Permissions required for GitHub Apps

About GitHub App permissions

GitHub Apps are created with a set of permissions. Permissions define what resources the GitHub App can access via the API. For more information, see "Choosing permissions for a GitHub App."

These permissions are required to access private resources with the following endpoints. Some endpoints can also be used to access public resources without these permissions.

Some endpoints require additional permissions. When this is the case, the "Additional permissions" column will indicate the other permissions that are required to use the endpoint. Some endpoints that require write access to the repository "Contents" permission also require write access to the repository "Workflows" permission if the request will affect workflow files. In these cases, the repository "Workflows" permission is indicated as an additional permission even though it is not always required to use the endpoint.

Business permissions for "Enterprise administration"

Endpoint	Access	Token types	Additional permissions
GET /enterprises/{enterprise}/actions/cache/usage	write	UAT IAT	✖️
GET /enterprises/{enterprise}/actions/cache/usage-policy	write	UAT IAT	✖️
PATCH /enterprises/{enterprise}/actions/cache/usage-policy	write	UAT IAT	✖️
GET /enterprises/{enterprise}/settings/billing/advanced-security	write	UAT IAT	✖️
GET /scim/v2/Groups	write	UAT IAT	✖️
POST /scim/v2/Groups	write	UAT IAT	✖️
GET /scim/v2/Groups/{scim_group_id}	write	UAT IAT	✖️
PUT /scim/v2/Groups/{scim_group_id}	write	UAT IAT	✖️
PATCH /scim/v2/Groups/{scim_group_id}	write	UAT IAT	✖️
DELETE /scim/v2/Groups/{scim_group_id}	write	UAT IAT	✖️
GET /scim/v2/Users	write	UAT IAT	✖️
POST /scim/v2/Users	write	UAT IAT	✖️
GET /scim/v2/Users/{scim_user_id}	write	UAT IAT	✖️
PUT /scim/v2/Users/{scim_user_id}	write	UAT IAT	✖️
DELETE /scim/v2/Users/{scim_user_id}	write	UAT IAT	✖️
GET /enterprises/{enterprise}/audit-log	read	UAT IAT	✖️

Organization permissions for "Administration"

Endpoint	Access	Token types	Additional permissions
PATCH /orgs/{org}	write	UAT IAT	✖️
PUT /orgs/{org}/actions/oidc/customization/sub	write	UAT IAT	✖️
PUT /orgs/{org}/actions/permissions	write	UAT IAT	✖️
PUT /orgs/{org}/actions/permissions/repositories	write	UAT IAT	✖️
PUT /orgs/{org}/actions/permissions/repositories/{repository_id}	write	UAT IAT	Repository permissions for "Metadata"
DELETE /orgs/{org}/actions/permissions/repositories/{repository_id}	write	UAT IAT	Repository permissions for "Metadata"
PUT /orgs/{org}/actions/permissions/selected-actions	write	UAT IAT	✖️
PUT /orgs/{org}/actions/permissions/workflow	write	UAT IAT	✖️
PUT /orgs/{org}/security-managers/teams/{team_slug}	write	UAT IAT	✖️
DELETE /orgs/{org}/security-managers/teams/{team_slug}	write	UAT IAT	✖️
POST /orgs/{org}/{security_product}/{enablement}	write	UAT IAT	✖️
GET /organizations/{organization_id}/custom_roles	read	UAT IAT	✖️
GET /orgs/{org}/actions/cache/usage	read	UAT IAT	✖️
GET /orgs/{org}/actions/cache/usage-by-repository	read	UAT IAT	✖️
GET /orgs/{org}/actions/oidc/customization/sub	read	UAT IAT	✖️
GET /orgs/{org}/actions/permissions	read	UAT IAT	✖️
GET /orgs/{org}/actions/permissions/repositories	read	UAT IAT	✖️
GET /orgs/{org}/actions/permissions/selected-actions	read	UAT IAT	✖️
GET /orgs/{org}/actions/permissions/workflow	read	UAT IAT	✖️
GET /orgs/{org}/audit-log	read	UAT IAT	✖️
GET /orgs/{org}/installations	read	UAT IAT	✖️
GET /orgs/{org}/security-managers	read	UAT IAT	✖️
GET /orgs/{org}/settings/billing/advanced-security	read	UAT IAT	✖️

Organization permissions for "Custom repository roles"

Endpoint	Access	Token types	Additional permissions
GET /organizations/{organization_id}/custom_roles	read	UAT IAT	✖️

Organization permissions for "Events"

Endpoint	Access	Token types	Additional permissions
GET /users/{username}/events/orgs/{org}	read	UAT	✖️

Organization permissions for "Members"

Endpoint	Access	Token types	Additional permissions
GET /orgs/{org}/external-group/{group_id}	write	UAT IAT	✖️
GET /orgs/{org}/external-groups	write	UAT IAT	✖️
DELETE /orgs/{org}/members/{username}	write	UAT IAT	✖️
PUT /orgs/{org}/memberships/{username}	write	UAT IAT	✖️
DELETE /orgs/{org}/memberships/{username}	write	UAT IAT	✖️
PUT /orgs/{org}/outside_collaborators/{username}	write	UAT IAT	✖️
DELETE /orgs/{org}/outside_collaborators/{username}	write	UAT IAT	✖️
PUT /orgs/{org}/public_members/{username}	write	UAT	✖️
DELETE /orgs/{org}/public_members/{username}	write	UAT	✖️
POST /orgs/{org}/teams	write	UAT IAT	✖️
GET /orgs/{org}/teams/{team_slug}/external-groups	write	UAT IAT	✖️
PATCH /orgs/{org}/teams/{team_slug}/external-groups	write	UAT IAT	✖️
DELETE /orgs/{org}/teams/{team_slug}/external-groups	write	UAT IAT	✖️
PUT /teams/{team_id}/members/{username}	write	UAT IAT	✖️
DELETE /teams/{team_id}/members/{username}	write	UAT IAT	✖️
PATCH /user/memberships/orgs/{org}	write	UAT	✖️
GET /orgs/{org}/members	read	UAT IAT	✖️
GET /orgs/{org}/members/{username}	read	UAT IAT	✖️
GET /orgs/{org}/memberships/{username}	read	UAT IAT	✖️
GET /orgs/{org}/outside_collaborators	read	UAT IAT	✖️
GET /orgs/{org}/public_members	read	UAT IAT	✖️
GET /orgs/{org}/public_members/{username}	read	UAT IAT	✖️
GET /orgs/{org}/teams	read	UAT IAT	✖️
GET /teams/{team_id}/members/{username}	read	UAT IAT	✖️
GET /user/memberships/orgs/{org}	read	UAT	✖️

Organization permissions for "Organization dependabot secrets"

Endpoint	Access	Token types	Additional permissions
PUT /orgs/{org}/dependabot/secrets/{secret_name}	write	UAT IAT	✖️
DELETE /orgs/{org}/dependabot/secrets/{secret_name}	write	UAT IAT	✖️
PUT /orgs/{org}/dependabot/secrets/{secret_name}/repositories	write	UAT IAT	✖️
PUT /orgs/{org}/dependabot/secrets/{secret_name}/repositories/{repository_id}	write	UAT IAT	Repository permissions for "Metadata"
DELETE /orgs/{org}/dependabot/secrets/{secret_name}/repositories/{repository_id}	write	UAT IAT	Repository permissions for "Metadata"
GET /orgs/{org}/dependabot/secrets	read	UAT IAT	✖️
GET /orgs/{org}/dependabot/secrets/public-key	read	UAT IAT	✖️
GET /orgs/{org}/dependabot/secrets/{secret_name}	read	UAT IAT	✖️
GET /orgs/{org}/dependabot/secrets/{secret_name}/repositories	read	UAT IAT	✖️

Organization permissions for "Pre-receive hooks"

Endpoint	Access	Token types	Additional permissions
DELETE /orgs/{org}/pre-receive-hooks/{pre_receive_hook_id}	write	UAT IAT	✖️
GET /orgs/{org}/pre-receive-hooks	read	UAT IAT	✖️
GET /orgs/{org}/pre-receive-hooks/{pre_receive_hook_id}	read	UAT IAT	✖️

Organization permissions for "Projects"

Endpoint	Access	Token types	Additional permissions
GET /projects/{project_id}/collaborators	admin	UAT IAT	✖️
PUT /projects/{project_id}/collaborators/{username}	admin	UAT IAT	✖️
DELETE /projects/{project_id}/collaborators/{username}	admin	UAT IAT	✖️
GET /projects/{project_id}/collaborators/{username}/permission	admin	UAT IAT	✖️
POST /orgs/{org}/projects	write	UAT IAT	✖️
PATCH /projects/columns/cards/{card_id}	write	UAT IAT	✖️
DELETE /projects/columns/cards/{card_id}	write	UAT IAT	✖️
POST /projects/columns/cards/{card_id}/moves	write	UAT IAT	✖️
PATCH /projects/columns/{column_id}	write	UAT IAT	✖️
DELETE /projects/columns/{column_id}	write	UAT IAT	✖️
POST /projects/columns/{column_id}/cards	write	UAT IAT	✖️
POST /projects/columns/{column_id}/moves	write	UAT IAT	✖️
PATCH /projects/{project_id}	write	UAT IAT	✖️
DELETE /projects/{project_id}	write	UAT IAT	✖️
POST /projects/{project_id}/columns	write	UAT IAT	✖️
GET /orgs/{org}/projects	read	UAT IAT	✖️
GET /projects/columns/cards/{card_id}	read	UAT IAT	✖️
GET /projects/columns/{column_id}	read	UAT IAT	✖️
GET /projects/columns/{column_id}/cards	read	UAT IAT	✖️
GET /projects/{project_id}	read	UAT IAT	✖️
GET /projects/{project_id}/columns	read	UAT IAT	✖️

Organization permissions for "Secrets"

Endpoint	Access	Token types	Additional permissions
PUT /orgs/{org}/actions/secrets/{secret_name}	write	UAT IAT	✖️
DELETE /orgs/{org}/actions/secrets/{secret_name}	write	UAT IAT	✖️
PUT /orgs/{org}/actions/secrets/{secret_name}/repositories	write	UAT IAT	✖️
PUT /orgs/{org}/actions/secrets/{secret_name}/repositories/{repository_id}	write	UAT IAT	Repository permissions for "Metadata"
DELETE /orgs/{org}/actions/secrets/{secret_name}/repositories/{repository_id}	write	UAT IAT	Repository permissions for "Metadata"
GET /orgs/{org}/actions/secrets	read	UAT IAT	✖️
GET /orgs/{org}/actions/secrets/public-key	read	UAT IAT	✖️
GET /orgs/{org}/actions/secrets/{secret_name}	read	UAT IAT	✖️
GET /orgs/{org}/actions/secrets/{secret_name}/repositories	read	UAT IAT	✖️

Organization permissions for "Self-hosted runners"

Endpoint	Access	Token types	Additional permissions
POST /orgs/{org}/actions/runner-groups	write	UAT IAT	✖️
PATCH /orgs/{org}/actions/runner-groups/{runner_group_id}	write	UAT IAT	✖️
DELETE /orgs/{org}/actions/runner-groups/{runner_group_id}	write	UAT IAT	✖️
PUT /orgs/{org}/actions/runner-groups/{runner_group_id}/repositories	write	UAT IAT	✖️
PUT /orgs/{org}/actions/runner-groups/{runner_group_id}/repositories/{repository_id}	write	UAT IAT	Repository permissions for "Metadata"
DELETE /orgs/{org}/actions/runner-groups/{runner_group_id}/repositories/{repository_id}	write	UAT IAT	Repository permissions for "Metadata"
PUT /orgs/{org}/actions/runner-groups/{runner_group_id}/runners	write	UAT IAT	✖️
PUT /orgs/{org}/actions/runner-groups/{runner_group_id}/runners/{runner_id}	write	UAT IAT	✖️
DELETE /orgs/{org}/actions/runner-groups/{runner_group_id}/runners/{runner_id}	write	UAT IAT	✖️
POST /orgs/{org}/actions/runners/registration-token	write	UAT IAT	✖️
POST /orgs/{org}/actions/runners/remove-token	write	UAT IAT	✖️
DELETE /orgs/{org}/actions/runners/{runner_id}	write	UAT IAT	✖️
POST /orgs/{org}/actions/runners/{runner_id}/labels	write	UAT IAT	✖️
PUT /orgs/{org}/actions/runners/{runner_id}/labels	write	UAT IAT	✖️
DELETE /orgs/{org}/actions/runners/{runner_id}/labels	write	UAT IAT	✖️
DELETE /orgs/{org}/actions/runners/{runner_id}/labels/{name}	write	UAT IAT	✖️
GET /orgs/{org}/actions/runner-groups	read	UAT IAT	✖️
GET /orgs/{org}/actions/runner-groups/{runner_group_id}	read	UAT IAT	✖️
GET /orgs/{org}/actions/runner-groups/{runner_group_id}/repositories	read	UAT IAT	✖️
GET /orgs/{org}/actions/runner-groups/{runner_group_id}/runners	read	UAT IAT	✖️
GET /orgs/{org}/actions/runners	read	UAT IAT	✖️
GET /orgs/{org}/actions/runners/downloads	read	UAT IAT	✖️
GET /orgs/{org}/actions/runners/{runner_id}	read	UAT IAT	✖️
GET /orgs/{org}/actions/runners/{runner_id}/labels	read	UAT IAT	✖️

Organization permissions for "Team discussions"

