-groups/{runner_group_id}/runners	write	UAT IAT
PUT /orgs/{org}/actions/runner-groups/{runner_group_id}/runners/{runner_id}	write	UAT IAT
DELETE /orgs/{org}/actions/runner-groups/{runner_group_id}/runners/{runner_id}	write	UAT IAT
POST /orgs/{org}/actions/runners/generate-jitconfig	write	UAT IAT
POST /orgs/{org}/actions/runners/registration-token	write	UAT IAT
POST /orgs/{org}/actions/runners/remove-token	write	UAT IAT
DELETE /orgs/{org}/actions/runners/{runner_id}	write	UAT IAT
POST /orgs/{org}/actions/runners/{runner_id}/labels	write	UAT IAT
PUT /orgs/{org}/actions/runners/{runner_id}/labels	write	UAT IAT
DELETE /orgs/{org}/actions/runners/{runner_id}/labels	write	UAT IAT
DELETE /orgs/{org}/actions/runners/{runner_id}/labels/{name}	write	UAT IAT
GET /orgs/{org}/actions/runner-groups	read	UAT IAT
GET /orgs/{org}/actions/runner-groups/{runner_group_id}	read	UAT IAT
GET /orgs/{org}/actions/runner-groups/{runner_group_id}/repositories	read	UAT IAT
GET /orgs/{org}/actions/runner-groups/{runner_group_id}/runners	read	UAT IAT
GET /orgs/{org}/actions/runners	read	UAT IAT
GET /orgs/{org}/actions/runners/downloads	read	UAT IAT
GET /orgs/{org}/actions/runners/{runner_id}	read	UAT IAT
GET /orgs/{org}/actions/runners/{runner_id}/labels	read	UAT IAT

Organization permissions for "Team discussions"

Endpoint	Access	Token types	Additional permissions
DELETE /orgs/{org}/teams/{team_slug}/discussions/{discussion_number}/comments/{comment_number}/reactions/{reaction_id}	write	UAT IAT
DELETE /orgs/{org}/teams/{team_slug}/discussions/{discussion_number}/reactions/{reaction_id}	write	UAT IAT

Organization permissions for "Variables"

Endpoint	Access	Token types	Additional permissions
POST /orgs/{org}/actions/variables	write	UAT IAT
PATCH /orgs/{org}/actions/variables/{name}	write	UAT IAT
DELETE /orgs/{org}/actions/variables/{name}	write	UAT IAT
PUT /orgs/{org}/actions/variables/{name}/repositories	write	UAT IAT
PUT /orgs/{org}/actions/variables/{name}/repositories/{repository_id}	write	UAT IAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.
DELETE /orgs/{org}/actions/variables/{name}/repositories/{repository_id}	write	UAT IAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.
GET /orgs/{org}/actions/variables	read	UAT IAT
GET /orgs/{org}/actions/variables/{name}	read	UAT IAT
GET /orgs/{org}/actions/variables/{name}/repositories	read	UAT IAT

Organization permissions for "Webhooks"

Endpoint	Access	Token types
POST /orgs/{org}/hooks	write	UAT IAT
PATCH /orgs/{org}/hooks/{hook_id}	write	UAT IAT
DELETE /orgs/{org}/hooks/{hook_id}	write	UAT IAT
PATCH /orgs/{org}/hooks/{hook_id}/config	write	UAT IAT
POST /orgs/{org}/hooks/{hook_id}/deliveries/{delivery_id}/attempts	write	UAT IAT
POST /orgs/{org}/hooks/{hook_id}/pings	write	UAT IAT
GET /orgs/{org}/hooks	read	UAT IAT
GET /orgs/{org}/hooks/{hook_id}	read	UAT IAT
GET /orgs/{org}/hooks/{hook_id}/config	read	UAT IAT
GET /orgs/{org}/hooks/{hook_id}/deliveries	read	UAT IAT
GET /orgs/{org}/hooks/{hook_id}/deliveries/{delivery_id}	read	UAT IAT

Repository permissions for "Actions"

Endpoint	Access	Token types	Additional permissions
DELETE /repos/{owner}/{repo}/actions/artifacts/{artifact_id}	write	UAT IAT
DELETE /repos/{owner}/{repo}/actions/caches	write	UAT IAT
DELETE /repos/{owner}/{repo}/actions/caches/{cache_id}	write	UAT IAT
POST /repos/{owner}/{repo}/actions/jobs/{job_id}/rerun	write	UAT IAT
PUT /repos/{owner}/{repo}/actions/oidc/customization/sub	write	UAT IAT
DELETE /repos/{owner}/{repo}/actions/runs/{run_id}	write	UAT IAT
POST /repos/{owner}/{repo}/actions/runs/{run_id}/cancel	write	UAT IAT
POST /repos/{owner}/{repo}/actions/runs/{run_id}/force-cancel	write	UAT IAT
DELETE /repos/{owner}/{repo}/actions/runs/{run_id}/logs	write	UAT IAT
POST /repos/{owner}/{repo}/actions/runs/{run_id}/rerun	write	UAT IAT
POST /repos/{owner}/{repo}/actions/runs/{run_id}/rerun-failed-jobs	write	UAT IAT
PUT /repos/{owner}/{repo}/actions/workflows/{workflow_id}/disable	write	UAT IAT
POST /repos/{owner}/{repo}/actions/workflows/{workflow_id}/dispatches	write	UAT IAT
PUT /repos/{owner}/{repo}/actions/workflows/{workflow_id}/enable	write	UAT IAT
GET /repos/{owner}/{repo}/actions/artifacts	read	UAT IAT
GET /repos/{owner}/{repo}/actions/artifacts/{artifact_id}	read	UAT IAT
GET /repos/{owner}/{repo}/actions/artifacts/{artifact_id}/{archive_format}	read	UAT IAT
GET /repos/{owner}/{repo}/actions/cache/usage	read	UAT IAT
GET /repos/{owner}/{repo}/actions/cache/usage-policy	read	UAT IAT
GET /repos/{owner}/{repo}/actions/caches	read	UAT IAT
GET /repos/{owner}/{repo}/actions/jobs/{job_id}	read	UAT IAT
GET /repos/{owner}/{repo}/actions/jobs/{job_id}/logs	read	UAT IAT
GET /repos/{owner}/{repo}/actions/oidc/customization/sub	read	UAT IAT
GET /repos/{owner}/{repo}/actions/runs	read	UAT IAT
GET /repos/{owner}/{repo}/actions/runs/{run_id}	read	UAT IAT
GET /repos/{owner}/{repo}/actions/runs/{run_id}/approvals	read	UAT IAT
GET /repos/{owner}/{repo}/actions/runs/{run_id}/artifacts	read	UAT IAT
GET /repos/{owner}/{repo}/actions/runs/{run_id}/attempts/{attempt_number}	read	UAT IAT
GET /repos/{owner}/{repo}/actions/runs/{run_id}/attempts/{attempt_number}/jobs	read	UAT IAT
GET /repos/{owner}/{repo}/actions/runs/{run_id}/attempts/{attempt_number}/logs	read	UAT IAT
GET /repos/{owner}/{repo}/actions/runs/{run_id}/jobs	read	UAT IAT
GET /repos/{owner}/{repo}/actions/runs/{run_id}/logs	read	UAT IAT
GET /repos/{owner}/{repo}/actions/runs/{run_id}/pending_deployments	read	UAT IAT
POST /repos/{owner}/{repo}/actions/runs/{run_id}/pending_deployments	read	UAT IAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.
GET /repos/{owner}/{repo}/actions/workflows	read	UAT IAT
GET /repos/{owner}/{repo}/actions/workflows/{workflow_id}	read	UAT IAT
GET /repos/{owner}/{repo}/actions/workflows/{workflow_id}/runs	read	UAT IAT
GET /repos/{owner}/{repo}/environments	read	UAT IAT
GET /repos/{owner}/{repo}/environments/{environment_name}	read	UAT IAT
GET /repos/{owner}/{repo}/environments/{environment_name}/deployment-branch-policies	read	UAT IAT
GET /repos/{owner}/{repo}/environments/{environment_name}/deployment-branch-policies/{branch_policy_id}	read	UAT IAT
GET /repos/{owner}/{repo}/environments/{environment_name}/deployment_protection_rules	read	UAT IAT
GET /repos/{owner}/{repo}/environments/{environment_name}/deployment_protection_rules/{protection_rule_id}	read	UAT IAT

Repository permissions for "Administration"

Endpoint	Access	Token types	Additional permissions
POST /orgs/{org}/repos	write	UAT IAT
PATCH /repos/{owner}/{repo}	write	UAT IAT
DELETE /repos/{owner}/{repo}	write	UAT IAT
PATCH /repos/{owner}/{repo}/actions/cache/usage-policy	write	UAT IAT
PUT /repos/{owner}/{repo}/actions/permissions	write	UAT IAT
PUT /repos/{owner}/{repo}/actions/permissions/access	write	UAT IAT
PUT /repos/{owner}/{repo}/actions/permissions/selected-actions	write	UAT IAT
PUT /repos/{owner}/{repo}/actions/permissions/workflow	write	UAT IAT
POST /repos/{owner}/{repo}/actions/runners/generate-jitconfig	write	UAT IAT
POST /repos/{owner}/{repo}/actions/runners/registration-token	write	UAT IAT
POST /repos/{owner}/{repo}/actions/runners/remove-token	write	UAT IAT
DELETE /repos/{owner}/{repo}/actions/runners/{runner_id}	write	UAT IAT
POST /repos/{owner}/{repo}/actions/runners/{runner_id}/labels	write	UAT IAT
PUT /repos/{owner}/{repo}/actions/runners/{runner_id}/labels	write	UAT IAT
DELETE /repos/{owner}/{repo}/actions/runners/{runner_id}/labels	write	UAT IAT
DELETE /repos/{owner}/{repo}/actions/runners/{runner_id}/labels/{name}	write	UAT IAT
POST /repos/{owner}/{repo}/autolinks	write	UAT IAT
DELETE /repos/{owner}/{repo}/autolinks/{autolink_id}	write	UAT IAT
PUT /repos/{owner}/{repo}/branches/{branch}/protection	write	UAT IAT
DELETE /repos/{owner}/{repo}/branches/{branch}/protection	write	UAT IAT
POST /repos/{owner}/{repo}/branches/{branch}/protection/enforce_admins	write	UAT IAT
DELETE /repos/{owner}/{repo}/branches/{branch}/protection/enforce_admins	write	UAT IAT
PATCH /repos/{owner}/{repo}/branches/{branch}/protection/required_pull_request_reviews	write	UAT IAT
DELETE /repos/{owner}/{repo}/branches/{branch}/protection/required_pull_request_reviews	write	UAT IAT
POST /repos/{owner}/{repo}/branches/{branch}/protection/required_signatures	write	UAT IAT
DELETE /repos/{owner}/{repo}/branches/{branch}/protection/required_signatures	write	UAT IAT
PATCH /repos/{owner}/{repo}/branches/{branch}/protection/required_status_checks	write	UAT IAT
DELETE /repos/{owner}/{repo}/branches/{branch}/protection/required_status_checks	write	UAT IAT
POST /repos/{owner}/{repo}/branches/{branch}/protection/required_status_checks/contexts	write	UAT IAT
PUT /repos/{owner}/{repo}/branches/{branch}/protection/required_status_checks/contexts	write	UAT IAT
DELETE /repos/{owner}/{repo}/branches/{branch}/protection/required_status_checks/contexts	write	UAT IAT
DELETE /repos/{owner}/{repo}/branches/{branch}/protection/restrictions	write	UAT IAT
POST /repos/{owner}/{repo}/branches/{branch}/protection/restrictions/apps	write	UAT IAT
PUT /repos/{owner}/{repo}/branches/{branch}/protection/restrictions/apps	write	UAT IAT
DELETE /repos/{owner}/{repo}/branches/{branch}/protection/restrictions/apps	write	UAT IAT
POST /repos/{owner}/{repo}/branches/{branch}/protection/restrictions/teams	write	UAT IAT
PUT /repos/{owner}/{repo}/branches/{branch}/protection/restrictions/teams	write	UAT IAT
DELETE /repos/{owner}/{repo}/branches/{branch}/protection/restrictions/teams	write	UAT IAT
POST /repos/{owner}/{repo}/branches/{branch}/protection/restrictions/users	write	UAT IAT
PUT /repos/{owner}/{repo}/branches/{branch}/protection/restrictions/users	write	UAT IAT
DELETE /repos/{owner}/{repo}/branches/{branch}/protection/restrictions/users	write	UAT IAT
PATCH /repos/{owner}/{repo}/code-scanning/default-setup	write	UAT IAT
PUT /repos/{owner}/{repo}/collaborators/{username}	write	UAT IAT
DELETE /repos/{owner}/{repo}/collaborators/{username}	write	UAT IAT
PUT /repos/{owner}/{repo}/environments/{environment_name}	write	UAT IAT
DELETE /repos/{owner}/{repo}/environments/{environment_name}	write	UAT IAT
POST /repos/{owner}/{repo}/environments/{environment_name}/deployment-branch-policies	write	UAT IAT
PUT /repos/{owner}/{repo}/environments/{environment_name}/deployment-branch-policies/{branch_policy_id}	write	UAT IAT
DELETE /repos/{owner}/{repo}/environments/{environment_name}/deployment-branch-policies/{branch_policy_id}	write	UAT IAT
POST /repos/{owner}/{repo}/environments/{environment_name}/deployment_protection_rules	write	UAT IAT
DELETE /repos/{owner}/{repo}/environments/{environment_name}/deployment_protection_rules/{protection_rule_id}	write	UAT IAT
POST /repos/{owner}/{repo}/forks	write	UAT IAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.
PATCH /repos/{owner}/{repo}/invitations/{invitation_id}	write	UAT IAT
DELETE /repos/{owner}/{repo}/invitations/{invitation_id}	write	UAT IAT
POST /repos/{owner}/{repo}/keys	write	UAT IAT
DELETE /repos/{owner}/{repo}/keys/{key_id}	write	UAT IAT
POST /repos/{owner}/{repo}/pages	write	UAT IAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.
PUT /repos/{owner}/{repo}/pages	write	UAT IAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.
DELETE /repos/{owner}/{repo}/pages	write	UAT IAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.
POST /repos/{owner}/{repo}/rulesets	write	UAT IAT
GET /repos/{owner}/{repo}/rulesets/rule-suites	write	UAT IAT
GET /repos/{owner}/{repo}/rulesets/rule-suites/{rule_suite_id}	write	UAT IAT
PUT /repos/{owner}/{repo}/rulesets/{ruleset_id}	write	UAT IAT
DELETE /repos/{owner}/{repo}/rulesets/{ruleset_id}	write	UAT IAT
POST /repos/{owner}/{repo}/tags/protection	write	UAT IAT
DELETE /repos/{owner}/{repo}/tags/protection/{tag_protection_id}	write	UAT IAT
PUT /repos/{owner}/{repo}/topics	write	UAT IAT
POST /repos/{owner}/{repo}/transfer	write	UAT
PUT /repos/{owner}/{repo}/vulnerability-alerts	write	UAT IAT
DELETE /repos/{owner}/{repo}/vulnerability-alerts	write	UAT IAT
POST /repos/{template_owner}/{template_repo}/generate	write	UAT IAT
POST /user/repos	write	UAT
PATCH /user/repository_invitations/{invitation_id}	write	UAT
DELETE /user/repository_invitations/{invitation_id}	write	UAT
GET /repos/{owner}/{repo}/actions/permissions	read	UAT IAT
GET /repos/{owner}/{repo}/actions/permissions/access	read	UAT IAT
GET /repos/{owner}/{repo}/actions/permissions/selected-actions	read	UAT IAT
GET /repos/{owner}/{repo}/actions/permissions/workflow	read	UAT IAT
GET /repos/{owner}/{repo}/actions/runners	read	UAT IAT
GET /repos/{owner}/{repo}/actions/runners/downloads	read	UAT IAT
GET /repos/{owner}/{repo}/actions/runners/{runner_id}	read	UAT IAT
GET /repos/{owner}/{repo}/actions/runners/{runner_id}/labels	read	UAT IAT
GET /repos/{owner}/{repo}/autolinks	read	UAT IAT
GET /repos/{owner}/{repo}/autolinks/{autolink_id}	read	UAT IAT
GET /repos/{owner}/{repo}/automated-security-fixes	read	UAT IAT
GET /repos/{owner}/{repo}/branches/{branch}/protection	read	UAT IAT
GET /repos/{owner}/{repo}/branches/{branch}/protection/enforce_admins	read	UAT IAT
GET /repos/{owner}/{repo}/branches/{branch}/protection/required_pull_request_reviews	read	UAT IAT
GET /repos/{owner}/{repo}/branches/{branch}/protection/required_signatures	read	UAT IAT
GET /repos/{owner}/{repo}/branches/{branch}/protection/required_status_checks	read	UAT IAT
GET /repos/{owner}/{repo}/branches/{branch}/protection/required_status_checks/contexts	read	UAT IAT
GET /repos/{owner}/{repo}/branches/{branch}/protection/restrictions	read	UAT IAT
GET /repos/{owner}/{repo}/branches/{branch}/protection/restrictions/apps	read	UAT IAT
GET /repos/{owner}/{repo}/branches/{branch}/protection/restrictions/teams	read	UAT IAT
GET /repos/{owner}/{repo}/branches/{branch}/protection/restrictions/users	read	UAT IAT
GET /repos/{owner}/{repo}/code-scanning/default-setup	read	UAT IAT
GET /repos/{owner}/{repo}/environments/{environment_name}/deployment_protection_rules/apps	read	UAT IAT
GET /repos/{owner}/{repo}/invitations	read	UAT IAT
GET /repos/{owner}/{repo}/keys	read	UAT IAT
GET /repos/{owner}/{repo}/keys/{key_id}	read	UAT IAT
GET /repos/{owner}/{repo}/replicas/caches	read	UAT IAT
GET /repos/{owner}/{repo}/tags/protection	read	UAT IAT
GET /repos/{owner}/{repo}/teams	read	UAT IAT
GET /repos/{owner}/{repo}/vulnerability-alerts	read	UAT IAT
GET /user/repository_invitations	read	UAT

