GET /repos/:owner/:repo endpoint not returning delete_branch_on_merge field using GitHub App for Auth

Trying to figure out how I can retrieve the delete_branch_on_merge field from the GET /repos/:owner/:repo api call using a GitHub App for authentication.

I’m authenticating with a github app installation that has permissions to view all repos in an org, and Repository permissions including Administration/readonly and Metadata/readonly however the field delete_branch_on_merge is missing from the API response. This field appears to be a default response from the docs here. There is a “Notes” section with a link “Works with GitHub Apps” so I am assuming this field should be available with the permissions specified above.

Heres how I’m authenticating

1. Using the github apps private key and github app id I’m generating a jwt

2. Using the JWT I’m fetching an access token at the https://api.github.com/app/installations/#{ENV['GITHUB_INSTALLATION_ID']}/access_tokens endpoint

3. Using this token im then making a request to

 curl -i \
 -H "Authorization: token TOKEN-HERE" \
 -H "Accept: application/vnd.github.v3+json" \
 https://api.github.com/repos/:owner/:repo

This response only contains a subset of fields indicated by the docs, and does not contain the delete_branch_on_merge field.

This has been resolved by adding the following permission

Repository permissions -> Contents: Read/Write

However, now I’m wondering why Repository Write permissions are needed to read the settings of a repo. According to the docs this should be available with metadata read access

I can confirm this behavior.

Also affected are the following keys:
allow_squash_merge
allow_merge_commit
allow_rebase_merge
delete_branch_on_merge

To me it looks like a bug

bump. @github is this a bug or intentional behavior?

I opened a support ticket.

Support says:

This is intentional behavior.