Skip to main content

Permissions required for GitHub Apps

You can find the required permissions for each GitHub App-compatible endpoint.

About GitHub App permissions

GitHub Apps are created with a set of permissions. Permissions define what resources the GitHub App can access via the API. For more information, see "Setting permissions for GitHub Apps."

Metadata

GitHub Apps have the Read-only metadata permission by default. The metadata permission provides access to a collection of read-only endpoints with metadata for various resources. These endpoints do not leak sensitive private repository information.

If you set the metadata permission to No access and select a permission that requires repository access, GitHub will override your selection and set the metadata permission back to Read-only. To set the metadata permission to No access, you must set all permissions that require repository access to No access first.

Collaborators

Commit comments

Events

Git

Organization members

SSH keys

Administration

Branches

Collaborators

Invitations

SSH keys

Teams

Checks

Code scanning alerts

Commit statuses

Contents

Branches

Commit comments

Git

Reactions

Releases

Deployments

Followers

Git SSH keys

GPG keys

Issues

Issues and pull requests are closely related. For more information, see "List issues assigned to the authenticated user." If your GitHub App has permissions on issues but not on pull requests, these endpoints will be limited to issues. Endpoints that return both issues and pull requests will be filtered. Endpoints that allow operations on both issues and pull requests will be restricted to issues.

Assignees

Events

Labels

Milestones

Reactions

Members

Organization members

Team members

Teams

Organization administration

Organization events

Organization projects

Organization webhooks

Teams

Pages

GitHub Pages can only be created or unpublished by a repository owner or administrator.

Profile

Pull requests

Pull requests and issues are closely related. If your GitHub App has permissions on pull requests but not on issues, these endpoints will be limited to pull requests. Endpoints that return both pull requests and issues will be filtered. Endpoints that allow operations on both pull requests and issues will be restricted to pull requests.

Assignees

Events

Labels

Milestones

Reactions

Requested reviewers

Reviews

Repository projects

Teams

Repository webhooks

Single file

Starring

Team discussions