How to check a GitHub App installation can read/write a repo #143997
Replies: 1 comment
-
🕒 Discussion Activity Reminder 🕒 This Discussion has been labeled as dormant by an automated system for having no activity in the last 60 days. Please consider one the following actions: 1️⃣ Close as Out of Date: If the topic is no longer relevant, close the Discussion as 2️⃣ Provide More Information: Share additional details or context — or let the community know if you've found a solution on your own. 3️⃣ Mark a Reply as Answer: If your question has been answered by a reply, mark the most helpful reply as the solution. Note: This dormant notification will only apply to Discussions with the Thank you for helping bring this Discussion to a resolution! 💬 |
Beta Was this translation helpful? Give feedback.
-
Select Topic Area
Question
Body
Hello,
I'm searching for a way to identify a certain token holder (I have the token) can write, read or neither of that to a particular repo.
With a user-bound personal access token (PAT) I can identify the user with
/user
and use thelogin
in/repos/{owner}/{repo}/collaborators/{username}/permission
endpoint to see ausername
's repopermission
to know what they can do to the git content.However, I can't seem to find a way to do that for a GitHub App installation (acting on behalf of the app itself). This identity is represented by a token with the
ghs_
prefix and (obviously) obeys a slightly different semantics.In the set of accessible endpoints I see I can list all repos this installation can operate on with
/installation/repositories
, but this is further restricted by fine-grained permissions requested by the app (and later confirmed by the org owner). When the token has the Organization Administration read permission, it can use/orgs/{org}/installations
, which contains the accepted permissions, but for all installations on the org, not just the one tied with the token. That's the last tiny piece of the puzzle I'm missing.Would anyone have a clue?
Also all these listings are pretty heavy on the output, while I only need a tiny subset of the fields. I wouldn't mind using GraphQL for those queries, but I haven't found anything even remotely related in the GraphQL docs 😮
Thanks for your help!
Beta Was this translation helpful? Give feedback.
All reactions