Repository permissions for "Checks"

Endpoint	Access	Token types	Additional permissions
POST /repos/{owner}/{repo}/check-runs	write	UAT IAT
PATCH /repos/{owner}/{repo}/check-runs/{check_run_id}	write	UAT IAT
POST /repos/{owner}/{repo}/check-runs/{check_run_id}/rerequest	write	UAT IAT
POST /repos/{owner}/{repo}/check-suites	write	UAT IAT
PATCH /repos/{owner}/{repo}/check-suites/preferences	write	UAT IAT
POST /repos/{owner}/{repo}/check-suites/{check_suite_id}/rerequest	write	UAT IAT
POST /repos/{owner}/{repo}/actions/runs/{run_id}/pending_deployments	read	UAT IAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.
GET /repos/{owner}/{repo}/check-runs/{check_run_id}	read	UAT IAT
GET /repos/{owner}/{repo}/check-runs/{check_run_id}/annotations	read	UAT IAT
GET /repos/{owner}/{repo}/check-suites/{check_suite_id}	read	UAT IAT
GET /repos/{owner}/{repo}/check-suites/{check_suite_id}/check-runs	read	UAT IAT
GET /repos/{owner}/{repo}/commits/{ref}/check-runs	read	UAT IAT
GET /repos/{owner}/{repo}/commits/{ref}/check-suites	read	UAT IAT

Repository permissions for "Code scanning alerts"

