GitProtect EN
FREE TRIALOPEN SUPPORT CASE
  • Introduction
    • Planning & preparation
      • Supported Platforms
      • System Requirements
      • Backup Environment Planning
      • Licensing overview
      • Third-party libraries
  • Deployment and the storage overview
    • Deployment
      • GitProtect System Components & Architecture
      • Deployment models
      • GitProtect SaaS
        • Registration and overview
        • Registration from Marketplace and overview
        • Available regions
        • Cloud worker
      • GitProtect on-premise
        • Installation options & overview
          • Installation On Windows
          • Installation On Linux
          • Installation On Docker
          • Installation On QNAP NAS In Container Station
          • Installation On Synology NAS
          • Using your own SSL certificate
        • Updating GitProtect Management
          • Updating Management Service Installed On Windows
          • Updating Management Service Installed On Linux
          • Updating Management Service Running On QNAP NAS In Container Station
          • Updating Management Service Running On Synology NAS
        • Access GitProtect Management
      • GitProtect worker
        • GitProtect worker installation
          • GitProtect worker installation on Windows Server 2008R2 and Windows Server 2012
          • GitProtect Worker Installation On Windows Workstations & Windows Server 2012 R2+
          • GitProtect Worker Installation On MacOS
          • Running GitProtect Worker On Docker
          • Running GitProtect Worker On QNAP NAS
          • Running GitProtect worker on Synology NAS
          • GitProtect Worker Installation On Linux
        • Updating GitProtect worker
          • Updating GitProtect worker on Windows Server 2008R2 and Windows Server 2012
          • Updating GitProtect Worker On Windows Workstations & Windows Server 2012 R2+
          • Updating GitProtect Worker On Linux
          • Updating GitProtect Worker On MacOS
          • Updating GitProtect Worker On Docker
          • Updating GitProtect Worker On QNAP NAS
          • Updating GitProtect Worker On Synology NAS
        • Configuration
          • Logs location
          • How to restart the worker service
          • worker configuration
      • Log in to GitProtect
        • Log In With User Name And Password
        • Log In with SSO
        • Password Reset (on-premise, SaaS)
        • Log In With SAML
          • Auth0
          • Google
          • Azure AD
          • Okta
          • OneLogin
          • CyberArk
      • Getting started
    • Storage - backup destination
      • Storage Overview
      • Supported Platforms
      • On-site storage
        • Local Directory
        • SMB Share
        • NFS Share
        • MinIO S3
      • Cloud storage
        • GitProtect Cloud
        • AWS S3
          • Setting Up
          • Bucket & IAM Permissions
        • Wasabi
          • Setting Up
          • Permissions
        • Google Cloud Storage
          • Setting Up
          • Permissions
        • Azure Blob Storage
          • Configure a blob storage
          • Integration Methods
          • Setting Up
        • Backblaze B2
          • Setting Up
          • Permissions
        • S3 compliant
      • Replication
        • Overview & Requirements
        • Planning & Setting Up Replication Plan
      • Ransomware Proof Storage
  • Backup plan possibilities and the data solutions
    • Backup & recovery
      • How to plan your backups?
      • Backup plan overview
      • Predefined backup plans
      • Encryption & data security
      • Scheduler & data retention
      • Triggering backup tasks
      • Compression
      • Error handling
      • Azure DevOps backup & recovery
        • Integration prerequisites
          • Protected Azure DevOps resources / elements / metadata
          • Required permissions for Azure DevOps user, OAuth app and token
          • Azure DevOps API limitations
        • Adding Azure DevOps organization
          • Installing GitProtect worker
      • Azure DevOps Server backup & recovery
        • Integration prerequisites
          • Protected Azure DevOps resources / elements / metadata
          • Required permissions for Azure DevOps personal access token
          • API limitations
        • Adding Azure DevOps Server organization
          • Installing GitProtect worker
      • Bitbucket backup & recovery
        • Integration prerequisites
          • Protected Bitbucket Resources / Elements / Metadata
          • Required Permissions For Bitbucket Users and Token
            • Application password in Bitbucket
          • Bitbucket API Limitations
            • How To Reduce Or Avoid Its Impact?
        • Adding Bitbucket organization to GitProtect
          • Installing GitProtect worker
        • Additional Bitbucket users
          • Reasons to use additional users
          • How to prepare an additional account in Bitbucket?
          • How to configure in GitProtect?
        • Backup
          • Protected Bitbucket Resources / Elements/Metadata
          • Bitbucket Backup Process Overview
          • Setting up a backup plan
            • Worker and its license
            • Cloud to cloud backup
          • Enabling additional Bitbucket accounts for backup
          • Backup plan dashboard details
