Setting permissions for GitHub Apps
When you create a GitHub App, you set the permissions that define the resources the app can access via the REST API v3.
After you create a GitHub App, you can modify the app's permission to end user data. For more information, see "Editing a GitHub App's permissions."
By default, GitHub Apps provide
Read-only access to metadata endpoints. Metadata is a collection of read-only endpoints that provide general information about resources that the authorized installation can access. For a list of these endpoints, see "Metadata permissions."