Endpoint	Access	Token types
PATCH /repos/{owner}/{repo}/code-scanning/alerts/{alert_number}	write	UAT IAT
DELETE /repos/{owner}/{repo}/code-scanning/analyses/{analysis_id}	write	UAT IAT
POST /repos/{owner}/{repo}/code-scanning/sarifs	write	UAT IAT
GET /orgs/{org}/code-scanning/alerts	read	UAT IAT
GET /repos/{owner}/{repo}/code-scanning/alerts	read	UAT IAT
GET /repos/{owner}/{repo}/code-scanning/alerts/{alert_number}	read	UAT IAT
GET /repos/{owner}/{repo}/code-scanning/alerts/{alert_number}/instances	read	UAT IAT
GET /repos/{owner}/{repo}/code-scanning/analyses	read	UAT IAT
GET /repos/{owner}/{repo}/code-scanning/analyses/{analysis_id}	read	UAT IAT
GET /repos/{owner}/{repo}/code-scanning/sarifs/{sarif_id}	read	UAT IAT

Repository permissions for "Commit statuses"

Endpoint	Access	Token types
POST /repos/{owner}/{repo}/statuses/{sha}	write	UAT IAT
GET /repos/{owner}/{repo}/commits/{ref}/status	read	UAT IAT
GET /repos/{owner}/{repo}/commits/{ref}/statuses	read	UAT IAT

Repository permissions for "Contents"

Endpoint	Access	Token types	Additional permissions
POST /repos/{owner}/{repo}/branches/{branch}/rename	write	UAT IAT
PATCH /repos/{owner}/{repo}/comments/{comment_id}	write	UAT IAT
DELETE /repos/{owner}/{repo}/comments/{comment_id}	write	UAT IAT
POST /repos/{owner}/{repo}/comments/{comment_id}/reactions	write	UAT IAT
DELETE /repos/{owner}/{repo}/comments/{comment_id}/reactions/{reaction_id}	write	UAT IAT
PUT /repos/{owner}/{repo}/contents/{path}	write	UAT IAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.
PUT /repos/{owner}/{repo}/contents/{path}	write	UAT IAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.
DELETE /repos/{owner}/{repo}/contents/{path}	write	UAT IAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.
DELETE /repos/{owner}/{repo}/contents/{path}	write	UAT IAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.
POST /repos/{owner}/{repo}/dependency-graph/snapshots	write	UAT IAT
POST /repos/{owner}/{repo}/dispatches	write	UAT IAT
POST /repos/{owner}/{repo}/git/blobs	write	UAT IAT
POST /repos/{owner}/{repo}/git/commits	write	UAT IAT
POST /repos/{owner}/{repo}/git/refs	write	UAT IAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.
POST /repos/{owner}/{repo}/git/refs	write	UAT IAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.
PATCH /repos/{owner}/{repo}/git/refs/{ref}	write	UAT IAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.
PATCH /repos/{owner}/{repo}/git/refs/{ref}	write	UAT IAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.
DELETE /repos/{owner}/{repo}/git/refs/{ref}	write	UAT IAT
POST /repos/{owner}/{repo}/git/tags	write	UAT IAT
POST /repos/{owner}/{repo}/git/trees	write	UAT IAT
POST /repos/{owner}/{repo}/merge-upstream	write	UAT IAT
POST /repos/{owner}/{repo}/merges	write	UAT IAT
PUT /repos/{owner}/{repo}/pulls/{pull_number}/merge	write	UAT IAT
POST /repos/{owner}/{repo}/releases	write	UAT IAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.
POST /repos/{owner}/{repo}/releases	write	UAT IAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.
PATCH /repos/{owner}/{repo}/releases/assets/{asset_id}	write	UAT IAT
DELETE /repos/{owner}/{repo}/releases/assets/{asset_id}	write	UAT IAT
POST /repos/{owner}/{repo}/releases/generate-notes	write	UAT IAT
PATCH /repos/{owner}/{repo}/releases/{release_id}	write	UAT IAT
DELETE /repos/{owner}/{repo}/releases/{release_id}	write	UAT IAT
GET /repos/{owner}/{repo}/activity	read	UAT IAT
GET /repos/{owner}/{repo}/branches	read	UAT IAT
GET /repos/{owner}/{repo}/branches/{branch}	read	UAT IAT
GET /repos/{owner}/{repo}/codeowners/errors	read	UAT IAT
GET /repos/{owner}/{repo}/commits	read	UAT IAT
GET /repos/{owner}/{repo}/commits/{commit_sha}/branches-where-head	read	UAT IAT
POST /repos/{owner}/{repo}/commits/{commit_sha}/comments	read	UAT IAT
GET /repos/{owner}/{repo}/commits/{ref}	read	UAT IAT
GET /repos/{owner}/{repo}/compare/{basehead}	read	UAT IAT
GET /repos/{owner}/{repo}/contents/{path}	read	UAT IAT
GET /repos/{owner}/{repo}/dependency-graph/compare/{basehead}	read	UAT IAT
GET /repos/{owner}/{repo}/dependency-graph/sbom	read	UAT IAT
POST /repos/{owner}/{repo}/forks	read	UAT IAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.
GET /repos/{owner}/{repo}/git/blobs/{file_sha}	read	UAT IAT
GET /repos/{owner}/{repo}/git/commits/{commit_sha}	read	UAT IAT
GET /repos/{owner}/{repo}/git/matching-refs/{ref}	read	UAT IAT
GET /repos/{owner}/{repo}/git/ref/{ref}	read	UAT IAT
GET /repos/{owner}/{repo}/git/tags/{tag_sha}	read	UAT IAT
GET /repos/{owner}/{repo}/git/trees/{tree_sha}	read	UAT IAT
GET /repos/{owner}/{repo}/pulls/{pull_number}	read	UAT IAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.
GET /repos/{owner}/{repo}/releases	read	UAT IAT
GET /repos/{owner}/{repo}/releases/assets/{asset_id}	read	UAT IAT
GET /repos/{owner}/{repo}/releases/latest	read	UAT IAT
GET /repos/{owner}/{repo}/releases/tags/{tag}	read	UAT IAT
GET /repos/{owner}/{repo}/releases/{release_id}	read	UAT IAT
GET /repos/{owner}/{repo}/releases/{release_id}/assets	read	UAT IAT
GET /repos/{owner}/{repo}/tarball/{ref}	read	UAT IAT
GET /repos/{owner}/{repo}/zipball/{ref}	read	UAT IAT

Repository permissions for "Dependabot alerts"

Endpoint	Access	Token types
PATCH /repos/{owner}/{repo}/dependabot/alerts/{alert_number}	write	UAT IAT
GET /orgs/{org}/dependabot/alerts	read	UAT IAT
GET /repos/{owner}/{repo}/dependabot/alerts	read	UAT IAT
GET /repos/{owner}/{repo}/dependabot/alerts/{alert_number}	read	UAT IAT

Repository permissions for "Dependabot secrets"

Endpoint	Access	Token types
PUT /repos/{owner}/{repo}/dependabot/secrets/{secret_name}	write	UAT IAT
DELETE /repos/{owner}/{repo}/dependabot/secrets/{secret_name}	write	UAT IAT
GET /repos/{owner}/{repo}/dependabot/secrets	read	UAT IAT
GET /repos/{owner}/{repo}/dependabot/secrets/public-key	read	UAT IAT
GET /repos/{owner}/{repo}/dependabot/secrets/{secret_name}	read	UAT IAT

Repository permissions for "Deployments"

Endpoint	Access	Token types	Additional permissions
POST /repos/{owner}/{repo}/actions/runs/{run_id}/deployment_protection_rule	write	IAT
POST /repos/{owner}/{repo}/deployments	write	UAT IAT
DELETE /repos/{owner}/{repo}/deployments/{deployment_id}	write	UAT IAT
POST /repos/{owner}/{repo}/deployments/{deployment_id}/statuses	write	UAT IAT
POST /repos/{owner}/{repo}/actions/runs/{run_id}/pending_deployments	read	UAT IAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.
GET /repos/{owner}/{repo}/deployments	read	UAT IAT
GET /repos/{owner}/{repo}/deployments/{deployment_id}	read	UAT IAT
GET /repos/{owner}/{repo}/deployments/{deployment_id}/statuses	read	UAT IAT
GET /repos/{owner}/{repo}/deployments/{deployment_id}/statuses/{status_id}	read	UAT IAT

Repository permissions for "Environments"

Endpoint	Access	Token types	Additional permissions
PUT /repos/{owner}/{repo}/environments/{environment_name}/secrets/{secret_name}	write	UAT IAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.
DELETE /repos/{owner}/{repo}/environments/{environment_name}/secrets/{secret_name}	write	UAT IAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.
POST /repos/{owner}/{repo}/environments/{environment_name}/variables	write	UAT IAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.
PATCH /repos/{owner}/{repo}/environments/{environment_name}/variables/{name}	write	UAT IAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.
DELETE /repos/{owner}/{repo}/environments/{environment_name}/variables/{name}	write	UAT IAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.
GET /repos/{owner}/{repo}/environments/{environment_name}/secrets	read	UAT IAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.
GET /repos/{owner}/{repo}/environments/{environment_name}/secrets/public-key	read	UAT IAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.
GET /repos/{owner}/{repo}/environments/{environment_name}/secrets/{secret_name}	read	UAT IAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.
GET /repos/{owner}/{repo}/environments/{environment_name}/variables	read	UAT IAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.
GET /repos/{owner}/{repo}/environments/{environment_name}/variables/{name}	read	UAT IAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.

Repository permissions for "Issues"

Endpoint	Access	Token types	Additional permissions
POST /repos/{owner}/{repo}/issues	write	UAT IAT
PATCH /repos/{owner}/{repo}/issues/comments/{comment_id}	write	UAT IAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.
DELETE /repos/{owner}/{repo}/issues/comments/{comment_id}	write	UAT IAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.
POST /repos/{owner}/{repo}/issues/comments/{comment_id}/reactions	write	UAT IAT
DELETE /repos/{owner}/{repo}/issues/comments/{comment_id}/reactions/{reaction_id}	write	UAT IAT
PATCH /repos/{owner}/{repo}/issues/{issue_number}	write	UAT IAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.
POST /repos/{owner}/{repo}/issues/{issue_number}/assignees	write	UAT IAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.
DELETE /repos/{owner}/{repo}/issues/{issue_number}/assignees	write	UAT IAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.
POST /repos/{owner}/{repo}/issues/{issue_number}/comments	write	UAT IAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.
POST /repos/{owner}/{repo}/issues/{issue_number}/labels	write	UAT IAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.
PUT /repos/{owner}/{repo}/issues/{issue_number}/labels	write	UAT IAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.
DELETE /repos/{owner}/{repo}/issues/{issue_number}/labels	write	UAT IAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.
DELETE /repos/{owner}/{repo}/issues/{issue_number}/labels/{name}	write	UAT IAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.
PUT /repos/{owner}/{repo}/issues/{issue_number}/lock	write	UAT IAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.
DELETE /repos/{owner}/{repo}/issues/{issue_number}/lock	write	UAT IAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.
POST /repos/{owner}/{repo}/issues/{issue_number}/reactions	write	UAT IAT
DELETE /repos/{owner}/{repo}/issues/{issue_number}/reactions/{reaction_id}	write	UAT IAT
POST /repos/{owner}/{repo}/labels	write	UAT IAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.
PATCH /repos/{owner}/{repo}/labels/{name}	write	UAT IAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.
DELETE /repos/{owner}/{repo}/labels/{name}	write	UAT IAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.
POST /repos/{owner}/{repo}/milestones	write	UAT IAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.
PATCH /repos/{owner}/{repo}/milestones/{milestone_number}	write	UAT IAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.
DELETE /repos/{owner}/{repo}/milestones/{milestone_number}	write	UAT IAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.
GET /repos/{owner}/{repo}/assignees	read	UAT IAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.
GET /repos/{owner}/{repo}/assignees/{assignee}	read	UAT IAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.
GET /repos/{owner}/{repo}/issues	read	UAT IAT
GET /repos/{owner}/{repo}/issues/comments	read	UAT IAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.
GET /repos/{owner}/{repo}/issues/comments/{comment_id}	read	UAT IAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.
GET /repos/{owner}/{repo}/issues/comments/{comment_id}/reactions	read	UAT IAT
GET /repos/{owner}/{repo}/issues/events	read	UAT IAT
GET /repos/{owner}/{repo}/issues/events/{event_id}	read	UAT IAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.
GET /repos/{owner}/{repo}/issues/{issue_number}	read	UAT IAT
GET /repos/{owner}/{repo}/issues/{issue_number}/assignees/{assignee}	read	UAT IAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.
GET /repos/{owner}/{repo}/issues/{issue_number}/comments	read	UAT IAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.
GET /repos/{owner}/{repo}/issues/{issue_number}/events	read	UAT IAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.
GET /repos/{owner}/{repo}/issues/{issue_number}/labels	read	UAT IAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.
GET /repos/{owner}/{repo}/issues/{issue_number}/reactions	read	UAT IAT
GET /repos/{owner}/{repo}/issues/{issue_number}/timeline	read	UAT IAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.
GET /repos/{owner}/{repo}/labels	read	UAT IAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.
GET /repos/{owner}/{repo}/labels/{name}	read	UAT IAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.
GET /repos/{owner}/{repo}/milestones	read	UAT IAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.
GET /repos/{owner}/{repo}/milestones/{milestone_number}	read	UAT IAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.
GET /repos/{owner}/{repo}/milestones/{milestone_number}/labels	read	UAT IAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.

Repository permissions for "Metadata"

Endpoint	Access	Token types	Additional permissions
GET /notifications	read	UAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.
PUT /orgs/{org}/actions/permissions/repositories/{repository_id}	read	UAT IAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.
DELETE /orgs/{org}/actions/permissions/repositories/{repository_id}	read	UAT IAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.
PUT /orgs/{org}/actions/runner-groups/{runner_group_id}/repositories/{repository_id}	read	UAT IAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.
DELETE /orgs/{org}/actions/runner-groups/{runner_group_id}/repositories/{repository_id}	read	UAT IAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.
PUT /orgs/{org}/actions/secrets/{secret_name}/repositories/{repository_id}	read	UAT IAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.
DELETE /orgs/{org}/actions/secrets/{secret_name}/repositories/{repository_id}	read	UAT IAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.
PUT /orgs/{org}/actions/variables/{name}/repositories/{repository_id}	read	UAT IAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.
DELETE /orgs/{org}/actions/variables/{name}/repositories/{repository_id}	read	UAT IAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.
PUT /orgs/{org}/dependabot/secrets/{secret_name}/repositories/{repository_id}	read	UAT IAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.
DELETE /orgs/{org}/dependabot/secrets/{secret_name}/repositories/{repository_id}	read	UAT IAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.
GET /orgs/{org}/repos	read	UAT IAT
GET /repos/{owner}/{repo}	read	UAT IAT
GET /repos/{owner}/{repo}/collaborators	read	UAT IAT
GET /repos/{owner}/{repo}/collaborators/{username}	read	UAT IAT
GET /repos/{owner}/{repo}/collaborators/{username}/permission	read	UAT IAT
GET /repos/{owner}/{repo}/comments	read	UAT IAT
GET /repos/{owner}/{repo}/comments/{comment_id}	read	UAT IAT
GET /repos/{owner}/{repo}/comments/{comment_id}/reactions	read	UAT IAT
GET /repos/{owner}/{repo}/commits/{commit_sha}/comments	read	UAT IAT
GET /repos/{owner}/{repo}/contributors	read	UAT IAT
GET /repos/{owner}/{repo}/events	read	UAT IAT
GET /repos/{owner}/{repo}/forks	read	UAT IAT
GET /repos/{owner}/{repo}/languages	read	UAT IAT
GET /repos/{owner}/{repo}/license	read	UAT IAT
GET /repos/{owner}/{repo}/rules/branches/{branch}	read	UAT IAT
GET /repos/{owner}/{repo}/rulesets	read	UAT IAT
GET /repos/{owner}/{repo}/rulesets/{ruleset_id}	read	UAT IAT
GET /repos/{owner}/{repo}/stargazers	read	UAT IAT
GET /repos/{owner}/{repo}/stats/code_frequency	read	UAT IAT
GET /repos/{owner}/{repo}/stats/commit_activity	read	UAT IAT
GET /repos/{owner}/{repo}/stats/contributors	read	UAT IAT
GET /repos/{owner}/{repo}/stats/participation	read	UAT IAT
GET /repos/{owner}/{repo}/stats/punch_card	read	UAT IAT
GET /repos/{owner}/{repo}/subscribers	read	UAT IAT
GET /repos/{owner}/{repo}/tags	read	UAT IAT
GET /repos/{owner}/{repo}/topics	read	UAT IAT
GET /repositories	read	UAT IAT
GET /search/labels	read	UAT IAT
GET /user/installations/{installation_id}/repositories	read	UAT
GET /user/repos	read	UAT
GET /user/starred/{owner}/{repo}	read	UAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.
PUT /user/starred/{owner}/{repo}	read	UAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.
DELETE /user/starred/{owner}/{repo}	read	UAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.
GET /users/{username}/repos	read	UAT IAT

Repository permissions for "Pages"

Endpoint	Access	Token types	Additional permissions
POST /repos/{owner}/{repo}/pages	write	UAT IAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.
PUT /repos/{owner}/{repo}/pages	write	UAT IAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.
DELETE /repos/{owner}/{repo}/pages	write	UAT IAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.
POST /repos/{owner}/{repo}/pages/builds	write	UAT IAT
POST /repos/{owner}/{repo}/pages/deployments	write	UAT IAT
GET /repos/{owner}/{repo}/pages	read	UAT IAT
GET /repos/{owner}/{repo}/pages/builds	read	UAT IAT
GET /repos/{owner}/{repo}/pages/builds/latest	read	UAT IAT
GET /repos/{owner}/{repo}/pages/builds/{build_id}	read	UAT IAT

Repository permissions for "Pre-receive hooks"

Endpoint	Access	Token types
PATCH /repos/{owner}/{repo}/pre-receive-hooks/{pre_receive_hook_id}	write	UAT IAT
DELETE /repos/{owner}/{repo}/pre-receive-hooks/{pre_receive_hook_id}	write	UAT IAT
GET /repos/{owner}/{repo}/pre-receive-hooks	read	UAT IAT
GET /repos/{owner}/{repo}/pre-receive-hooks/{pre_receive_hook_id}	read	UAT IAT

Repository permissions for "Projects"

Endpoint	Access	Token types	Additional permissions
PATCH /projects/columns/cards/{card_id}	write	UAT IAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.
DELETE /projects/columns/cards/{card_id}	write	UAT IAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.
POST /projects/columns/cards/{card_id}/moves	write	UAT IAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.
PATCH /projects/columns/{column_id}	write	UAT IAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.
DELETE /projects/columns/{column_id}	write	UAT IAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.
POST /projects/columns/{column_id}/cards	write	UAT IAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.
POST /projects/columns/{column_id}/moves	write	UAT IAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.
PATCH /projects/{project_id}	write	UAT IAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.
DELETE /projects/{project_id}	write	UAT IAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.
GET /projects/{project_id}/collaborators	write	UAT IAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.
PUT /projects/{project_id}/collaborators/{username}	write	UAT IAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.
DELETE /projects/{project_id}/collaborators/{username}	write	UAT IAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.
GET /projects/{project_id}/collaborators/{username}/permission	write	UAT IAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.
POST /projects/{project_id}/columns	write	UAT IAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.
POST /repos/{owner}/{repo}/projects	write	UAT IAT
GET /projects/columns/cards/{card_id}	read	UAT IAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.
GET /projects/columns/{column_id}	read	UAT IAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.
GET /projects/columns/{column_id}/cards	read	UAT IAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.
GET /projects/{project_id}	read	UAT IAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.
GET /projects/{project_id}/columns	read	UAT IAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.
GET /repos/{owner}/{repo}/projects	read	UAT IAT

Repository permissions for "Pull requests"

Endpoint	Access	Token types	Additional permissions
PATCH /repos/{owner}/{repo}/issues/comments/{comment_id}	write	UAT IAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.
DELETE /repos/{owner}/{repo}/issues/comments/{comment_id}	write	UAT IAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.
PATCH /repos/{owner}/{repo}/issues/{issue_number}	write	UAT IAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.
POST /repos/{owner}/{repo}/issues/{issue_number}/assignees	write	UAT IAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.
DELETE /repos/{owner}/{repo}/issues/{issue_number}/assignees	write	UAT IAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.
POST /repos/{owner}/{repo}/issues/{issue_number}/comments	write	UAT IAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.
POST /repos/{owner}/{repo}/issues/{issue_number}/labels	write	UAT IAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.
PUT /repos/{owner}/{repo}/issues/{issue_number}/labels	write	UAT IAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.
DELETE /repos/{owner}/{repo}/issues/{issue_number}/labels	write	UAT IAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.
DELETE /repos/{owner}/{repo}/issues/{issue_number}/labels/{name}	write	UAT IAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.
PUT /repos/{owner}/{repo}/issues/{issue_number}/lock	write	UAT IAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.
DELETE /repos/{owner}/{repo}/issues/{issue_number}/lock	write	UAT IAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.
POST /repos/{owner}/{repo}/labels	write	UAT IAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.
PATCH /repos/{owner}/{repo}/labels/{name}	write	UAT IAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.
DELETE /repos/{owner}/{repo}/labels/{name}	write	UAT IAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.
POST /repos/{owner}/{repo}/milestones	write	UAT IAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.
PATCH /repos/{owner}/{repo}/milestones/{milestone_number}	write	UAT IAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.
DELETE /repos/{owner}/{repo}/milestones/{milestone_number}	write	UAT IAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.
POST /repos/{owner}/{repo}/pulls	write	UAT IAT
PATCH /repos/{owner}/{repo}/pulls/comments/{comment_id}	write	UAT IAT
DELETE /repos/{owner}/{repo}/pulls/comments/{comment_id}	write	UAT IAT
POST /repos/{owner}/{repo}/pulls/comments/{comment_id}/reactions	write	UAT IAT
DELETE /repos/{owner}/{repo}/pulls/comments/{comment_id}/reactions/{reaction_id}	write	UAT IAT
PATCH /repos/{owner}/{repo}/pulls/{pull_number}	write	UAT IAT
POST /repos/{owner}/{repo}/pulls/{pull_number}/comments	write	UAT IAT
POST /repos/{owner}/{repo}/pulls/{pull_number}/comments/{comment_id}/replies	write	UAT IAT
POST /repos/{owner}/{repo}/pulls/{pull_number}/requested_reviewers	write	UAT IAT
DELETE /repos/{owner}/{repo}/pulls/{pull_number}/requested_reviewers	write	UAT IAT
POST /repos/{owner}/{repo}/pulls/{pull_number}/reviews	write	UAT IAT
PUT /repos/{owner}/{repo}/pulls/{pull_number}/reviews/{review_id}	write	UAT IAT
DELETE /repos/{owner}/{repo}/pulls/{pull_number}/reviews/{review_id}	write	UAT IAT
PUT /repos/{owner}/{repo}/pulls/{pull_number}/reviews/{review_id}/dismissals	write	UAT IAT
POST /repos/{owner}/{repo}/pulls/{pull_number}/reviews/{review_id}/events	write	UAT IAT
PUT /repos/{owner}/{repo}/pulls/{pull_number}/update-branch	write	UAT IAT
GET /repos/{owner}/{repo}/assignees	read	UAT IAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.
GET /repos/{owner}/{repo}/assignees/{assignee}	read	UAT IAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.
GET /repos/{owner}/{repo}/commits/{commit_sha}/pulls	read	UAT IAT
GET /repos/{owner}/{repo}/issues/comments	read	UAT IAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.
GET /repos/{owner}/{repo}/issues/comments/{comment_id}	read	UAT IAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.
GET /repos/{owner}/{repo}/issues/events/{event_id}	read	UAT IAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.
GET /repos/{owner}/{repo}/issues/{issue_number}/assignees/{assignee}	read	UAT IAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.
GET /repos/{owner}/{repo}/issues/{issue_number}/comments	read	UAT IAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.
GET /repos/{owner}/{repo}/issues/{issue_number}/events	read	UAT IAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.
GET /repos/{owner}/{repo}/issues/{issue_number}/labels	read	UAT IAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.
GET /repos/{owner}/{repo}/issues/{issue_number}/timeline	read	UAT IAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.
GET /repos/{owner}/{repo}/labels	read	UAT IAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.
GET /repos/{owner}/{repo}/labels/{name}	read	UAT IAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.
GET /repos/{owner}/{repo}/milestones	read	UAT IAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.
GET /repos/{owner}/{repo}/milestones/{milestone_number}	read	UAT IAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.
GET /repos/{owner}/{repo}/milestones/{milestone_number}/labels	read	UAT IAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.
GET /repos/{owner}/{repo}/pulls	read	UAT IAT
GET /repos/{owner}/{repo}/pulls/comments	read	UAT IAT
GET /repos/{owner}/{repo}/pulls/comments/{comment_id}	read	UAT IAT
GET /repos/{owner}/{repo}/pulls/comments/{comment_id}/reactions	read	UAT IAT
GET /repos/{owner}/{repo}/pulls/{pull_number}	read	UAT IAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.
GET /repos/{owner}/{repo}/pulls/{pull_number}/comments	read	UAT IAT
GET /repos/{owner}/{repo}/pulls/{pull_number}/commits	read	UAT IAT
GET /repos/{owner}/{repo}/pulls/{pull_number}/files	read	UAT IAT
GET /repos/{owner}/{repo}/pulls/{pull_number}/merge	read	UAT IAT
GET /repos/{owner}/{repo}/pulls/{pull_number}/requested_reviewers	read	UAT IAT
GET /repos/{owner}/{repo}/pulls/{pull_number}/reviews	read	UAT IAT
GET /repos/{owner}/{repo}/pulls/{pull_number}/reviews/{review_id}	read	UAT IAT
GET /repos/{owner}/{repo}/pulls/{pull_number}/reviews/{review_id}/comments	read	UAT IAT

Repository permissions for "Secret scanning alerts"

Endpoint	Access	Token types
PATCH /repos/{owner}/{repo}/secret-scanning/alerts/{alert_number}	write	UAT IAT
GET /orgs/{org}/secret-scanning/alerts	read	UAT IAT
GET /repos/{owner}/{repo}/secret-scanning/alerts	read	UAT IAT
GET /repos/{owner}/{repo}/secret-scanning/alerts/{alert_number}	read	UAT IAT
GET /repos/{owner}/{repo}/secret-scanning/alerts/{alert_number}/locations	read	UAT IAT

Repository permissions for "Secrets"

Endpoint	Access	Token types	Additional permissions
PUT /repos/{owner}/{repo}/actions/secrets/{secret_name}	write	UAT IAT
DELETE /repos/{owner}/{repo}/actions/secrets/{secret_name}	write	UAT IAT
PUT /repos/{owner}/{repo}/environments/{environment_name}/secrets/{secret_name}	write	UAT IAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.
DELETE /repos/{owner}/{repo}/environments/{environment_name}/secrets/{secret_name}	write	UAT IAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.
GET /repos/{owner}/{repo}/actions/organization-secrets	read	UAT IAT
GET /repos/{owner}/{repo}/actions/secrets	read	UAT IAT
GET /repos/{owner}/{repo}/actions/secrets/public-key	read	UAT IAT
GET /repos/{owner}/{repo}/actions/secrets/{secret_name}	read	UAT IAT
GET /repos/{owner}/{repo}/environments/{environment_name}/secrets	read	UAT IAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.
GET /repos/{owner}/{repo}/environments/{environment_name}/secrets/public-key	read	UAT IAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.
GET /repos/{owner}/{repo}/environments/{environment_name}/secrets/{secret_name}	read	UAT IAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.

Repository permissions for "Variables"

Endpoint	Access	Token types	Additional permissions
POST /repos/{owner}/{repo}/actions/variables	write	UAT IAT
PATCH /repos/{owner}/{repo}/actions/variables/{name}	write	UAT IAT
DELETE /repos/{owner}/{repo}/actions/variables/{name}	write	UAT IAT
POST /repos/{owner}/{repo}/environments/{environment_name}/variables	write	UAT IAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.
PATCH /repos/{owner}/{repo}/environments/{environment_name}/variables/{name}	write	UAT IAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.
DELETE /repos/{owner}/{repo}/environments/{environment_name}/variables/{name}	write	UAT IAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.
GET /repos/{owner}/{repo}/actions/organization-variables	read	UAT IAT
GET /repos/{owner}/{repo}/actions/variables	read	UAT IAT
GET /repos/{owner}/{repo}/actions/variables/{name}	read	UAT IAT
GET /repos/{owner}/{repo}/environments/{environment_name}/variables	read	UAT IAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.
GET /repos/{owner}/{repo}/environments/{environment_name}/variables/{name}	read	UAT IAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.

Repository permissions for "Webhooks"

Endpoint	Access	Token types
POST /repos/{owner}/{repo}/hooks	write	UAT IAT
PATCH /repos/{owner}/{repo}/hooks/{hook_id}	write	UAT IAT
DELETE /repos/{owner}/{repo}/hooks/{hook_id}	write	UAT IAT
PATCH /repos/{owner}/{repo}/hooks/{hook_id}/config	write	UAT IAT
POST /repos/{owner}/{repo}/hooks/{hook_id}/deliveries/{delivery_id}/attempts	write	UAT IAT
GET /repos/{owner}/{repo}/hooks	read	UAT IAT
GET /repos/{owner}/{repo}/hooks/{hook_id}	read	UAT IAT
GET /repos/{owner}/{repo}/hooks/{hook_id}/config	read	UAT IAT
GET /repos/{owner}/{repo}/hooks/{hook_id}/deliveries	read	UAT IAT
GET /repos/{owner}/{repo}/hooks/{hook_id}/deliveries/{delivery_id}	read	UAT IAT
POST /repos/{owner}/{repo}/hooks/{hook_id}/pings	read	UAT IAT
POST /repos/{owner}/{repo}/hooks/{hook_id}/tests	read	UAT IAT

Repository permissions for "Workflows"

Endpoint	Access	Token types	Additional permissions
PUT /repos/{owner}/{repo}/contents/{path}	write	UAT IAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.
DELETE /repos/{owner}/{repo}/contents/{path}	write	UAT IAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.
POST /repos/{owner}/{repo}/git/refs	write	UAT IAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.
PATCH /repos/{owner}/{repo}/git/refs/{ref}	write	UAT IAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.
POST /repos/{owner}/{repo}/releases	write	UAT IAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.

User permissions for "Email addresses"

Endpoint	Access	Token types
POST /user/emails	write	UAT
DELETE /user/emails	write	UAT
GET /user/emails	read	UAT
GET /user/public_emails	read	UAT

User permissions for "Followers"

Endpoint	Access	Token types
PUT /user/following/{username}	write	UAT
DELETE /user/following/{username}	write	UAT
GET /user/followers	read	UAT
GET /user/following	read	UAT
GET /user/following/{username}	read	UAT

User permissions for "GPG keys"

Endpoint	Access	Token types
POST /user/gpg_keys	write	UAT
DELETE /user/gpg_keys/{gpg_key_id}	write	UAT
GET /user/gpg_keys	read	UAT
GET /user/gpg_keys/{gpg_key_id}	read	UAT

User permissions for "Gists"

Endpoint	Access	Token types
POST /gists	write	UAT
PATCH /gists/{gist_id}	write	UAT
DELETE /gists/{gist_id}	write	UAT
POST /gists/{gist_id}/comments	write	UAT
PATCH /gists/{gist_id}/comments/{comment_id}	write	UAT
DELETE /gists/{gist_id}/comments/{comment_id}	write	UAT
POST /gists/{gist_id}/forks	write	UAT
PUT /gists/{gist_id}/star	write	UAT
DELETE /gists/{gist_id}/star	write	UAT

User permissions for "Git SSH keys"

Endpoint	Access	Token types
POST /user/keys	write	UAT
DELETE /user/keys/{key_id}	write	UAT
GET /user/keys	read	UAT
GET /user/keys/{key_id}	read	UAT
GET /users/{username}/keys	read	UAT IAT

User permissions for "Notifications"

Endpoint	Access	Token types	Additional permissions
GET /notifications	read	UAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.

User permissions for "Profile"

Endpoint	Access	Token types
PATCH /user	write	UAT
POST /user/social_accounts	write	UAT
DELETE /user/social_accounts	write	UAT

User permissions for "SSH signing keys"

Endpoint	Access	Token types
POST /user/ssh_signing_keys	write	UAT
DELETE /user/ssh_signing_keys/{ssh_signing_key_id}	write	UAT
GET /user/ssh_signing_keys	read	UAT
GET /user/ssh_signing_keys/{ssh_signing_key_id}	read	UAT

User permissions for "Starring"

Endpoint	Access	Token types	Additional permissions
PUT /user/starred/{owner}/{repo}	write	UAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.
DELETE /user/starred/{owner}/{repo}	write	UAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.
GET /user/starred	read	UAT
GET /user/starred/{owner}/{repo}	read	UAT	Multiple permissions are required, or a different permission may be used. For more information about the permissions, see the documentation for this endpoint.
GET /users/{username}/starred	read	UAT IAT

User permissions for "Watching"

Endpoint	Access	Token types	Additional permissions
GET /user/subscriptions	read	UAT
GET /users/{username}/subscriptions	read	UAT IAT

Permissions required for GitHub Apps

In this article