Github App Development: Adding Deploy Key to project


For Github Apps (not to be confused with Github oAuth apps), I want to create a read-only deploy key on a user’s project.

However it looks like:

  1. The user token retrieved from the oAuth flow doesn’t have permission to do this
  2. The Github App can do this, but requires the Administration permission, which also gives our application a LOT of permissions, such as deleting the repository.

Am I missing anything? The goal would be to create a read-only deploy key without also giving the application permission to be destructive.


1 Like

Hi @fideloper,

Thanks a lot for reaching out!  I can’t think of any obvious way to significantly improve your method. We will take your feedback as a feature request, sorry I don’t have better news for you.