Permissions Required for GitHub
When you grant access to the GitHub app instance, Netskope seeks consent for the following permissions from the GitHub account:
Permissions required by Netskope | Description | Purpose |
---|---|---|
Read-only access to Organization Members | Read organization members and teams. | Retrieve teams, team members and organizations' collaborators for user/group inventory. |
Read-only access to Organization Administration | Read access to an organization. | Retrieve audit logs for User Access Behavior Analytics (UEBA) feature. |
Read and write access to Repository Administration | Read and write access to manage repositories. | Retrieve team access to the repository for repository and user inventory. Write access is used to remove external collaborators from a specific repository who are external to the GitHub organization. Only users who are within the GitHub organization should have access to this repository’s commits. |
Read-only access to Repository Contents | Read repository contents. | List commit and retrieve commit content for DLP scan. |
Read-only access to Repository Metadata | Read repository metadata. | List organization repositories for repository inventory. |
Read and write access to Repository Issues | Read and write access to issues and issue comments. | (Future release) Perform content DLP on issues and issue comments. Write access will be used to delete or redact sensitive content in issues, or issue comments. |
Read and write access to Repository Pull requests | Read and write access to pull requests and pull request comments. | (Future release) Perform content DLP on pull requests and pull request comments. Write access will be used to delete, or redact sensitive content in pull requests, or pull request comments. |