When working with Github's graphql explorer, you will find that all your queries work seamlessly - but when you try to run the same queries in your application, you could run into permission issues.
While the explorer requests a very wide range of permissions, your application would probably be restrictive in the type of permissions it requests from your users to execute the graphql queries against their account.
In such a scenario, debugging which permission is needed could be difficult - here's an example query and the error thrown for that query to github's graphql endpoint:
The query:
{
user(login: "callmekatootie") {
repositories(first: 10) {
nodes {
collaborators(first: 10) {
totalCount
}
}
}
}
}
and the error:
{
"type": "FORBIDDEN",
"path": [
"user",
"repositories",
"nodes",
0,
"collaborators",
"totalCount"
],
"extensions": {
"saml_failure": false
},
"locations": [
{
"line": 4,
"column": 9
}
],
"message": "Resource not accessible by integration"
}
One gets the error Resource not accessible by integration
. When one google's this error, there aren't quality results that can help you out.
This error basically talks about a permission issue. When working with Github apps, you may not have set the necessary permission to access the resource you need. Hence the Resource not accessible by integration
error.
So - how would one go about finding out which permission is needed in this case?
The graphql documentation does not talk about this - weirdly, one first needs to instead go to their REST api documentation. In our case, since we are interested in the count of the collaborators on a repository, we would look for the REST api that fetches the collaborators for a repository. That would be the list repository collaborators endpoint:
GET /repos/{owner}/{repo}/collaborators
Now that we know the endpoint path, we then head over to the permissions required for Github Apps page and proceed to locate this endpoint (Do a Ctrl / Cmd + F
in your browser and search for the endpoint you need).
We find the above endpoint under the Collaborators
permission list:
which, if you scroll up, falls under the Metadata permissions. Boom! There you go! Head over to your Github App and under Repository permissions, provide read-only access for the Metadata permissions:
That should resolve your "Resource not accessible by integration" issue.
Top comments (0)