# GitHub

## Authentication methods

#### Personal Access Token

Read the [official docs](https://docs.github.com/en/authentication/keeping-your-account-and-data-secure/managing-your-personal-access-tokens) to learn how to generate a token.

<figure><img src="/files/VV5WvKHIYAu2r8AQuzCl" alt=""><figcaption></figcaption></figure>

**API scopes**

The token needs scope to read `repo` to access the below objects.

#### **OAuth App**

Read the [official docs](https://docs.github.com/en/apps/oauth-apps/building-oauth-apps/creating-an-oauth-app) to learn how to create a GitHub OAuth App and generate an OAuth token.

**API scopes**

The OAuth App requires the following scopes:

* `repo` — grants access to repository data including commits, branches, pull requests, and pull request comments
* `read:org` — grants read-only access to organisation membership and team data

#### **GitHub App (organisation-owned)**

A [GitHub App](https://docs.github.com/en/apps/creating-github-apps/registering-a-github-app/registering-a-github-app) owned by a GitHub organisation can also be used to authenticate. This is the recommended approach for teams that require organisation-level credential ownership and do not want authentication tied to an individual user account.

The connector authenticates using a user access token generated via the GitHub App's OAuth flow. To set this up, generate a user access token from your GitHub App and provide it during connection configuration in the same way as a Personal Access Token.

**Required permissions**

GitHub Apps use fine-grained permissions rather than OAuth scopes. Configure the following permissions on your GitHub App:

| Permission        | Level                               | Required for                                               |
| ----------------- | ----------------------------------- | ---------------------------------------------------------- |
| **Contents**      | Read-only                           | Commits, Branches, Repositories                            |
| **Pull requests** | Read-only                           | Pull Requests, Pull Request Comments, Pull Request Commits |
| **Metadata**      | Read-only                           | Automatically required for all repository access           |
| **Members**       | Read-only (Organisation permission) | Organisation, Organisation Members, Organisation Teams     |

## Inbound Syncs

The following streams are supported, with Full Refresh and Incremental strategies:

* [Commits](https://docs.github.com/en/rest/commits/commits?apiVersion=2022-11-28)
* [Pull Requests](https://docs.github.com/en/rest/pulls/pulls?apiVersion=2022-11-28)
* [Pull Request Comments](https://docs.github.com/en/rest/pulls/comments?apiVersion=2022-11-28)
* [Pull Request Commits](https://docs.github.com/en/rest/pulls/pulls?apiVersion=2022-11-28#list-commits-on-a-pull-request)

## Outbound Syncs

There is currently no outbound sync functionality for GitHub. If you have a use case, please let us know!


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.omnata.com/omnata-product-documentation/omnata-sync-for-snowflake/apps/github.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.