Endpoint	Access	Token types	Additional permissions
DELETE /orgs/{org}/teams/{team_slug}/discussions/{discussion_number}/comments/{comment_number}/reactions/{reaction_id}	write	UAT IAT	✖️
DELETE /orgs/{org}/teams/{team_slug}/discussions/{discussion_number}/reactions/{reaction_id}	write	UAT IAT	✖️

Organization permissions for "Webhooks"

Endpoint	Access	Token types	Additional permissions
POST /orgs/{org}/hooks	write	UAT IAT	✖️
PATCH /orgs/{org}/hooks/{hook_id}	write	UAT IAT	✖️
DELETE /orgs/{org}/hooks/{hook_id}	write	UAT IAT	✖️
PATCH /orgs/{org}/hooks/{hook_id}/config	write	UAT IAT	✖️
POST /orgs/{org}/hooks/{hook_id}/deliveries/{delivery_id}/attempts	write	UAT IAT	✖️
POST /orgs/{org}/hooks/{hook_id}/pings	write	UAT IAT	✖️
GET /orgs/{org}/hooks	read	UAT IAT	✖️
GET /orgs/{org}/hooks/{hook_id}	read	UAT IAT	✖️
GET /orgs/{org}/hooks/{hook_id}/config	read	UAT IAT	✖️
GET /orgs/{org}/hooks/{hook_id}/deliveries	read	UAT IAT	✖️
GET /orgs/{org}/hooks/{hook_id}/deliveries/{delivery_id}	read	UAT IAT	✖️

Repository permissions for "Actions"

Endpoint	Access	Token types	Additional permissions
DELETE /repos/{owner}/{repo}/actions/artifacts/{artifact_id}	write	UAT IAT	✖️
DELETE /repos/{owner}/{repo}/actions/caches	write	UAT IAT	✖️
DELETE /repos/{owner}/{repo}/actions/caches/{cache_id}	write	UAT IAT	✖️
POST /repos/{owner}/{repo}/actions/jobs/{job_id}/rerun	write	UAT IAT	✖️
PUT /repos/{owner}/{repo}/actions/oidc/customization/sub	write	UAT IAT	✖️
DELETE /repos/{owner}/{repo}/actions/runs/{run_id}	write	UAT IAT	✖️
POST /repos/{owner}/{repo}/actions/runs/{run_id}/cancel	write	UAT IAT	✖️
DELETE /repos/{owner}/{repo}/actions/runs/{run_id}/logs	write	UAT IAT	✖️
POST /repos/{owner}/{repo}/actions/runs/{run_id}/rerun	write	UAT IAT	✖️
POST /repos/{owner}/{repo}/actions/runs/{run_id}/rerun-failed-jobs	write	UAT IAT	✖️
PUT /repos/{owner}/{repo}/actions/workflows/{workflow_id}/disable	write	UAT IAT	✖️
POST /repos/{owner}/{repo}/actions/workflows/{workflow_id}/dispatches	write	UAT IAT	✖️
PUT /repos/{owner}/{repo}/actions/workflows/{workflow_id}/enable	write	UAT IAT	✖️
GET /repos/{owner}/{repo}/actions/artifacts	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/actions/artifacts/{artifact_id}	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/actions/artifacts/{artifact_id}/{archive_format}	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/actions/cache/usage	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/actions/cache/usage-policy	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/actions/caches	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/actions/jobs/{job_id}	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/actions/jobs/{job_id}/logs	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/actions/oidc/customization/sub	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/actions/runs	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/actions/runs/{run_id}	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/actions/runs/{run_id}/approvals	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/actions/runs/{run_id}/artifacts	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/actions/runs/{run_id}/attempts/{attempt_number}	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/actions/runs/{run_id}/attempts/{attempt_number}/jobs	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/actions/runs/{run_id}/attempts/{attempt_number}/logs	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/actions/runs/{run_id}/jobs	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/actions/runs/{run_id}/logs	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/actions/runs/{run_id}/pending_deployments	read	UAT IAT	✖️
POST /repos/{owner}/{repo}/actions/runs/{run_id}/pending_deployments	read	UAT IAT	Repository permissions for "Checks", Repository permissions for "Deployments"
GET /repos/{owner}/{repo}/actions/workflows	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/actions/workflows/{workflow_id}	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/actions/workflows/{workflow_id}/runs	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/environments	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/environments/{environment_name}	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/environments/{environment_name}/deployment-branch-policies	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/environments/{environment_name}/deployment-branch-policies/{branch_policy_id}	read	UAT IAT	✖️

Repository permissions for "Administration"

