Setting permissions for GitHub Apps

When you create a GitHub App, you set the permissions that define the resources the app can access via the REST API v3.

When you create a GitHub App, you can select the permissions it needs to access end user data. Permissions can also be added and removed. For more information, see "Editing a GitHub App's permissions."

Metadata permissions

By default, GitHub Apps have Read-only access to metadata endpoints. Metadata is a collection of read-only endpoints that provide general information about resources that the authorized installation can access.

If you set the metadata permission to No access and select a permission that requires repository access, GitHub will override your selection and set the metadata permission back to Read-only. Setting all permissions that require repository access back to No access will allow you to set the metadata permission to No access. For a list of metadata endpoints, see "Metadata permissions."