Determining if a User has Owner permissions of a Organization


I’m building a GitHub app right now and as I’m a new app and not part of the marketplace yet I’m building my own billing system. I would like create certain subscriptions per installation and only allow organization owners to be able to create/modify subscriptions.

For an organization installation what is the best way for a GitHub app to determine if a user is a “owner” of the organization that a installation belongs to?

If that is not possible, what is the best practice when it comes to access control around subscriptions for a installation?


Could you use


Tried that I’m getting s “Resource not accessible by integration” response. Not sure if that endpoint is not accessible to GitHub apps at all or if its a permissions issue. I do have “Organizations Members” set a “Read Only” for my app. I am using the user’s OAuth token.


We’re in the middle of an audit of all the API endpoints and their availability to GitHub Apps, and that endpoint is one of the ones we need to enable. I can’t give you an exact timeline, but we’re in the midst of doing the work and should be able to give you a better update soon.


I just tried it with my app’s key, and it worked. My bad. It is a bit confusing, as I figured determining the resources accessible for a user should be from the user’s key not the app’s.

Makes sense I guess, since you provide the org and the user.


Ah! The accessibility is based on the permissions level of the App, not of the user you’re checking. :+1: