GitHub Apps – Permissions & Installation Issues

[erel-ironalgo]

Select Topic Area

Bug

Body

Affected product: GitHub Apps
URL: https://github.com/organizations/.../settings/apps

---

1. Inconsistent Permissions Behavior for Non-Organization Owners

Steps to reproduce:

1. As a non-organization owner but with Admin access on a private repository, create a new GitHub App.
2. When configuring the app, set Repository permissions → Contents: Read-only.
3. Later, edit the app to remove this permission, then try to add it back.

Expected behavior:
A repository admin should be able to re-add the same permission level they were initially allowed to grant.

Actual behavior:
Removing the permission works, but adding it back requires organization owner approval, even though the same action was allowed at app creation time.

2. Hidden Installation Tab & Missing Feedback

Steps to reproduce:

1. As a non-organization owner, create a GitHub App.
2. Choose any repository permission higher than Contents: Read-only.
3. Attempt to install the app.

Expected behavior:
The UI should allow installation and, if org-owner approval is required, clearly notify the user with the reason and next steps.

Actual behavior:
The installation tab disappears entirely with no message, no error, and no indication that organization owner approval is required. This leaves the user with no clarity about the process.

3. Organization Owner Self-Approval Issue

Steps to reproduce:

1. As an organization owner, configure a GitHub App at the organization level.
2. Add repository permissions.
3. Go to a repository where the app is installed.

Expected behavior:
As the organization owner, changes made at the org level should be automatically trusted/approved, or at the very least- indicate you need to make an adjustment of some sort (definitely not "approve") on the repository scope of things.

Actual behavior:
The owner is forced to approve their own permission changes at the repository level, even though no one else has the authority to do so. This creates redundant friction and is counter-intuitive.

---

Impact

• Confusing and inconsistent permissions model for both admins and organization owners.
• Lack of user feedback when installation is blocked.
• Extra, unnecessary approval steps for organization owners.

Suggested Fixes

1. Align permission handling so that repo admins can re-add the same permissions they were originally allowed to grant.
2. Provide clear UI/notifications when installation is blocked due to org-owner approval requirements.
3. Exempt organization owners from having to "approve" their own changes at repository level.

[github-actions[bot]]

💬 Your Product Feedback Has Been Submitted 🎉

Thank you for taking the time to share your insights with us! Your feedback is invaluable as we build a better GitHub experience for all our users.

Here's what you can expect moving forward ⏩

• Your input will be carefully reviewed and cataloged by members of our product teams. 
  • Due to the high volume of submissions, we may not always be able to provide individual responses.
  • Rest assured, your feedback will help chart our course for product improvements.
• Other users may engage with your post, sharing their own perspectives or experiences. 
• GitHub staff may reach out for further clarification or insight. 
  • We may 'Answer' your discussion if there is a current solution, workaround, or roadmap/changelog post related to the feedback.

Where to look to see what's shipping 👀

• Read the Changelog for real-time updates on the latest GitHub features, enhancements, and calls for feedback.
• Explore our Product Roadmap, which details upcoming major releases and initiatives.

What you can do in the meantime 💻

• Upvote and comment on other user feedback Discussions that resonate with you.
• Add more information at any point! Useful details include: use cases, relevant labels, desired outcomes, and any accompanying screenshots.

As a member of the GitHub community, your participation is essential. While we can't promise that every suggestion will be implemented, we want to emphasize that your feedback is instrumental in guiding our decisions and priorities.

Thank you once again for your contribution to making GitHub even better! We're grateful for your ongoing support and collaboration in shaping the future of our platform. ⭐