        • Recovery
          • Cross recovery options
          • Recovery process overview
          • Recovery Of A Single Repository To Git Service Or GitProtect Worker
          • Recovery Of A Mulitple Repository To Git Service Or GitProtect Worker
          • LFS recovery
          • Wiki recovery
        • Manage Bitbucket integration in GitProtect
          • Bitbucket organization dashboard
          • Editing and removing Bitbucket integration from GitProtect
          • Bitbucket repositories list and its synchronization
          • Repository’s dashboard overview
          • Enable\disable protection for Bitbucket repos - license assignment
        • Common issues
        • Use cases
      • Bitbucket DC backup & recovery
        • Integration prerequisites
          • Protected Bitbucket DC resources / elements / metadata
          • Required permissions for Bitbucket DC users and token
          • Supported versions of Bitbucket DC
          • Bitbucket DC rate limits
            • How to disable rate limitations in Bitbucket DC?
            • Additional Bitbucket DC users to reduce throttling impact
        • Adding Bitbucket DC instance to GitProtect
          • Installing GitProtect worker
        • Additional Bitbucket DC users\tokens
        • Backup
          • Protected Bitbucket DC resources / elements / metadata
          • Bitbucket DC backup process overview
          • Setting up a backup plan
          • Enabling additional Bitbucket DC accounts for backup
          • Backup plan dashboard details
        • Recovery
          • Cross recovery options
          • Recovery process overview
          • Recovery Of A Single Repository To Git Service Or GitProtect Worker
          • Recovery Of A Multiple Repository To Git Service Or GitProtect Worker
          • LFS recovery
        • Manage Bitbucket DC integration in GitProtect
          • Bitbucket DC organization dashboard
          • Editing and removing Bitbucket DC integration from GitProtect
          • Bitbucket repositories list and its synchronization
          • Repository’s dashboard overview
          • Enable\disable protection for Bitbucket DC repos - license assignment
        • Common issues
        • Use cases
      • GitHub backup & recovery
        • Integration prerequisites
          • Protected GitHub Resources / Elements / Metadata
          • Required Permissions For GitHub Users And Token
            • Personal Access Token in GitHub
          • GitHub API Rate Limits
            • How To Avoid Or Reduce Their Impact?
          • GitHub App overview
        • Adding GitHub organization to GitProtect
          • Install GitProtect Worker
        • Additional GitHub users
          • Reasons To Use Additional Users
          • How To Prepare An Additional Account And Personal Access Token In GitHub?
          • How To Add The Additional User To GitProtect?
        • Backup
          • Protected GitHub Resources / Elements / Metadata
          • GitHub Backup Process Overview
          • Setting up a backup plan
            • Worker And Its License
            • Cloud To Cloud Backup
          • Enabling Additional GitHub Accounts For Backup
          • Backup Plan Dashboard Details
        • Recovery
          • Cross recovery options
          • Recovery Process Overview
          • Recovery Of A Single Repository To Git Service Or GitProtect Worker
          • Recovery Of A Multiple Repository To Git Service Or GitProtect Worker
          • LFS Recovery
          • Wiki Recovery
        • Manage GitHub integration in GitProtect
          • GitHub Organization Dashboard
          • Editing And Removing GitHub Integration From GitProtect
          • GitHub Repositories List And Its Synchronization
          • Repository’s Dashboard Overview
          • Enable\Disable Protection For GitHub Repos - License Assignment
        • Common Issues
        • Use Cases
      • GitHub Enterprise self-hosted backup & recovery
        • Integration prerequisites
          • Protected GitHub Enterprise Self Hosted Resources / Elements / Metadata
          • Required Permissions For GitHub Enterprise Self-Hosted Token
        • Adding GitHub Enterprise Organization To GitProtect
          • Installing GitProtect Worker
        • Additional GitHub Enterprise self-hosted users
          • Reasons To Use Additional Users
          • How To Prepare An Additional Account And Personal Access Token In GitHub Enterprise Self-Hosted?
          • How To Add The Additional User To GitProtect?
        • Backup
          • Protected GitHub Enterprise Self Hosted Resources / Elements / Metadata
          • GitHub Enterprise Self-Hosted Backup Process Overview
          • Setting Up A Backup Plan
            • Worker And Its License
          • Enabling Additional GitHub Enterprise Self-Hosted Accounts For Backup
          • Backup Plan Dashboard Details
        • Recovery
          • Cross Recovery Options
          • Recovery Process Overview
          • Recovery Of A Single Repository To Git Service Or GitProtect Worker
          • LFS Recovery
          • Wiki Recovery
          • Recovery Of A Multiple Repository To Git Service Or GitProtect Worker
        • Manage GitHub Enterprise self-hosted integration in GitProtect
          • GitHub Enterprise Self-Hosted Organization Dashboard
          • Editing And Removing GitHub Enterprise Self-Hosted Integration From GitProtect
          • GitHub Enterprise Self-Hosted Repositories List And Its Synchronization
          • Repository’s Dashboard Overview
          • Enable\disable Protection For GitHub Enterprise Self-hosted Repos - License Assignment
        • Common Issues
        • Use Cases
      • GitLab cloud and self-managed backup & recovery
        • Integration prerequisites
          • Protected GitLab Resources / Elements / Metadata
          • Required Permissions For GitLab Users And Token
            • Personal Access Token in GitLab
          • GitLab Rate Limits
            • How To Avoid Or Reduce Their Impact?
        • Adding GitLab organization to GitProtect
          • GitLab Cloud
          • GitLab Self-managed
          • Installing GitProtect Worker
        • Additional GitLab Users
          • Reasons To Use Additional Users
          • How To Prepare An Additional Account And Personal Access Token In GitLab?
          • How To Add The Additional User To GitProtect?
        • GitLab repository backup
          • Protected GitLab Resources / Elements / Metadata
          • GitLab Backup Process Overview
          • Setting Up A Backup Plan
            • Worker And Its license
            • Cloud To Cloud Backup
          • Enabling Additional GitLab Accounts For Backup
          • Backup Plan Dashboard Details
        • GitLab Group Backup
          • Protected Resources
          • Group Backup Overview
          • Setting Up a Backup Plan
          • Backup Plan Dashboard Details
        • Repository recovery
          • Cross Recovery Options
          • Recovery Process Overview
          • Recovery Of A Single Repository To Git Service Or GitProtect Worker
          • Recovery Of A Multiple Repository To Git Service Or GitProtect Worker
          • LFS Recovery
          • Wiki Recovery
        • GitLab Group Recovery
          • Recovery Process Overview
          • Recover Selected Group To GitLab
        • Common Issues
        • Use Cases
      • Jira Backup & Recovery
        • Integration Prerequisites
          • Jira API Limitations
          • Protected Jira Resources
        • Adding Jira Organization To GitProtect
          • Installing GitProtect worker
        • Backup
          • Jira Backup Process Overview
          • Setting Up A Backup Plan
            • Worker And Its License
            • Cloud To Cloud Backup
          • Backup Plan Dashboard Details
        • Recovery
          • Recovery Process Overview
          • Recovery process
            • Recovery To Local Resources
            • Recovery To Jira Organization
        • Manage Jira integration in GitProtect
          • Editing And Removing Jira Integration From GitProtect
          • Jira Organization Dashboard
        • Common Issues
        • Use Cases
      • GitProtect API for DevOps Ecosystems
        • GitProtect REST API details
        • API Authentication
        • Available methods
        • Use cases
      • Backup deletion
        • General information and requirements
        • Delete all backups of a single resource
        • Delete all copies from a selected data store
        • Delete all versions of a single resource from the selected backup
        • Removing backups from AWS S3, Wasabi, Backblaze B2, and S3 compliant storage
  • Management
    • Logs
    • GitProtect tasks monitoring
      • List of current and past tasks
      • Task detailed information
        • Task details - Replication
        • Task details - Restore
        • Task details - backup
      • Audit log - general information
        • Log details
        • Advanced search engine
    • Notifications
      • Available notifications
      • E-mail notification configuration
        • Daily reports configuration
        • Notifications configuration - GitProtect SaaS
        • Notifications configuration - GitProtect on-premise
      • Slack notification configuration
        • How to create webhook URL in Slack?
      • Sending notifications to any webhook
        • Configuration
        • Notifications sent to webhook
    • Additional administrative accounts
      • Roles and permissions
      • Create additional account
      • Edit additional administrative account
      • Additional account removal
    • Password Manager - Safely Store All Your Secrets
      • Password Manager Overview
      • Add A New Password
      • Add A New Encryption Key
      • Edit Or Remove Existing Password
    • License Management
      • GitProtect On-Premise License Check
      • License Details
      • Force License Refresh
    • FAQ
      • How to enable HTTPS in case of on-premise installation?
      • How to change the port of GitProtect Management service?
      • Errors with branch protection rules and dependencies in GitHub backup
    • Best Practices And Use Cases
    • Known Problems
  • CHANGELOGS
    • GitProtect v1.8.5
    • GitProtect v1.8.0
Powered by GitBook
On this page
  • Why to choose GitHub App instead of OAuth?
  • Security
  • Increase of the rate limit
  • Requirements to install a GitHub App
  • About installation process of the GitHub App
  • Throttling prevention
  • Permissions required by the GitProtect application
  1. Backup plan possibilities and the data solutions
  2. Backup & recovery
  3. GitHub backup & recovery
  4. Integration prerequisites

GitHub App overview

PreviousHow To Avoid Or Reduce Their Impact?NextAdding GitHub organization to GitProtect

Last updated 1 year ago

Why to choose GitHub App instead of OAuth?

Security

GitHub Apps provide enhanced control and security compared to OAuth apps. They use precise permissions rather than the broad scopes associated with OAuth apps, allowing for better management of what the app is allowed to do. Additionally, GitHub Apps give users or organizational owners the ability to specify which repositories an app can access, unlike OAuth apps which can access all repositories available to the authorizing user. GitHub Apps also employ short-lived tokens, minimizing potential damage from token leaks, as these tokens expire quickly. In contrast, OAuth app tokens remain valid until explicitly revoked. These security measures make GitHub Apps more suitable for organizations with stringent security requirements, ensuring better protection against potential security breaches.

Increase of the rate limit

GitHub Apps that use installation access tokens are initially allowed 5,000 requests per hour, but this can increase under certain conditions. For installations associated with a GitHub Enterprise Cloud organization, the rate limit rises to 15,000 requests per hour. If the installation isn't part of such an organization, the rate limit scales with the number of users and repositories: those with over 20 repositories get an additional 50 requests per hour per repository, and those in organizations with over 20 users also get an extra 50 requests per hour per user, up to a maximum of 12,500 requests per hour.

See also:

Requirements to install a GitHub App

GitHub Apps can be installed by anyone on their personal accounts. They can also be installed by organization owners on their organizations. Additionally, repository admins within an organization can install GitHub Apps, provided the app is limited to repositories they administer and does not request permissions that affect the organization or involve repository administration. However, organization owners have the capability to restrict these installations by outside collaborators who are repository admins. If organization members who are neither owners nor admins choose an organization during the app installation process, instead of directly installing the app, GitHub will notify the organization owner to request installation approval.

About installation process of the GitHub App

After installing a GitHub App, you may need to authorize it as well. Installing the app allows you to specify which repositories it can access and grants it permission to access certain resources within your organization based on its requirements. The app will show which permissions you are approving during the installation.

Authorizing a GitHub App grants it access to your GitHub account according to the permissions it has requested. The app will display which of your account's resources it can access during the authorization process. This authorization also permits the app to operate on your behalf.

It's possible to install a GitHub App without authorizing it, and you can also authorize an app without installing it.

Throttling prevention

Our application can use up to five additional apps to increase our request limit. We proceed by editing the organization, and in the Throttling Prevention section, we click on Manage Credentials

then select Add New, and choose GitHub App (BETA).

We select an additional application to install

Now we will do it, in the same way as when adding an organization

When defining additional applications, we must enable the option to use additional agents in the settings of the backup plan (in the Advances Settings section).

Permissions required by the GitProtect application

Below you will find a list of all necessary permissions on which our application operates.

Repository rermissions:

Name
Value

Actions

Read-only

Administration

Read and write

Contents

Read and write

Deployments

Read-only

Issues

Read and write

Metadata

Read-only

Projects

Read-only

Pull requests

Read and write

Webhooks

Read and write

Workflows

Read and write

Organization permissions:

Name
Value

Members

Read-only

Projects

Read-only

During installation process of GitProtect application, you can choose whether you want to grant permissions to all repositories in the organization or only selected ones.

Rate limits for the REST API - GitHub DocsGitHub Docs
Logo
GitProtect app (GitHub app) permissions