When you use your GitHub account to signup/login on Zenodo, Zenodo requests certain permissions to your GitHub account as detailed below:
Repository web hooks and services (admin access)
Full access to manage repository web hooks and services. We request this permission to be able to install a webhook on your public repositories so we can get notified about new releases in your repository and automatically archive the repository. We only install the webhook when you enable our GitHub integration on a specific repository.
Organisations and teams (read-only access):
Ability to read your organization and team memberships and private project boards. We request this permission to allow you to enable our GitHub integration on repositories in organisations on which you’re a member and where you have admin rights on the public repositories. Note, that in addition your GitHub organisation must have granted our Zenodo application access to the organisation.
Personal user data (email address read-only, profile-information read-only)
Ability to read your private email addresses and read your private profile information. We use this permission the signup process to get your verified email address and full name from GitHub.
Private repositories (no access)
We do not have access to your private repositories.
Technically our Zenodo application on GitHub requests the following scopes:
- read:user
- user:email
- admin:repo_hook
- read:org
You can read more about the permissions we request on GitHub: