I'm trying to authenticate through a Github app to launch a repository dispatch event as per these docs. The app has the permissions metadata:read and contents:read&write as mentioned in the docs.

With the code below, authentication succeeds, but I get a 404 not found error.

const authDetails = {
  appId: secrets.appId,
  privateKey: privateKey,
  clientId: secrets.clientId,
  clientSecret: secrets.clientSecret,
}
const auth = createAppAuth(authDetails);

(async() => {
  const appAuthentication = await auth({type: "app"});
  const appOctokit = new Octokit(appAuthentication);

  appOctokit.request('POST /repos/org_name/repo_name/dispatches', {
    event_type: 'my_action'
  }).then(res => {
    console.log(res);
  }).catch(err => {
    console.log(err)
  })
})()

If I authenticate using a personal access token (code below), the request succeeds, and the action my_action is fired as expected.

const patOctokit = new Octokit({ auth: `***` });
(async() => {
  patOctokit.request('POST /repos/org_name/repo_name/dispatches', {
    event_type: 'my_action'
  }).then(res => {
    console.log(res);
  }).catch(err => {
    console.log(err)
  })
})()

Comparing the responses, I can see that the PAT method (204) includes the header 'x-oauth-scopes': 'repo' where the app method (404) does not.

The repo in question is also owned by an organisation- I'm not sure if that could alter the required permissions.

0

There are 0 best solutions below