Sobre as permissões de GitHub App
GitHub Apps são criadas com um conjunto de permissões. As permissões definem quais recursos o GitHub App pode acessar através da API. Para saber mais, confira Escolhendo permissões para um Aplicativo GitHub.
Para ajudar você a escolher as permissões corretas, você receberá o cabeçalho X-Accepted-GitHub-Permissions na resposta da API REST. O cabeçalho informará quais permissões são necessárias para acessar o ponto de extremidade. Para obter mais informações, confira "Solucionar problemas do API REST".
Essas permissões são necessárias para a obtenção de acesso a recursos privados. Alguns pontos de extremidade também podem ser usados para acessar recursos públicos sem essas permissões. Para visualizar se um ponto de extremidade pode ter acesso a recursos públicos sem a necessidade de permissões, confira a documentação para esse ponto de extremidade.
Alguns pontos de extremidade requerem mais de uma permissão. Outros pontos de extremidade funcionam com qualquer permissão de um conjunto de permissões. Nesses casos, a coluna “Permissões adicionais” incluirá uma marca de verificação. Para obter detalhes completos sobre as permissões necessárias para usar o ponto de extremidade, confira a documentação para esse ponto de extremidade.
Organization permissions for "Administration"
Organization permissions for "Custom repository roles"
Organization permissions for "Events"
| Ponto de extremidade | Access | Tipos de token | Permissões adicionais |
|---|---|---|---|
| GET /users/{username}/events/orgs/{org} | read | UAT |
Organization permissions for "Members"
Organization permissions for "Organization announcement banners"
| Ponto de extremidade | Access | Tipos de token | Permissões adicionais |
|---|---|---|---|
| PATCH /orgs/{org}/announcement | write | UAT IAT | |
| DELETE /orgs/{org}/announcement | write | UAT IAT | |
| GET /orgs/{org}/announcement | read | UAT IAT |
Organization permissions for "Organization dependabot secrets"
Organization permissions for "Personal access token requests"
| Ponto de extremidade | Access | Tipos de token | Permissões adicionais |
|---|---|---|---|
| POST /orgs/{org}/personal-access-token-requests | write | UAT IAT | |
| POST /orgs/{org}/personal-access-token-requests/{pat_request_id} | write | UAT IAT | |
| GET /orgs/{org}/personal-access-token-requests | read | UAT IAT | |
| GET /orgs/{org}/personal-access-token-requests/{pat_request_id}/repositories | read | UAT IAT |
Organization permissions for "Personal access tokens"
| Ponto de extremidade | Access | Tipos de token | Permissões adicionais |
|---|---|---|---|
| POST /orgs/{org}/personal-access-tokens | write | UAT IAT | |
| POST /orgs/{org}/personal-access-tokens/{pat_id} | write | UAT IAT | |
| GET /orgs/{org}/personal-access-tokens | read | UAT IAT | |
| GET /orgs/{org}/personal-access-tokens/{pat_id}/repositories | read | UAT IAT |
Organization permissions for "Pre-receive hooks"
| Ponto de extremidade | Access | Tipos de token | Permissões adicionais |
|---|---|---|---|
| PATCH /orgs/{org}/pre-receive-hooks/{pre_receive_hook_id} | write | UAT IAT | |
| DELETE /orgs/{org}/pre-receive-hooks/{pre_receive_hook_id} | write | UAT IAT | |
| GET /orgs/{org}/pre-receive-hooks | read | UAT IAT | |
| GET /orgs/{org}/pre-receive-hooks/{pre_receive_hook_id} | read | UAT IAT |
Organization permissions for "Projects"
Organization permissions for "Secrets"
Organization permissions for "Self-hosted runners"
Organization permissions for "Team discussions"
| Ponto de extremidade | Access | Tipos de token | Permissões adicionais |
|---|---|---|---|
| DELETE /orgs/{org}/teams/{team_slug}/discussions/{discussion_number}/comments/{comment_number}/reactions/{reaction_id} | write | UAT IAT | |
| DELETE /orgs/{org}/teams/{team_slug}/discussions/{discussion_number}/reactions/{reaction_id} | write | UAT IAT |
Organization permissions for "Variables"
Organization permissions for "Webhooks"
Repository permissions for "Actions"
Repository permissions for "Administration"
Repository permissions for "Checks"
Repository permissions for "Code scanning alerts"
Repository permissions for "Commit statuses"
| Ponto de extremidade | Access | Tipos de token | Permissões adicionais |
|---|---|---|---|
| POST /repos/{owner}/{repo}/statuses/{sha} | write | UAT IAT | |
| GET /repos/{owner}/{repo}/commits/{ref}/status | read | UAT IAT | |
| GET /repos/{owner}/{repo}/commits/{ref}/statuses | read | UAT IAT |
Repository permissions for "Contents"
Repository permissions for "Dependabot alerts"
| Ponto de extremidade | Access | Tipos de token | Permissões adicionais |
|---|---|---|---|
| PATCH /repos/{owner}/{repo}/dependabot/alerts/{alert_number} | write | UAT IAT | |
| GET /orgs/{org}/dependabot/alerts | read | UAT IAT | |
| GET /repos/{owner}/{repo}/dependabot/alerts | read | UAT IAT | |
| GET /repos/{owner}/{repo}/dependabot/alerts/{alert_number} | read | UAT IAT |
Repository permissions for "Dependabot secrets"