Endpoint	Access	Token types	Additional permissions
POST /orgs/{org}/repos	write	UAT IAT	✖️
PATCH /repos/{owner}/{repo}	write	UAT IAT	✖️
DELETE /repos/{owner}/{repo}	write	UAT IAT	✖️
PATCH /repos/{owner}/{repo}/actions/cache/usage-policy	write	UAT IAT	✖️
PUT /repos/{owner}/{repo}/actions/permissions	write	UAT IAT	✖️
PUT /repos/{owner}/{repo}/actions/permissions/access	write	UAT IAT	✖️
PUT /repos/{owner}/{repo}/actions/permissions/selected-actions	write	UAT IAT	✖️
PUT /repos/{owner}/{repo}/actions/permissions/workflow	write	UAT IAT	✖️
POST /repos/{owner}/{repo}/actions/runners/registration-token	write	UAT IAT	✖️
POST /repos/{owner}/{repo}/actions/runners/remove-token	write	UAT IAT	✖️
DELETE /repos/{owner}/{repo}/actions/runners/{runner_id}	write	UAT IAT	✖️
POST /repos/{owner}/{repo}/actions/runners/{runner_id}/labels	write	UAT IAT	✖️
PUT /repos/{owner}/{repo}/actions/runners/{runner_id}/labels	write	UAT IAT	✖️
DELETE /repos/{owner}/{repo}/actions/runners/{runner_id}/labels	write	UAT IAT	✖️
DELETE /repos/{owner}/{repo}/actions/runners/{runner_id}/labels/{name}	write	UAT IAT	✖️
POST /repos/{owner}/{repo}/autolinks	write	UAT IAT	✖️
DELETE /repos/{owner}/{repo}/autolinks/{autolink_id}	write	UAT IAT	✖️
PUT /repos/{owner}/{repo}/branches/{branch}/protection	write	UAT IAT	✖️
DELETE /repos/{owner}/{repo}/branches/{branch}/protection	write	UAT IAT	✖️
POST /repos/{owner}/{repo}/branches/{branch}/protection/enforce_admins	write	UAT IAT	✖️
DELETE /repos/{owner}/{repo}/branches/{branch}/protection/enforce_admins	write	UAT IAT	✖️
PATCH /repos/{owner}/{repo}/branches/{branch}/protection/required_pull_request_reviews	write	UAT IAT	✖️
DELETE /repos/{owner}/{repo}/branches/{branch}/protection/required_pull_request_reviews	write	UAT IAT	✖️
POST /repos/{owner}/{repo}/branches/{branch}/protection/required_signatures	write	UAT IAT	✖️
DELETE /repos/{owner}/{repo}/branches/{branch}/protection/required_signatures	write	UAT IAT	✖️
PATCH /repos/{owner}/{repo}/branches/{branch}/protection/required_status_checks	write	UAT IAT	✖️
DELETE /repos/{owner}/{repo}/branches/{branch}/protection/required_status_checks	write	UAT IAT	✖️
POST /repos/{owner}/{repo}/branches/{branch}/protection/required_status_checks/contexts	write	UAT IAT	✖️
PUT /repos/{owner}/{repo}/branches/{branch}/protection/required_status_checks/contexts	write	UAT IAT	✖️
DELETE /repos/{owner}/{repo}/branches/{branch}/protection/required_status_checks/contexts	write	UAT IAT	✖️
DELETE /repos/{owner}/{repo}/branches/{branch}/protection/restrictions	write	UAT IAT	✖️
POST /repos/{owner}/{repo}/branches/{branch}/protection/restrictions/apps	write	UAT IAT	✖️
PUT /repos/{owner}/{repo}/branches/{branch}/protection/restrictions/apps	write	UAT IAT	✖️
DELETE /repos/{owner}/{repo}/branches/{branch}/protection/restrictions/apps	write	UAT IAT	✖️
POST /repos/{owner}/{repo}/branches/{branch}/protection/restrictions/teams	write	UAT IAT	✖️
PUT /repos/{owner}/{repo}/branches/{branch}/protection/restrictions/teams	write	UAT IAT	✖️
DELETE /repos/{owner}/{repo}/branches/{branch}/protection/restrictions/teams	write	UAT IAT	✖️
POST /repos/{owner}/{repo}/branches/{branch}/protection/restrictions/users	write	UAT IAT	✖️
PUT /repos/{owner}/{repo}/branches/{branch}/protection/restrictions/users	write	UAT IAT	✖️
DELETE /repos/{owner}/{repo}/branches/{branch}/protection/restrictions/users	write	UAT IAT	✖️
PUT /repos/{owner}/{repo}/collaborators/{username}	write	UAT IAT	✖️
DELETE /repos/{owner}/{repo}/collaborators/{username}	write	UAT IAT	✖️
PUT /repos/{owner}/{repo}/environments/{environment_name}	write	UAT IAT	✖️
DELETE /repos/{owner}/{repo}/environments/{environment_name}	write	UAT IAT	✖️
POST /repos/{owner}/{repo}/environments/{environment_name}/deployment-branch-policies	write	UAT IAT	✖️
PUT /repos/{owner}/{repo}/environments/{environment_name}/deployment-branch-policies/{branch_policy_id}	write	UAT IAT	✖️
DELETE /repos/{owner}/{repo}/environments/{environment_name}/deployment-branch-policies/{branch_policy_id}	write	UAT IAT	✖️
POST /repos/{owner}/{repo}/forks	write	UAT IAT	Repository permissions for "Contents"
PATCH /repos/{owner}/{repo}/invitations/{invitation_id}	write	UAT IAT	✖️
DELETE /repos/{owner}/{repo}/invitations/{invitation_id}	write	UAT IAT	✖️
POST /repos/{owner}/{repo}/keys	write	UAT IAT	✖️
DELETE /repos/{owner}/{repo}/keys/{key_id}	write	UAT IAT	✖️
POST /repos/{owner}/{repo}/pages	write	UAT IAT	Repository permissions for "Pages"
PUT /repos/{owner}/{repo}/pages	write	UAT IAT	Repository permissions for "Pages"
DELETE /repos/{owner}/{repo}/pages	write	UAT IAT	Repository permissions for "Pages"
POST /repos/{owner}/{repo}/tags/protection	write	UAT IAT	✖️
DELETE /repos/{owner}/{repo}/tags/protection/{tag_protection_id}	write	UAT IAT	✖️
PUT /repos/{owner}/{repo}/topics	write	UAT IAT	✖️
POST /repos/{owner}/{repo}/transfer	write	UAT	✖️
POST /user/repos	write	UAT	✖️
PATCH /user/repository_invitations/{invitation_id}	write	UAT	✖️
DELETE /user/repository_invitations/{invitation_id}	write	UAT	✖️
GET /repos/{owner}/{repo}/actions/permissions	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/actions/permissions/access	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/actions/permissions/selected-actions	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/actions/permissions/workflow	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/actions/runners	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/actions/runners/downloads	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/actions/runners/{runner_id}	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/actions/runners/{runner_id}/labels	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/autolinks	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/autolinks/{autolink_id}	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/branches/{branch}/protection	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/branches/{branch}/protection/enforce_admins	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/branches/{branch}/protection/required_pull_request_reviews	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/branches/{branch}/protection/required_signatures	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/branches/{branch}/protection/required_status_checks	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/branches/{branch}/protection/required_status_checks/contexts	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/branches/{branch}/protection/restrictions	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/branches/{branch}/protection/restrictions/apps	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/branches/{branch}/protection/restrictions/teams	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/branches/{branch}/protection/restrictions/users	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/invitations	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/keys	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/keys/{key_id}	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/replicas/caches	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/tags/protection	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/teams	read	UAT IAT	✖️
GET /user/repository_invitations	read	UAT	✖️

Repository permissions for "Checks"

Endpoint	Access	Token types	Additional permissions
POST /repos/{owner}/{repo}/check-runs	write	UAT IAT	✖️
PATCH /repos/{owner}/{repo}/check-runs/{check_run_id}	write	UAT IAT	✖️
POST /repos/{owner}/{repo}/check-runs/{check_run_id}/rerequest	write	UAT IAT	✖️
POST /repos/{owner}/{repo}/check-suites	write	UAT IAT	✖️
PATCH /repos/{owner}/{repo}/check-suites/preferences	write	UAT IAT	✖️
POST /repos/{owner}/{repo}/check-suites/{check_suite_id}/rerequest	write	UAT IAT	✖️
POST /repos/{owner}/{repo}/actions/runs/{run_id}/pending_deployments	read	UAT IAT	Repository permissions for "Actions", Repository permissions for "Deployments"
GET /repos/{owner}/{repo}/check-runs/{check_run_id}	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/check-runs/{check_run_id}/annotations	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/check-suites/{check_suite_id}	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/check-suites/{check_suite_id}/check-runs	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/commits/{ref}/check-runs	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/commits/{ref}/check-suites	read	UAT IAT	✖️

Repository permissions for "Code scanning alerts"

