À propos des autorisations de GitHub App
Les GitHub Apps sont créées avec un ensemble d’autorisations. Les autorisations définissent les ressources auxquelles l’GitHub App peuvent accéder via l’API. Pour plus d’informations, consultez « Choix des autorisations pour une application GitHub ».
Pour vous aider à choisir les autorisations appropriées, vous recevrez l’en-tête X-Accepted-GitHub-Permissions
dans la réponse de l’API REST. L’en-tête vous indique les autorisations requises pour accéder au point de terminaison. Pour plus d’informations, consultez « Résolution des problèmes de l’API REST ».
Ces autorisations sont nécessaires pour accéder aux ressources privées. Certains points de terminaison peuvent également être utilisés pour accéder à des ressources publiques sans ces autorisations. Consultez la documentation d’un point de terminaison pour savoir si ce dernier peut accéder aux ressources publiques sans autorisation.
Certains points de terminaison nécessitent plusieurs autorisations. D’autres points de terminaison fonctionnent avec n’importe quelle autorisation d’un ensemble d’autorisations. Dans ce cas, la colonne « Autorisations supplémentaires » comprend une coche. Consultez la documentation d’un point de terminaison pour obtenir plus d’informations sur les autorisations requises pour l’utiliser.
Business permissions for "Enterprise administration"
Organization permissions for "Administration"
Organization permissions for "Custom repository roles"
Organization permissions for "Events"
Point de terminaison | Access | Types de jetons | Autorisations supplémentaires |
---|---|---|---|
GET /users/{username}/events/orgs/{org} | read | UAT |
Organization permissions for "Members"
Organization permissions for "Organization announcement banners"
Point de terminaison | Access | Types de jetons | Autorisations supplémentaires |
---|---|---|---|
PATCH /orgs/{org}/announcement | write | UAT IAT | |
DELETE /orgs/{org}/announcement | write | UAT IAT | |
GET /orgs/{org}/announcement | read | UAT IAT |
Organization permissions for "Organization dependabot secrets"
Organization permissions for "Personal access token requests"
Point de terminaison | Access | Types de jetons | Autorisations supplémentaires |
---|---|---|---|
POST /orgs/{org}/personal-access-token-requests | write | UAT IAT | |
POST /orgs/{org}/personal-access-token-requests/{pat_request_id} | write | UAT IAT | |
GET /orgs/{org}/personal-access-token-requests | read | UAT IAT | |
GET /orgs/{org}/personal-access-token-requests/{pat_request_id}/repositories | read | UAT IAT |
Organization permissions for "Personal access tokens"
Point de terminaison | Access | Types de jetons | Autorisations supplémentaires |
---|---|---|---|
POST /orgs/{org}/personal-access-tokens | write | UAT IAT | |
POST /orgs/{org}/personal-access-tokens/{pat_id} | write | UAT IAT | |
GET /orgs/{org}/personal-access-tokens | read | UAT IAT | |
GET /orgs/{org}/personal-access-tokens/{pat_id}/repositories | read | UAT IAT |
Organization permissions for "Pre-receive hooks"
Point de terminaison | Access | Types de jetons | Autorisations supplémentaires |
---|---|---|---|
PATCH /orgs/{org}/pre-receive-hooks/{pre_receive_hook_id} | write | UAT IAT | |
DELETE /orgs/{org}/pre-receive-hooks/{pre_receive_hook_id} | write | UAT IAT | |
GET /orgs/{org}/pre-receive-hooks | read | UAT IAT | |
GET /orgs/{org}/pre-receive-hooks/{pre_receive_hook_id} | read | UAT IAT |
Organization permissions for "Projects"
Organization permissions for "Secrets"
Organization permissions for "Self-hosted runners"
Organization permissions for "Team discussions"
Point de terminaison | Access | Types de jetons | Autorisations supplémentaires |
---|---|---|---|
DELETE /orgs/{org}/teams/{team_slug}/discussions/{discussion_number}/comments/{comment_number}/reactions/{reaction_id} | write | UAT IAT | |
DELETE /orgs/{org}/teams/{team_slug}/discussions/{discussion_number}/reactions/{reaction_id} | write | UAT IAT |
Organization permissions for "Variables"
Organization permissions for "Webhooks"
Repository permissions for "Actions"
Repository permissions for "Administration"
Repository permissions for "Checks"
Repository permissions for "Code scanning alerts"
Repository permissions for "Commit statuses"
Point de terminaison | Access | Types de jetons | Autorisations supplémentaires |
---|---|---|---|
POST /repos/{owner}/{repo}/statuses/{sha} | write | UAT IAT | |
GET /repos/{owner}/{repo}/commits/{ref}/status | read | UAT IAT | |
GET /repos/{owner}/{repo}/commits/{ref}/statuses | read | UAT IAT |
Repository permissions for "Contents"
Repository permissions for "Dependabot alerts"
Point de terminaison | Access | Types de jetons | Autorisations supplémentaires |
---|---|---|---|
PATCH /repos/{owner}/{repo}/dependabot/alerts/{alert_number} | write | UAT IAT | |
GET /orgs/{org}/dependabot/alerts | read | UAT IAT | |
GET /repos/{owner}/{repo}/dependabot/alerts | read | UAT IAT | |
GET /repos/{owner}/{repo}/dependabot/alerts/{alert_number} | read | UAT IAT |
Repository permissions for "Dependabot secrets"
Point de terminaison | Access | Types de jetons | Autorisations supplémentaires |
---|---|---|---|
PUT /repos/{owner}/{repo}/dependabot/secrets/{secret_name} | write | UAT IAT | |
DELETE /repos/{owner}/{repo}/dependabot/secrets/{secret_name} | write | UAT IAT | |
GET /repos/{owner}/{repo}/dependabot/secrets | read | UAT IAT | |
GET /repos/{owner}/{repo}/dependabot/secrets/public-key | read | UAT IAT | |
GET /repos/{owner}/{repo}/dependabot/secrets/{secret_name} | read | UAT IAT |
Repository permissions for "Deployments"
Repository permissions for "Environments"
Repository permissions for "Issues"
Repository permissions for "Metadata"
Repository permissions for "Pages"
Repository permissions for "Pre-receive hooks"
Point de terminaison | Access | Types de jetons | Autorisations supplémentaires |
---|---|---|---|
PATCH /repos/{owner}/{repo}/pre-receive-hooks/{pre_receive_hook_id} | write | UAT IAT | |
DELETE /repos/{owner}/{repo}/pre-receive-hooks/{pre_receive_hook_id} | write | UAT IAT | |
GET /repos/{owner}/{repo}/pre-receive-hooks | read | UAT IAT | |
GET /repos/{owner}/{repo}/pre-receive-hooks/{pre_receive_hook_id} | read | UAT IAT |
Repository permissions for "Projects"
Repository permissions for "Pull requests"
Repository permissions for "Secret scanning alerts"
Point de terminaison | Access | Types de jetons | Autorisations supplémentaires |
---|---|---|---|
PATCH /repos/{owner}/{repo}/secret-scanning/alerts/{alert_number} | write | UAT IAT | |
GET /orgs/{org}/secret-scanning/alerts | read | UAT IAT | |
GET /repos/{owner}/{repo}/secret-scanning/alerts | read | UAT IAT | |
GET /repos/{owner}/{repo}/secret-scanning/alerts/{alert_number} | read | UAT IAT | |
GET /repos/{owner}/{repo}/secret-scanning/alerts/{alert_number}/locations | read | UAT IAT |
Repository permissions for "Secrets"
Repository permissions for "Variables"
Repository permissions for "Webhooks"
Repository permissions for "Workflows"
User permissions for "Email addresses"
Point de terminaison | Access | Types de jetons | Autorisations supplémentaires |
---|---|---|---|
POST /user/emails | write | UAT | |
DELETE /user/emails | write | UAT | |
GET /user/emails | read | UAT | |
GET /user/public_emails | read | UAT |
User permissions for "Followers"
Point de terminaison | Access | Types de jetons | Autorisations supplémentaires |
---|---|---|---|
PUT /user/following/{username} | write | UAT | |
DELETE /user/following/{username} | write | UAT | |
GET /user/followers | read | UAT | |
GET /user/following | read | UAT | |
GET /user/following/{username} | read | UAT |
User permissions for "GPG keys"
Point de terminaison | Access | Types de jetons | Autorisations supplémentaires |
---|---|---|---|
POST /user/gpg_keys | write | UAT | |
DELETE /user/gpg_keys/{gpg_key_id} | write | UAT | |
GET /user/gpg_keys | read | UAT | |
GET /user/gpg_keys/{gpg_key_id} | read | UAT |
User permissions for "Gists"
Point de terminaison | Access | Types de jetons | Autorisations supplémentaires |
---|---|---|---|
POST /gists | write | UAT | |
PATCH /gists/{gist_id} | write | UAT | |
DELETE /gists/{gist_id} | write | UAT | |
POST /gists/{gist_id}/comments | write | UAT | |
PATCH /gists/{gist_id}/comments/{comment_id} | write | UAT | |
DELETE /gists/{gist_id}/comments/{comment_id} | write | UAT | |
POST /gists/{gist_id}/forks | write | UAT | |
PUT /gists/{gist_id}/star | write | UAT | |
DELETE /gists/{gist_id}/star | write | UAT |
User permissions for "Git SSH keys"
Point de terminaison | Access | Types de jetons | Autorisations supplémentaires |
---|---|---|---|
POST /user/keys | write | UAT | |
DELETE /user/keys/{key_id} | write | UAT | |
GET /user/keys | read | UAT | |
GET /user/keys/{key_id} | read | UAT | |
GET /users/{username}/keys | read | UAT IAT |
User permissions for "Notifications"
Point de terminaison | Access | Types de jetons | Autorisations supplémentaires |
---|---|---|---|
GET /notifications | read | UAT | Plusieurs autorisations sont requises, ou une autre autorisation peut être utilisée. Pour plus d’informations sur les autorisations, consultez la documentation pour ce point de terminaison. |
User permissions for "Profile"
Point de terminaison | Access | Types de jetons | Autorisations supplémentaires |
---|---|---|---|
PATCH /user | write | UAT | |
POST /user/social_accounts | write | UAT | |
DELETE /user/social_accounts | write | UAT |
User permissions for "SSH signing keys"
Point de terminaison | Access | Types de jetons | Autorisations supplémentaires |
---|---|---|---|
POST /user/ssh_signing_keys | write | UAT | |
DELETE /user/ssh_signing_keys/{ssh_signing_key_id} | write | UAT | |
GET /user/ssh_signing_keys | read | UAT | |
GET /user/ssh_signing_keys/{ssh_signing_key_id} | read | UAT |
User permissions for "Starring"
User permissions for "Watching"
Point de terminaison | Access | Types de jetons | Autorisations supplémentaires |
---|---|---|---|
GET /user/subscriptions | read | UAT | |
GET /users/{username}/subscriptions | read | UAT IAT |