| Ponto de extremidade | Access | Tipos de token | Permissões adicionais |
|---|---|---|---|
| PUT /repos/{owner}/{repo}/dependabot/secrets/{secret_name} | write | UAT IAT | |
| DELETE /repos/{owner}/{repo}/dependabot/secrets/{secret_name} | write | UAT IAT | |
| GET /repos/{owner}/{repo}/dependabot/secrets | read | UAT IAT | |
| GET /repos/{owner}/{repo}/dependabot/secrets/public-key | read | UAT IAT | |
| GET /repos/{owner}/{repo}/dependabot/secrets/{secret_name} | read | UAT IAT |
Repository permissions for "Deployments"
Repository permissions for "Environments"
Repository permissions for "Issues"
Repository permissions for "Metadata"
Repository permissions for "Pages"
Repository permissions for "Pre-receive hooks"
| Ponto de extremidade | Access | Tipos de token | Permissões adicionais |
|---|---|---|---|
| PATCH /repos/{owner}/{repo}/pre-receive-hooks/{pre_receive_hook_id} | write | UAT IAT | |
| DELETE /repos/{owner}/{repo}/pre-receive-hooks/{pre_receive_hook_id} | write | UAT IAT | |
| GET /repos/{owner}/{repo}/pre-receive-hooks | read | UAT IAT | |
| GET /repos/{owner}/{repo}/pre-receive-hooks/{pre_receive_hook_id} | read | UAT IAT |
Repository permissions for "Projects"
Repository permissions for "Pull requests"
Repository permissions for "Secret scanning alerts"
| Ponto de extremidade | Access | Tipos de token | Permissões adicionais |
|---|---|---|---|
| PATCH /repos/{owner}/{repo}/secret-scanning/alerts/{alert_number} | write | UAT IAT | |
| GET /orgs/{org}/secret-scanning/alerts | read | UAT IAT | |
| GET /repos/{owner}/{repo}/secret-scanning/alerts | read | UAT IAT | |
| GET /repos/{owner}/{repo}/secret-scanning/alerts/{alert_number} | read | UAT IAT | |
| GET /repos/{owner}/{repo}/secret-scanning/alerts/{alert_number}/locations | read | UAT IAT |
Repository permissions for "Secrets"
Repository permissions for "Variables"
Repository permissions for "Webhooks"
Repository permissions for "Workflows"
User permissions for "Email addresses"
| Ponto de extremidade | Access | Tipos de token | Permissões adicionais |
|---|---|---|---|
| POST /user/emails | write | UAT | |
| DELETE /user/emails | write | UAT | |
| GET /user/emails | read | UAT | |
| GET /user/public_emails | read | UAT |
User permissions for "Followers"
| Ponto de extremidade | Access | Tipos de token | Permissões adicionais |
|---|---|---|---|
| PUT /user/following/{username} | write | UAT | |
| DELETE /user/following/{username} | write | UAT | |
| GET /user/followers | read | UAT | |
| GET /user/following | read | UAT | |
| GET /user/following/{username} | read | UAT |
User permissions for "GPG keys"
| Ponto de extremidade | Access | Tipos de token | Permissões adicionais |
|---|---|---|---|
| POST /user/gpg_keys | write | UAT | |
| DELETE /user/gpg_keys/{gpg_key_id} | write | UAT | |
| GET /user/gpg_keys | read | UAT | |
| GET /user/gpg_keys/{gpg_key_id} | read | UAT |
User permissions for "Gists"
| Ponto de extremidade | Access | Tipos de token | Permissões adicionais |
|---|---|---|---|
| POST /gists | write | UAT | |
| PATCH /gists/{gist_id} | write | UAT | |
| DELETE /gists/{gist_id} | write | UAT | |
| POST /gists/{gist_id}/comments | write | UAT | |
| PATCH /gists/{gist_id}/comments/{comment_id} | write | UAT | |
| DELETE /gists/{gist_id}/comments/{comment_id} | write | UAT | |
| POST /gists/{gist_id}/forks | write | UAT | |
| PUT /gists/{gist_id}/star | write | UAT | |
| DELETE /gists/{gist_id}/star | write | UAT |
User permissions for "Git SSH keys"
| Ponto de extremidade | Access | Tipos de token | Permissões adicionais |
|---|---|---|---|
| POST /user/keys | write | UAT | |
| DELETE /user/keys/{key_id} | write | UAT | |
| GET /user/keys | read | UAT | |
| GET /user/keys/{key_id} | read | UAT | |
| GET /users/{username}/keys | read | UAT IAT |
User permissions for "Notifications"
| Ponto de extremidade | Access | Tipos de token | Permissões adicionais |
|---|---|---|---|
| GET /notifications | read | UAT | Várias permissões são necessárias ou uma permissão diferente pode ser usada. Para obter mais informações sobre as permissões, consulte a documentação deste ponto de extremidade. |
User permissions for "Profile"
| Ponto de extremidade | Access | Tipos de token | Permissões adicionais |
|---|---|---|---|
| PATCH /user | write | UAT | |
| POST /user/social_accounts | write | UAT | |
| DELETE /user/social_accounts | write | UAT |
User permissions for "SSH signing keys"
| Ponto de extremidade | Access | Tipos de token | Permissões adicionais |
|---|---|---|---|
| POST /user/ssh_signing_keys | write | UAT | |
| DELETE /user/ssh_signing_keys/{ssh_signing_key_id} | write | UAT | |
| GET /user/ssh_signing_keys | read | UAT | |
| GET /user/ssh_signing_keys/{ssh_signing_key_id} | read | UAT |
User permissions for "Starring"
User permissions for "Watching"
| Ponto de extremidade | Access | Tipos de token | Permissões adicionais |
|---|---|---|---|
| GET /user/subscriptions | read | UAT | |
| GET /users/{username}/subscriptions | read | UAT IAT |