Endpoint	Access	Token types	Additional permissions
PATCH /repos/{owner}/{repo}/code-scanning/alerts/{alert_number}	write	UAT IAT	✖️
DELETE /repos/{owner}/{repo}/code-scanning/analyses/{analysis_id}	write	UAT IAT	✖️
POST /repos/{owner}/{repo}/code-scanning/sarifs	write	UAT IAT	✖️
GET /orgs/{org}/code-scanning/alerts	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/code-scanning/alerts	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/code-scanning/alerts/{alert_number}	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/code-scanning/alerts/{alert_number}/instances	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/code-scanning/analyses	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/code-scanning/analyses/{analysis_id}	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/code-scanning/sarifs/{sarif_id}	read	UAT IAT	✖️

Repository permissions for "Commit statuses"

Endpoint	Access	Token types	Additional permissions
POST /repos/{owner}/{repo}/statuses/{sha}	write	UAT IAT	✖️
GET /repos/{owner}/{repo}/commits/{ref}/status	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/commits/{ref}/statuses	read	UAT IAT	✖️

Repository permissions for "Contents"

Endpoint	Access	Token types	Additional permissions
POST /repos/{owner}/{repo}/branches/{branch}/rename	write	UAT IAT	✖️
PATCH /repos/{owner}/{repo}/comments/{comment_id}	write	UAT IAT	✖️
DELETE /repos/{owner}/{repo}/comments/{comment_id}	write	UAT IAT	✖️
POST /repos/{owner}/{repo}/comments/{comment_id}/reactions	write	UAT IAT	✖️
DELETE /repos/{owner}/{repo}/comments/{comment_id}/reactions/{reaction_id}	write	UAT IAT	✖️
PUT /repos/{owner}/{repo}/contents/{path}	write	UAT IAT	✖️
DELETE /repos/{owner}/{repo}/contents/{path}	write	UAT IAT	✖️
POST /repos/{owner}/{repo}/dependency-graph/snapshots	write	UAT IAT	✖️
POST /repos/{owner}/{repo}/dispatches	write	UAT IAT	✖️
POST /repos/{owner}/{repo}/git/blobs	write	UAT IAT	✖️
POST /repos/{owner}/{repo}/git/commits	write	UAT IAT	✖️
POST /repos/{owner}/{repo}/git/refs	write	UAT IAT	Repository permissions for "Workflows"
PATCH /repos/{owner}/{repo}/git/refs/{ref}	write	UAT IAT	Repository permissions for "Workflows"
DELETE /repos/{owner}/{repo}/git/refs/{ref}	write	UAT IAT	✖️
POST /repos/{owner}/{repo}/git/tags	write	UAT IAT	✖️
POST /repos/{owner}/{repo}/git/trees	write	UAT IAT	✖️
POST /repos/{owner}/{repo}/merge-upstream	write	UAT IAT	✖️
POST /repos/{owner}/{repo}/merges	write	UAT IAT	✖️
PUT /repos/{owner}/{repo}/pulls/{pull_number}/merge	write	UAT IAT	✖️
POST /repos/{owner}/{repo}/releases	write	UAT IAT	Repository permissions for "Workflows"
PATCH /repos/{owner}/{repo}/releases/assets/{asset_id}	write	UAT IAT	✖️
DELETE /repos/{owner}/{repo}/releases/assets/{asset_id}	write	UAT IAT	✖️
POST /repos/{owner}/{repo}/releases/generate-notes	write	UAT IAT	✖️
PATCH /repos/{owner}/{repo}/releases/{release_id}	write	UAT IAT	✖️
DELETE /repos/{owner}/{repo}/releases/{release_id}	write	UAT IAT	✖️
GET /repos/{owner}/{repo}/branches	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/branches/{branch}	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/codeowners/errors	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/commits	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/commits/{commit_sha}/branches-where-head	read	UAT IAT	✖️
POST /repos/{owner}/{repo}/commits/{commit_sha}/comments	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/commits/{ref}	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/compare/{basehead}	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/contents/{path}	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/dependency-graph/compare/{basehead}	read	UAT IAT	Repository permissions for "Pull requests"
POST /repos/{owner}/{repo}/forks	read	UAT IAT	Repository permissions for "Administration"
GET /repos/{owner}/{repo}/git/blobs/{file_sha}	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/git/commits/{commit_sha}	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/git/matching-refs/{ref}	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/git/ref/{ref}	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/git/tags/{tag_sha}	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/git/trees/{tree_sha}	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/pulls/{pull_number}	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/releases	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/releases/assets/{asset_id}	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/releases/latest	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/releases/tags/{tag}	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/releases/{release_id}	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/releases/{release_id}/assets	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/tarball/{ref}	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/zipball/{ref}	read	UAT IAT	✖️

Repository permissions for "Dependabot secrets"

Endpoint	Access	Token types	Additional permissions
PUT /repos/{owner}/{repo}/dependabot/secrets/{secret_name}	write	UAT IAT	✖️
DELETE /repos/{owner}/{repo}/dependabot/secrets/{secret_name}	write	UAT IAT	✖️
GET /repos/{owner}/{repo}/dependabot/secrets	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/dependabot/secrets/public-key	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/dependabot/secrets/{secret_name}	read	UAT IAT	✖️

Repository permissions for "Deployments"

Endpoint	Access	Token types	Additional permissions
POST /repos/{owner}/{repo}/deployments	write	UAT IAT	✖️
DELETE /repos/{owner}/{repo}/deployments/{deployment_id}	write	UAT IAT	✖️
POST /repos/{owner}/{repo}/deployments/{deployment_id}/statuses	write	UAT IAT	✖️
POST /repos/{owner}/{repo}/actions/runs/{run_id}/pending_deployments	read	UAT IAT	Repository permissions for "Actions", Repository permissions for "Checks"
GET /repos/{owner}/{repo}/deployments	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/deployments/{deployment_id}	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/deployments/{deployment_id}/statuses	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/deployments/{deployment_id}/statuses/{status_id}	read	UAT IAT	✖️

Repository permissions for "Environments"

Endpoint	Access	Token types	Additional permissions
PUT /repositories/{repository_id}/environments/{environment_name}/secrets/{secret_name}	write	UAT IAT	Repository permissions for "Secrets"
DELETE /repositories/{repository_id}/environments/{environment_name}/secrets/{secret_name}	write	UAT IAT	Repository permissions for "Secrets"
GET /repositories/{repository_id}/environments/{environment_name}/secrets	read	UAT IAT	Repository permissions for "Secrets"
GET /repositories/{repository_id}/environments/{environment_name}/secrets/public-key	read	UAT IAT	Repository permissions for "Secrets"
GET /repositories/{repository_id}/environments/{environment_name}/secrets/{secret_name}	read	UAT IAT	Repository permissions for "Secrets"

Repository permissions for "Issues"

Endpoint	Access	Token types	Additional permissions
POST /repos/{owner}/{repo}/issues	write	UAT IAT	✖️
PATCH /repos/{owner}/{repo}/issues/comments/{comment_id}	write	UAT IAT	✖️
DELETE /repos/{owner}/{repo}/issues/comments/{comment_id}	write	UAT IAT	✖️
POST /repos/{owner}/{repo}/issues/comments/{comment_id}/reactions	write	UAT IAT	✖️
DELETE /repos/{owner}/{repo}/issues/comments/{comment_id}/reactions/{reaction_id}	write	UAT IAT	✖️
PATCH /repos/{owner}/{repo}/issues/{issue_number}	write	UAT IAT	✖️
POST /repos/{owner}/{repo}/issues/{issue_number}/assignees	write	UAT IAT	✖️
DELETE /repos/{owner}/{repo}/issues/{issue_number}/assignees	write	UAT IAT	✖️
POST /repos/{owner}/{repo}/issues/{issue_number}/comments	write	UAT IAT	✖️
POST /repos/{owner}/{repo}/issues/{issue_number}/labels	write	UAT IAT	✖️
PUT /repos/{owner}/{repo}/issues/{issue_number}/labels	write	UAT IAT	✖️
DELETE /repos/{owner}/{repo}/issues/{issue_number}/labels	write	UAT IAT	✖️
DELETE /repos/{owner}/{repo}/issues/{issue_number}/labels/{name}	write	UAT IAT	✖️
PUT /repos/{owner}/{repo}/issues/{issue_number}/lock	write	UAT IAT	✖️
DELETE /repos/{owner}/{repo}/issues/{issue_number}/lock	write	UAT IAT	✖️
POST /repos/{owner}/{repo}/issues/{issue_number}/reactions	write	UAT IAT	✖️
DELETE /repos/{owner}/{repo}/issues/{issue_number}/reactions/{reaction_id}	write	UAT IAT	✖️
POST /repos/{owner}/{repo}/labels	write	UAT IAT	✖️
PATCH /repos/{owner}/{repo}/labels/{name}	write	UAT IAT	✖️
DELETE /repos/{owner}/{repo}/labels/{name}	write	UAT IAT	✖️
POST /repos/{owner}/{repo}/milestones	write	UAT IAT	✖️
PATCH /repos/{owner}/{repo}/milestones/{milestone_number}	write	UAT IAT	✖️
DELETE /repos/{owner}/{repo}/milestones/{milestone_number}	write	UAT IAT	✖️
GET /repos/{owner}/{repo}/assignees	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/assignees/{assignee}	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/issues	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/issues/comments	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/issues/comments/{comment_id}	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/issues/comments/{comment_id}/reactions	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/issues/events	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/issues/events/{event_id}	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/issues/{issue_number}	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/issues/{issue_number}/assignees/{assignee}	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/issues/{issue_number}/comments	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/issues/{issue_number}/events	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/issues/{issue_number}/labels	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/issues/{issue_number}/reactions	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/issues/{issue_number}/timeline	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/labels	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/labels/{name}	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/milestones	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/milestones/{milestone_number}	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/milestones/{milestone_number}/labels	read	UAT IAT	✖️

Repository permissions for "Metadata"

Endpoint	Access	Token types	Additional permissions
POST /gists	read	UAT	User permissions for "Gists"
PATCH /gists/{gist_id}	read	UAT	User permissions for "Gists"
DELETE /gists/{gist_id}	read	UAT	User permissions for "Gists"
POST /gists/{gist_id}/comments	read	UAT	User permissions for "Gists"
GET /gists/{gist_id}/comments/{comment_id}	read	UAT	✖️
PATCH /gists/{gist_id}/comments/{comment_id}	read	UAT	User permissions for "Gists"
DELETE /gists/{gist_id}/comments/{comment_id}	read	UAT	User permissions for "Gists"
POST /gists/{gist_id}/forks	read	UAT	User permissions for "Gists"
PUT /gists/{gist_id}/star	read	UAT	User permissions for "Gists"
DELETE /gists/{gist_id}/star	read	UAT	User permissions for "Gists"
GET /notifications	read	UAT	User permissions for "Notifications"
PUT /orgs/{org}/actions/permissions/repositories/{repository_id}	read	UAT IAT	Organization permissions for "Administration"
DELETE /orgs/{org}/actions/permissions/repositories/{repository_id}	read	UAT IAT	Organization permissions for "Administration"
PUT /orgs/{org}/actions/runner-groups/{runner_group_id}/repositories/{repository_id}	read	UAT IAT	Organization permissions for "Self-hosted runners"
DELETE /orgs/{org}/actions/runner-groups/{runner_group_id}/repositories/{repository_id}	read	UAT IAT	Organization permissions for "Self-hosted runners"
PUT /orgs/{org}/actions/secrets/{secret_name}/repositories/{repository_id}	read	UAT IAT	Organization permissions for "Secrets"
DELETE /orgs/{org}/actions/secrets/{secret_name}/repositories/{repository_id}	read	UAT IAT	Organization permissions for "Secrets"
PUT /orgs/{org}/dependabot/secrets/{secret_name}/repositories/{repository_id}	read	UAT IAT	Organization permissions for "Organization dependabot secrets"
DELETE /orgs/{org}/dependabot/secrets/{secret_name}/repositories/{repository_id}	read	UAT IAT	Organization permissions for "Organization dependabot secrets"
GET /orgs/{org}/repos	read	UAT IAT	✖️
GET /repos/{owner}/{repo}	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/collaborators	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/collaborators/{username}	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/collaborators/{username}/permission	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/comments	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/comments/{comment_id}	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/comments/{comment_id}/reactions	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/commits/{commit_sha}/comments	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/contributors	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/events	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/forks	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/languages	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/license	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/stargazers	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/stats/code_frequency	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/stats/commit_activity	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/stats/contributors	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/stats/participation	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/stats/punch_card	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/subscribers	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/tags	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/topics	read	UAT IAT	✖️
POST /repos/{template_owner}/{template_repo}/generate	read	UAT	✖️
GET /repositories	read	UAT IAT	✖️
GET /search/labels	read	UAT IAT	✖️
GET /user/installations/{installation_id}/repositories	read	UAT	✖️
GET /user/repos	read	UAT	✖️
GET /users/{username}/repos	read	UAT IAT	✖️

Repository permissions for "Pages"

Endpoint	Access	Token types	Additional permissions
POST /repos/{owner}/{repo}/pages	write	UAT IAT	Repository permissions for "Administration"
PUT /repos/{owner}/{repo}/pages	write	UAT IAT	Repository permissions for "Administration"
DELETE /repos/{owner}/{repo}/pages	write	UAT IAT	Repository permissions for "Administration"
POST /repos/{owner}/{repo}/pages/builds	write	UAT IAT	✖️
POST /repos/{owner}/{repo}/pages/deployment	write	UAT IAT	✖️
GET /repos/{owner}/{repo}/pages	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/pages/builds	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/pages/builds/latest	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/pages/builds/{build_id}	read	UAT IAT	✖️

Repository permissions for "Pre-receive hooks"

Endpoint	Access	Token types	Additional permissions
DELETE /repos/{owner}/{repo}/pre-receive-hooks/{pre_receive_hook_id}	write	UAT IAT	✖️
GET /repos/{owner}/{repo}/pre-receive-hooks	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/pre-receive-hooks/{pre_receive_hook_id}	read	UAT IAT	✖️

Repository permissions for "Projects"

Endpoint	Access	Token types	Additional permissions
PATCH /projects/columns/cards/{card_id}	write	UAT IAT	✖️
DELETE /projects/columns/cards/{card_id}	write	UAT IAT	✖️
POST /projects/columns/cards/{card_id}/moves	write	UAT IAT	✖️
PATCH /projects/columns/{column_id}	write	UAT IAT	✖️
DELETE /projects/columns/{column_id}	write	UAT IAT	✖️
POST /projects/columns/{column_id}/cards	write	UAT IAT	✖️
POST /projects/columns/{column_id}/moves	write	UAT IAT	✖️
PATCH /projects/{project_id}	write	UAT IAT	✖️
DELETE /projects/{project_id}	write	UAT IAT	✖️
GET /projects/{project_id}/collaborators	write	UAT IAT	✖️
PUT /projects/{project_id}/collaborators/{username}	write	UAT IAT	✖️
DELETE /projects/{project_id}/collaborators/{username}	write	UAT IAT	✖️
GET /projects/{project_id}/collaborators/{username}/permission	write	UAT IAT	✖️
POST /projects/{project_id}/columns	write	UAT IAT	✖️
POST /repos/{owner}/{repo}/projects	write	UAT IAT	✖️
GET /projects/columns/cards/{card_id}	read	UAT IAT	✖️
GET /projects/columns/{column_id}	read	UAT IAT	✖️
GET /projects/columns/{column_id}/cards	read	UAT IAT	✖️
GET /projects/{project_id}	read	UAT IAT	✖️
GET /projects/{project_id}/columns	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/projects	read	UAT IAT	✖️

Repository permissions for "Pull requests"

Endpoint	Access	Token types	Additional permissions
PATCH /repos/{owner}/{repo}/issues/comments/{comment_id}	write	UAT IAT	✖️
DELETE /repos/{owner}/{repo}/issues/comments/{comment_id}	write	UAT IAT	✖️
PATCH /repos/{owner}/{repo}/issues/{issue_number}	write	UAT IAT	✖️
POST /repos/{owner}/{repo}/issues/{issue_number}/assignees	write	UAT IAT	✖️
DELETE /repos/{owner}/{repo}/issues/{issue_number}/assignees	write	UAT IAT	✖️
POST /repos/{owner}/{repo}/issues/{issue_number}/comments	write	UAT IAT	✖️
POST /repos/{owner}/{repo}/issues/{issue_number}/labels	write	UAT IAT	✖️
PUT /repos/{owner}/{repo}/issues/{issue_number}/labels	write	UAT IAT	✖️
DELETE /repos/{owner}/{repo}/issues/{issue_number}/labels	write	UAT IAT	✖️
DELETE /repos/{owner}/{repo}/issues/{issue_number}/labels/{name}	write	UAT IAT	✖️
PUT /repos/{owner}/{repo}/issues/{issue_number}/lock	write	UAT IAT	✖️
DELETE /repos/{owner}/{repo}/issues/{issue_number}/lock	write	UAT IAT	✖️
POST /repos/{owner}/{repo}/labels	write	UAT IAT	✖️
PATCH /repos/{owner}/{repo}/labels/{name}	write	UAT IAT	✖️
DELETE /repos/{owner}/{repo}/labels/{name}	write	UAT IAT	✖️
POST /repos/{owner}/{repo}/milestones	write	UAT IAT	✖️
PATCH /repos/{owner}/{repo}/milestones/{milestone_number}	write	UAT IAT	✖️
DELETE /repos/{owner}/{repo}/milestones/{milestone_number}	write	UAT IAT	✖️
POST /repos/{owner}/{repo}/pulls	write	UAT IAT	✖️
PATCH /repos/{owner}/{repo}/pulls/comments/{comment_id}	write	UAT IAT	✖️
DELETE /repos/{owner}/{repo}/pulls/comments/{comment_id}	write	UAT IAT	✖️
POST /repos/{owner}/{repo}/pulls/comments/{comment_id}/reactions	write	UAT IAT	✖️
DELETE /repos/{owner}/{repo}/pulls/comments/{comment_id}/reactions/{reaction_id}	write	UAT IAT	✖️
PATCH /repos/{owner}/{repo}/pulls/{pull_number}	write	UAT IAT	✖️
POST /repos/{owner}/{repo}/pulls/{pull_number}/comments	write	UAT IAT	✖️
POST /repos/{owner}/{repo}/pulls/{pull_number}/comments/{comment_id}/replies	write	UAT IAT	✖️
POST /repos/{owner}/{repo}/pulls/{pull_number}/requested_reviewers	write	UAT IAT	✖️
DELETE /repos/{owner}/{repo}/pulls/{pull_number}/requested_reviewers	write	UAT IAT	✖️
POST /repos/{owner}/{repo}/pulls/{pull_number}/reviews	write	UAT IAT	✖️
PUT /repos/{owner}/{repo}/pulls/{pull_number}/reviews/{review_id}	write	UAT IAT	✖️
DELETE /repos/{owner}/{repo}/pulls/{pull_number}/reviews/{review_id}	write	UAT IAT	✖️
PUT /repos/{owner}/{repo}/pulls/{pull_number}/reviews/{review_id}/dismissals	write	UAT IAT	✖️
POST /repos/{owner}/{repo}/pulls/{pull_number}/reviews/{review_id}/events	write	UAT IAT	✖️
PUT /repos/{owner}/{repo}/pulls/{pull_number}/update-branch	write	UAT IAT	✖️
GET /repos/{owner}/{repo}/assignees	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/assignees/{assignee}	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/commits/{commit_sha}/pulls	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/dependency-graph/compare/{basehead}	read	UAT IAT	Repository permissions for "Contents"
GET /repos/{owner}/{repo}/issues/comments	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/issues/comments/{comment_id}	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/issues/events/{event_id}	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/issues/{issue_number}/assignees/{assignee}	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/issues/{issue_number}/comments	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/issues/{issue_number}/events	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/issues/{issue_number}/labels	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/issues/{issue_number}/timeline	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/labels	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/labels/{name}	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/milestones	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/milestones/{milestone_number}	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/milestones/{milestone_number}/labels	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/pulls	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/pulls/comments	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/pulls/comments/{comment_id}	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/pulls/comments/{comment_id}/reactions	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/pulls/{pull_number}	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/pulls/{pull_number}/comments	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/pulls/{pull_number}/commits	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/pulls/{pull_number}/files	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/pulls/{pull_number}/merge	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/pulls/{pull_number}/requested_reviewers	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/pulls/{pull_number}/reviews	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/pulls/{pull_number}/reviews/{review_id}	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/pulls/{pull_number}/reviews/{review_id}/comments	read	UAT IAT	✖️

