Repository_dispatch: Resource not accessible by integration

See this.

curl -d "{"event_type":"updated"}" -H "Content-Type: application/json" -H "Authorization: token $GITHUB_TOKEN" https://api.github.com/repos/MrThanlon/meclass/dispatches
  shell: /bin/bash -e {0}
  env:
    GITHUB_TOKEN: ***
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed

  0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0
{
  "message": "Resource not accessible by integration",
  "documentation_url": "https://developer.github.com/v3/repos/#create-a-repository-dispatch-event"
}

:wave: hello there @MrThanlon, and welcome to the GitHub Support Community!

A GitHub App needs read and write permission on Contents in order to trigger a repository dispatch.

Creating a repository dispatch is enabled for GitHub Apps, but our article outlining the different permissions required for GitHub Apps to access specific endpoints doesn’t currently have /dispatches listed. I checked on our end and see we have an internal issue that our Documentation team is tracking for this––I’ve added this case there for their awareness.

(Update: I’d like to share another instance of this was asked in Create repository_dispatch event from a GitHub App?).

Hope this helps! :v:

Hey @francisfuzz,

Sorry for a delayed response. read and write permissions on Contents seems a bit too much of permissions for simply posting an event. Some users can’t install apps with such permissive access since because of the company policy. It will be great if the Apps could create dispatch event with less permissions.

Thanks for writing back here, and no worries on the response time! :sunglasses:

I hear what you’re saying. More granular scopes and permissions are important to limit the level of access an entity can have to someone’s resources and it’s something our team is aware of. I’m wondering if you would mind submitting that feedback through our official product feedback form so that our product team can track your request? That’s the best place to share requests like these in consideration for future iterations of GitHub features. :bowing_man:

Update: our team just shipped an update to docs.github.com! The endpoint for creating a repository dispatch is now scoped under Permission on "contents". :rocket: