Skip to content

API: Allow write:issue token scope for pull request reviews #36873

New issue
New issue
Open
#36877
Open
API: Allow write:issue token scope for pull request reviews#36873
#36877
Labels
topic/apiConcerns mainly the APItype/proposalThe new feature has not been accepted yet but needs to be discussed first.
@silverwind

Description

@silverwind
silverwind
opened on Mar 9, 2026

The pull request reviews API (POST /repos/{owner}/{repo}/pulls/{number}/reviews) used to create inline review comments currently requires write:repository token scope. This is overly broad for integrations that only need to post reviews (e.g. code review bots).

write:issue would be a more appropriate scope since reviews are conceptually comments on pull requests, similar to issue comments which work with write:issue.

This would allow review bots to operate with minimal permissions instead of having full repository write access (push, delete branches, manage settings, etc.).

Metadata

Metadata

Assignees

No one assigned

    Labels

    topic/apiConcerns mainly the APItype/proposalThe new feature has not been accepted yet but needs to be discussed first.

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions