Permissions required for GitHub Apps

You can find the required permissions for each aplicativo GitHub-compatible endpoint.

Neste artigo

About aplicativo GitHub permissions

aplicativo GitHubs are created with a set of permissions. Permissions define what resources the aplicativo GitHub can access via the API. For more information, see "Setting permissions for GitHub Apps."

Metadata permissions

GitHub Apps have the Read-only metadata permission by default. The metadata permission provides access to a collection of read-only endpoints with metadata for various resources. These endpoints do not leak sensitive private repository information.

Se você definir a permissão de metadados para No access e selecionar uma permissão que exija acesso ao repositório, GitHub irá substituir sua seleção e definir a permissão de metadados de volta para Read-only. Para definir a permissão de metadados para No access, você deve definir todas as permissões que requerem acesso ao repositório No access primeiro.

Colaboradores

Comentários de commit

Eventos

Git

Keys

GET /users/:username/keys

Organization members

Pesquisar

Permission on "administration"

POST /repos/:owner/:repo/forks (:write)

PUT /repos/:owner/:repo/topics (:write)
POST /repos/:owner/:repo/transfer (:write)

POST /user/repos (:write)
PATCH /user/repository_invitations/:invitation_id (:write)
DELETE /user/repository_invitations/:invitation_id (:write)

Branches

Colaboradores

PUT /repos/:owner/:repo/collaborators/:username (:write)
DELETE /repos/:owner/:repo/collaborators/:username (:write)

Invitations

GET /repos/:owner/:repo/invitations (:read)
PATCH /repos/:owner/:repo/invitations/:invitation_id (:write)
DELETE /repos/:owner/:repo/invitations/:invitation_id (:write)

Keys

GET /repos/:owner/:repo/keys (:read)
POST /repos/:owner/:repo/keys (:write)
GET /repos/:owner/:repo/keys/:key_id (:read)
DELETE /repos/:owner/:repo/keys/:key_id (:write)

Equipes

GET /repos/:owner/:repo/teams (:read)
PUT /teams/:team_id/repos/:owner/:repo (:write)
DELETE /teams/:team_id/repos/:owner/:repo (:write)

Permission on "checks"

POST /repos/:owner/:repo/check-runs (:write)
GET /repos/:owner/:repo/check-runs/:check_run_id (:read)
PATCH /repos/:owner/:repo/check-runs/:check_run_id (:write)
GET /repos/:owner/:repo/check-runs/:check_run_id/annotations (:read)
POST /repos/:owner/:repo/check-suites (:write)
GET /repos/:owner/:repo/check-suites/:check_suite_id (:read)
GET /repos/:owner/:repo/check-suites/:check_suite_id/check-runs (:read)
POST /repos/:owner/:repo/check-suites/:check_suite_id/rerequest (:write)
PATCH /repos/:owner/:repo/check-suites/preferences (:write)
GET /repos/:owner/:repo/commits/:sha/check-runs (:read)
GET /repos/:owner/:repo/commits/:sha/check-suites (:read)

Permission on "contents"

GET /repos/:owner/:repo/:archive_format/:ref (:read)

GET /repos/:owner/:repo/check-runs/:check_run_id (:read)
GET /repos/:owner/:repo/check-runs/:check_run_id/annotations (:read)
GET /repos/:owner/:repo/check-suites/:check_suite_id (:read)
GET /repos/:owner/:repo/check-suites/:check_suite_id/check-runs (:read)
POST /repos/:owner/:repo/check-suites/:check_suite_id/rerequest (:write)
GET /repos/:owner/:repo/commits (:read)
GET /repos/:owner/:repo/commits/:sha (:read)
GET /repos/:owner/:repo/commits/:sha/check-runs (:read)
GET /repos/:owner/:repo/commits/:sha/check-suites (:read)
GET /repos/:owner/:repo/community/code_of_conduct (:read)
GET /repos/:owner/:repo/compare/:base...:head (:read)
GET /repos/:owner/:repo/contents/:path (:read)
POST /repos/:owner/:repo/dispatches (:write)
POST /repos/:owner/:repo/forks (:read)
POST /repos/:owner/:repo/merges (:write)
PUT /repos/:owner/:repo/pulls/:pull_number/merge (:write)
GET /repos/:owner/:repo/readme(?:/(.*))? (:read)

Branches

GET /repos/:owner/:repo/branches (:read)
GET /repos/:owner/:repo/branches/:branch (:read)

Comentários de commit

PATCH /repos/:owner/:repo/comments/:comment_id (:write)
DELETE /repos/:owner/:repo/comments/:comment_id (:write)
POST /repos/:owner/:repo/comments/:comment_id/reactions (:read)
POST /repos/:owner/:repo/commits/:sha/comments (:read)

Git

POST /repos/:owner/:repo/git/blobs (:write)
GET /repos/:owner/:repo/git/blobs/:sha (:read)
POST /repos/:owner/:repo/git/commits (:write)
GET /repos/:owner/:repo/git/commits/:commit_id (:read)
POST /repos/:owner/:repo/git/refs (:write)
GET /repos/:owner/:repo/git/refs/:ref (:read)
GET /repos/:owner/:repo/git/refs (:read)
PATCH /repos/:owner/:repo/git/refs/:ref (:write)
DELETE /repos/:owner/:repo/git/refs/:ref (:write)
POST /repos/:owner/:repo/git/tags (:write)
GET /repos/:owner/:repo/git/tags/:tag_id (:read)
POST /repos/:owner/:repo/git/trees (:write)
GET /repos/:owner/:repo/git/trees/:sha (:read)

Reactions

DELETE /reactions/:reaction_id (:write)

Versões

GET /repos/:owner/:repo/releases (:read)
POST /repos/:owner/:repo/releases (:write)
GET /repos/:owner/:repo/releases/:release_id (:read)
PATCH /repos/:owner/:repo/releases/:release_id (:write)
DELETE /repos/:owner/:repo/releases/:release_id (:write)
GET /repos/:owner/:repo/releases/:release_id/assets (:read)
GET /repos/:owner/:repo/releases/assets/:asset_id (:read)
PATCH /repos/:owner/:repo/releases/assets/:asset_id (:write)
DELETE /repos/:owner/:repo/releases/assets/:asset_id (:write)
GET /repos/:owner/:repo/releases/latest (:read)
GET /repos/:owner/:repo/releases/tags/:tag (:read)

Permission on "deployments"

GET /repos/:owner/:repo/deployments (:read)
POST /repos/:owner/:repo/deployments (:write)
GET /repos/:owner/:repo/deployments/:deployment_id (:read)
GET /repos/:owner/:repo/deployments/:deployment_id/statuses (:read)
POST /repos/:owner/:repo/deployments/:deployment_id/statuses (:write)
GET /repos/:owner/:repo/deployments/:deployment_id/statuses/:status_id (:read)

Permission on "emails"

Permission on "followers"

GET /user/followers (:read)
GET /user/following (:read)
GET /user/following/:username (:read)
PUT /user/following/:username (:write)
DELETE /user/following/:username (:write)

Permission on "gpg keys"

GET /user/gpg_keys (:read)
POST /user/gpg_keys (:write)
GET /user/gpg_keys/:gpg_key_id (:read)
DELETE /user/gpg_keys/:gpg_key_id (:write)

Permission on "issues"

Issues and pull requests are closely related. For more information, see "List issues assigned to the authenticated user." If your GitHub App has permissions on issues but not on pull requests, these endpoints will be limited to issues. Endpoints that return both issues and pull requests will be filtered. Endpoints that allow operations on both issues and pull requests will be restricted to issues.

GET /repos/:owner/:repo/issues (:read)
POST /repos/:owner/:repo/issues (:write)
GET /repos/:owner/:repo/issues/:issue_number (:read)
PATCH /repos/:owner/:repo/issues/:issue_number (:write)
GET /repos/:owner/:repo/issues/:issue_number/comments (:read)
POST /repos/:owner/:repo/issues/:issue_number/comments (:write)
PUT /repos/:owner/:repo/issues/:issue_number/lock (:write)
DELETE /repos/:owner/:repo/issues/:issue_number/lock (:write)
GET /repos/:owner/:repo/issues/:issue_number/reactions (:read)
POST /repos/:owner/:repo/issues/:issue_number/reactions (:write)
GET /repos/:owner/:repo/issues/:issue_number/timeline (:read)
GET /repos/:owner/:repo/issues/comments (:read)
GET /repos/:owner/:repo/issues/comments/:comment_id (:read)
PATCH /repos/:owner/:repo/issues/comments/:comment_id (:write)
DELETE /repos/:owner/:repo/issues/comments/:comment_id (:write)
GET /repos/:owner/:repo/issues/comments/:comment_id/reactions (:read)
POST /repos/:owner/:repo/issues/comments/:comment_id/reactions (:write)

