Required permissions

Configuring the required permissions in GitHub ensures that Xopero ONE can securely access repositories, metadata, and organization settings necessary to perform consistent and complete backups.

Account integration

To install the Xopero ONE application, you must use an account with sufficient privileges, typically an administrator account. Additionally, the application requires the following permissions to function correctly:

• Full control of projects.

• Read team discussions.

• Read organization and team membership, read organization projects.

• Read all user profile data.

• Full control of private repositories.

• Access user email addresses (read-only).

• Update GitHub Action workflows.

Below you can find examples of different types of permissions along with their explanations.

Personal Access Token (PAT) integration

The minimum authorization permissions required for the token to register the Xopero ONE application and perform repository backup and restore are: repo and workflow.

You can generate a personal access token in the Developer settings > Personal access tokens menu in GitHub. When creating a PAT, you can assign it different types of permissions — the list below outlines the permissions required to back up specific repository metadata within your organization:

1. admin:org — allows you to read the organization's projects.

2. project — allows you to read the projects from which the repository comes.

3. read:discussion — allows you to read team discussions.

4. read:public_key — grants access to keys.

5. read:repo_hook — grants access to webhooks.

6. repo — grants access to repositories.

Useful links and items

Generating a user access token for a GitHub App - GitHub DocsGitHub Docs