Failing to update contents under `.github` using an API call

I am attempting to update the contents of .github folder using a call to API, using GitHub App’s token:

A GitHub App in question is installed to the repo, and has the following permissions:

  • Read access to metadata
  • Read and write access to actions, code, and secrets

Updating files in the repo work fine. However, an attempt to edit the contents under .github folder fails with a 403 error.

I am failing to locate a relevant note in the endpoint and / or GitHub App documentation regarding .github being treated differently.

Should this behaviour be considered a bug, or is this simply something that’s undocumented?

To be precise, I was failing to update the contents under .github/workflows folder. Providing my GitHub App with:

Read and write access to workflows

…addressed the issue.

Credit goes to author of this comment: Managing Github action workflow files · Issue #762 · integrations/terraform-provider-github · GitHub