Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

What permissions does GitHub PAT need? #448

Closed
agardnerIT opened this issue Aug 14, 2024 · 1 comment · Fixed by #468
Closed

What permissions does GitHub PAT need? #448

agardnerIT opened this issue Aug 14, 2024 · 1 comment · Fixed by #468
Assignees
@gnmeyer
Labels
documentation Improvements or additions to documentation question Further information is requested

Comments

@agardnerIT
Copy link

I can't find this info anywhere in the repo.
@github-actions github-actions bot added the triage Label to signify this work needs to be triaged. label Aug 14, 2024
@adrielp
Copy link
Collaborator

adrielp commented Aug 14, 2024
edited
Loading

@agardnerIT - for PATs, the basic set of permissions needed are:

  • repo:All
  • read:packages
  • read:org
  • read:user
  • read:enterprise
  • read:project
  • read:security

The setting varies between classic and fine-grained. The queries under the hood are all read queries, there is no write. They read repos, orgs, branches, commits, metadata, issues, pull requests, and GHAS security events.

I generally recommend using the GitHub App Authentication Extension for authentication instead as GitHub Apps use OAUTH and are more secure, locks down permissions better, and increases rate limits.

We'll take the action item to add documentation to the GitHub Scraper defining the PAT permissions.

@adrielp adrielp added documentation Improvements or additions to documentation question Further information is requested and removed triage Label to signify this work needs to be triaged. labels Aug 14, 2024
@gnmeyer gnmeyer self-assigned this Aug 20, 2024
@gnmeyer gnmeyer linked a pull request Aug 20, 2024 that will close this issue
chore(docs): add documentation to GitHub Scraper defining PAT permissions #468
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@gnmeyer gnmeyer

Labels
documentation Improvements or additions to documentation question Further information is requested
Projects
None yet
Milestone
No milestone
3 participants
@adrielp @agardnerIT @gnmeyer