GitHub App permissions for GraphQL query #24797

shipit · 2019-11-13T20:22:53Z

shipit
Nov 13, 2019

I had this query working on my OAuth app with user:email, repo scope. It is returning 403 Forbidden when I auth with GitHub App. Query-

{
  viewer {
    repositories(first: 100, ownerAffiliations: OWNER) {
      totalCount
      nodes {
        nameWithOwner
        owner {
          avatarUrl
          login
        }
        languages(first: 10) {
          nodes {
            name
          }
        }
        defaultBranchRef {
          name
          target {
            ... on Commit {
              committedDate
              oid
              message
            }
          }
        }
      }
    }
  }
}

Permissions on the GitHub app-

"permissions":{"contents":"read","metadata":"read","pull_requests":"read","repository_hooks":"write","statuses":"read"}

Thanks!

Answered by shipit

Nov 14, 2019

The reason this query doesn’t work is that the /repos endpoint returns public repos for the GitHub App’s token and the nested query eg /languages breaks the graphql query. The solution is to fetch /user/:install_id/repos/ and then iterate over returned queries.

imho- public repos shouldn’t be returned for GitHub App in the first place as the app could be installed on a public repo in future.

View full answer

shipit · 2019-11-13T20:30:02Z

shipit
Nov 13, 2019
Author

From here looks like metadata should be enough-

https://developer.github.com/v3/apps/permissions/

0 replies

shipit · 2019-11-14T19:45:03Z

shipit
Nov 14, 2019
Author

The reason this query doesn’t work is that the /repos endpoint returns public repos for the GitHub App’s token and the nested query eg /languages breaks the graphql query. The solution is to fetch /user/:install_id/repos/ and then iterate over returned queries.

imho- public repos shouldn’t be returned for GitHub App in the first place as the app could be installed on a public repo in future.

0 replies

PabloSzx · 2020-02-11T16:10:46Z

PabloSzx
Feb 11, 2020

How can I do the query you mention in Github API v4?

0 replies

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Community

GitHub App permissions for GraphQL query #24797

{{title}}

Replies: 3 comments

{{title}}

{{title}}

{{title}}

Select a reply

GitHub Community

GitHub App permissions for GraphQL query #24797

shipit Nov 13, 2019

Replies: 3 comments

shipit Nov 13, 2019 Author

shipit Nov 14, 2019 Author

PabloSzx Feb 11, 2020

shipit
Nov 13, 2019

shipit
Nov 13, 2019
Author

shipit
Nov 14, 2019
Author

PabloSzx
Feb 11, 2020