Responsáveis

GET /repos/:owner/:repo/assignees (:read)
GET /repos/:owner/:repo/assignees/:username (:read)
POST /repos/:owner/:repo/issues/:issue_number/assignees (:write)
DELETE /repos/:owner/:repo/issues/:issue_number/assignees (:write)

Eventos

GET /repos/:owner/:repo/issues/:issue_number/events (:read)
Get an issue event (:read)

Etiquetas

GET /repos/:owner/:repo/issues/:issue_number/labels (:read)
POST /repos/:owner/:repo/issues/:issue_number/labels (:write)
PUT /repos/:owner/:repo/issues/:issue_number/labels (:write)
DELETE /repos/:owner/:repo/issues/:issue_number/labels (:write)
DELETE /repos/:owner/:repo/issues/:issue_number/labels/:name (:write)
GET /repos/:owner/:repo/labels (:read)
POST /repos/:owner/:repo/labels (:write)
GET /repos/:owner/:repo/labels/:name (:read)
PATCH /repos/:owner/:repo/labels/:name (:write)
DELETE /repos/:owner/:repo/labels/:name (:write)

Marcos

GET /repos/:owner/:repo/milestones (:read)
POST /repos/:owner/:repo/milestones (:write)
GET /repos/:owner/:repo/milestones/:milestone_number (:read)
PATCH /repos/:owner/:repo/milestones/:milestone_number (:write)
DELETE /repos/:owner/:repo/milestones/:milestone_number (:write)
GET /repos/:owner/:repo/milestones/:milestone_number/labels (:read)

Reactions

GET /repos/:owner/:repo/issues/comments/:comment_id/reactions (:read)
POST /repos/:owner/:repo/issues/comments/:comment_id/reactions (:write)
GET /repos/:owner/:repo/issues/:issue_number/reactions (:read)
POST /repos/:owner/:repo/issues/:issue_number/reactions (:write)
DELETE /reactions/:reaction_id (:write)

Permission on "keys"

Keys

Permission on "members"

GET /orgs/:org/outside_collaborators (:read)
PUT /orgs/:org/outside_collaborators/:username (:write)
DELETE /orgs/:org/outside_collaborators/:username (:write)
GET /orgs/:org/team/:team_id (:read)

Organization members

DELETE /orgs/:org/members/:username (:write)
GET /orgs/:org/memberships/:username (:read)
PUT /orgs/:org/memberships/:username (:write)
DELETE /orgs/:org/memberships/:username (:write)
PUT /orgs/:org/public_members/:username (:write)
DELETE /orgs/:org/public_members/:username (:write)
GET /user/memberships/orgs (:read)
GET /user/memberships/orgs/:org (:read)
PATCH /user/memberships/orgs/:org (:write)

Team members

GET /teams/:team_id/members (:read)
GET /teams/:team_id/memberships/:username (:read)
PUT /teams/:team_id/memberships/:username (:write)
DELETE /teams/:team_id/memberships/:username (:write)

Equipes

GET /orgs/:org/teams (:read)
POST /orgs/:org/teams (:write)
GET /orgs/:org/teams/:team_slug (:read)
GET /teams/:team_id (:read)
PATCH /teams/:team_id (:write)
DELETE /teams/:team_id (:write)
GET /teams/:team_id/repos (:read)
GET /teams/:team_id/repos/:owner/:repo (:read)
PUT /teams/:team_id/repos/:owner/:repo (:read)
DELETE /teams/:team_id/repos/:owner/:repo (:write)
GET /teams/:team_id/teams (:read)

Permission on "organization administration"

PATCH /orgs/:org (:write)

Permission on "organization hooks"

GET /orgs/:org/hooks (:read)
POST /orgs/:org/hooks (:write)
GET /orgs/:org/hooks/:hook_id (:read)
PATCH /orgs/:org/hooks/:hook_id (:write)
DELETE /orgs/:org/hooks/:hook_id (:write)
POST /orgs/:org/hooks/:hook_id/pings (:write)

Equipes

DELETE /teams/:team_id/projects/:project_id (:read)

Permission on "pull requests"

Pull requests and issues are closely related.. If your GitHub App has permissions on pull requests but not on issues, these endpoints will be limited to pull requests. Endpoints that return both pull requests and issues will be filtered. Endpoints that allow operations on both pull requests and issues will be restricted to pull requests.