Repository permissions for "Secret scanning alerts"

Endpoint	Access	Token types	Additional permissions
PATCH /repos/{owner}/{repo}/secret-scanning/alerts/{alert_number}	write	UAT IAT	✖️
GET /orgs/{org}/secret-scanning/alerts	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/secret-scanning/alerts	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/secret-scanning/alerts/{alert_number}	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/secret-scanning/alerts/{alert_number}/locations	read	UAT IAT	✖️

Repository permissions for "Secrets"

Endpoint	Access	Token types	Additional permissions
PUT /repos/{owner}/{repo}/actions/secrets/{secret_name}	write	UAT IAT	✖️
DELETE /repos/{owner}/{repo}/actions/secrets/{secret_name}	write	UAT IAT	✖️
PUT /repositories/{repository_id}/environments/{environment_name}/secrets/{secret_name}	write	UAT IAT	Repository permissions for "Environments"
DELETE /repositories/{repository_id}/environments/{environment_name}/secrets/{secret_name}	write	UAT IAT	Repository permissions for "Environments"
GET /repos/{owner}/{repo}/actions/secrets	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/actions/secrets/public-key	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/actions/secrets/{secret_name}	read	UAT IAT	✖️
GET /repositories/{repository_id}/environments/{environment_name}/secrets	read	UAT IAT	Repository permissions for "Environments"
GET /repositories/{repository_id}/environments/{environment_name}/secrets/public-key	read	UAT IAT	Repository permissions for "Environments"
GET /repositories/{repository_id}/environments/{environment_name}/secrets/{secret_name}	read	UAT IAT	Repository permissions for "Environments"

Repository permissions for "Webhooks"

Endpoint	Access	Token types	Additional permissions
POST /repos/{owner}/{repo}/hooks	write	UAT IAT	✖️
PATCH /repos/{owner}/{repo}/hooks/{hook_id}	write	UAT IAT	✖️
DELETE /repos/{owner}/{repo}/hooks/{hook_id}	write	UAT IAT	✖️
PATCH /repos/{owner}/{repo}/hooks/{hook_id}/config	write	UAT IAT	✖️
POST /repos/{owner}/{repo}/hooks/{hook_id}/deliveries/{delivery_id}/attempts	write	UAT IAT	✖️
GET /repos/{owner}/{repo}/hooks	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/hooks/{hook_id}	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/hooks/{hook_id}/config	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/hooks/{hook_id}/deliveries	read	UAT IAT	✖️
GET /repos/{owner}/{repo}/hooks/{hook_id}/deliveries/{delivery_id}	read	UAT IAT	✖️
POST /repos/{owner}/{repo}/hooks/{hook_id}/pings	read	UAT IAT	✖️
POST /repos/{owner}/{repo}/hooks/{hook_id}/tests	read	UAT IAT	✖️

Repository permissions for "Workflows"

Endpoint	Access	Token types	Additional permissions
POST /repos/{owner}/{repo}/git/refs	write	UAT IAT	Repository permissions for "Contents"
PATCH /repos/{owner}/{repo}/git/refs/{ref}	write	UAT IAT	Repository permissions for "Contents"
POST /repos/{owner}/{repo}/releases	write	UAT IAT	Repository permissions for "Contents"

User permissions for "Email addresses"

Endpoint	Access	Token types	Additional permissions
POST /user/emails	write	UAT	✖️
DELETE /user/emails	write	UAT	✖️
GET /user/emails	read	UAT	✖️
GET /user/public_emails	read	UAT	✖️

User permissions for "Followers"

Endpoint	Access	Token types	Additional permissions
PUT /user/following/{username}	write	UAT	✖️
DELETE /user/following/{username}	write	UAT	✖️
GET /user/followers	read	UAT	✖️
GET /user/following	read	UAT	✖️
GET /user/following/{username}	read	UAT	✖️

User permissions for "GPG keys"

Endpoint	Access	Token types	Additional permissions
POST /user/gpg_keys	write	UAT	✖️
DELETE /user/gpg_keys/{gpg_key_id}	write	UAT	✖️
GET /user/gpg_keys	read	UAT	✖️
GET /user/gpg_keys/{gpg_key_id}	read	UAT	✖️

User permissions for "Gists"

Endpoint	Access	Token types	Additional permissions
POST /gists	write	UAT	Repository permissions for "Metadata"
PATCH /gists/{gist_id}	write	UAT	Repository permissions for "Metadata"
DELETE /gists/{gist_id}	write	UAT	Repository permissions for "Metadata"
POST /gists/{gist_id}/comments	write	UAT	Repository permissions for "Metadata"
PATCH /gists/{gist_id}/comments/{comment_id}	write	UAT	Repository permissions for "Metadata"
DELETE /gists/{gist_id}/comments/{comment_id}	write	UAT	Repository permissions for "Metadata"
POST /gists/{gist_id}/forks	write	UAT	Repository permissions for "Metadata"
PUT /gists/{gist_id}/star	write	UAT	Repository permissions for "Metadata"
DELETE /gists/{gist_id}/star	write	UAT	Repository permissions for "Metadata"

User permissions for "Git SSH keys"

Endpoint	Access	Token types	Additional permissions
POST /user/keys	write	UAT	✖️
DELETE /user/keys/{key_id}	write	UAT	✖️
GET /user/keys	read	UAT	✖️
GET /user/keys/{key_id}	read	UAT	✖️
GET /users/{username}/keys	read	UAT IAT	✖️

User permissions for "Notifications"

Endpoint	Access	Token types	Additional permissions
GET /notifications	read	UAT	Repository permissions for "Metadata"

User permissions for "Profile"

Endpoint	Access	Token types	Additional permissions
PATCH /user	write	UAT	✖️

User permissions for "SSH signing keys"

Endpoint	Access	Token types	Additional permissions
POST /user/ssh_signing_keys	write	UAT	✖️
DELETE /user/ssh_signing_keys/{ssh_signing_key_id}	write	UAT	✖️
GET /user/ssh_signing_keys	read	UAT	✖️
GET /user/ssh_signing_keys/{ssh_signing_key_id}	read	UAT	✖️

User permissions for "Starring"

Endpoint	Access	Token types	Additional permissions
PUT /user/starred/{owner}/{repo}	write	UAT	✖️
DELETE /user/starred/{owner}/{repo}	write	UAT	✖️
GET /user/starred	read	UAT	✖️
GET /user/starred/{owner}/{repo}	read	UAT	✖️
GET /users/{username}/starred	read	UAT IAT	✖️

User permissions for "Watching"

Endpoint	Access	Token types	Additional permissions
GET /user/subscriptions	read	UAT	✖️
GET /users/{username}/subscriptions	read	UAT IAT	✖️

Permissions required for GitHub Apps

In this article