Bump on this as well....   It's increasingly frustrating trying to use the GraphQL documentation and sort out what is acceptable on these endpoints. The REST API clearly documents what a GitHub App can and cannot do, which isn't the case for GraphQL.   Can we get a bit more background information as to why the search endpoint isn't enabled? For context, I'm getting all my organization's vulnerabilities, which is an endpoint that is only available on GraphQL, and I need to use the search endpoint in order to filter out my organization's repos. I'm happy to hear a better way - but I'm not seeing one at the current moment. Using a GitHub App allows me not to use a personal access token for this and have better security.   EDIT: I was able to reformat my query to not use the search endpoint. However, it doesn't seem the vulnerability alerts is available for GitHub Apps. Which is again.... frustrating to find out after working through the queries. But it's in beta. My major feedback here is to have what GitHub Apps can and cannot access for GraphQL endpoints.  It takes a lot of time to form a good query and then to find it doesn't work with GitHub Apps just makes you feel like you've wasted your time. ... View more