GitHub Integration Setup

With this guide, you’ll be able to integrate GitHub with Leanmote, centralising key project information and improving productivity, visibility and analysis. We use a read-only API token to ensure a secure connection.

Leanmote integrates with GitHub using Fine-grained Personal Access Tokens (PATs).

Step 1: Obtain the Token

Log into your GitHub profile and navigate to Settings.

Scroll down to Developer settings.

Under Personal access tokens, select the option Fine-grained tokens.

Click Generate new token.

  • Name your token: leanmote-app
  • Configure the token to “No expiration” or select the expiration that best fits your needs. Token settings can be modified later if required.

Choose whether to grant access to selected repositories (up to 50, due to GitHub API limits) or to all repositories.

Set the following permissions and click “Generate new token”:

All requested permissions are strictly read-only and limited to the data required for metrics and workflow analysis.

Step 2: Add the Application Password to Leanmote

  • Log into your Leanmote account.
  • Navigate to the Productivity Tools section.
  • Select GitHub Integration.
  • Paste your token into the provided field.
  • Click Save to complete the integration.

By following these steps, you’ll successfully integrate GitHub with Leanmote.

Repository Permissions

We request the following repository-level permissions:

  • Metadata (read-only)
    Required to list repositories and access basic repository information.
  • Pull requests (read-only)
    Required to retrieve pull requests, associated commits, reviews, and comments.
  • Contents (read-only)
    Only used to fetch commit metadata not associated with a Pull Request.
    If all commits in a repository are linked to PRs, this permission is not necessary.

Endpoints Used

EndpointPermissionPurpose
/user/reposMetadata: readList repositories available to the user for selection and mapping in Leanmote.
/repos/{owner}/{repo}/commitsContents: readRetrieve the list of commits in a repository for metrics and timeline tracking.
/repos/{owner}/{repo}/pullsPull requests: readList pull requests in the repository for workflow analysis.
/repos/{owner}/{repo}/pulls/{pr}/reviewsPull requests: readFetch reviews of each PR to evaluate participation and review times.
/repos/{owner}/{repo}/pulls/{pr}/commitsPull requests: readLink commits to each PR for detailed change tracking.
/repos/{owner}/{repo}/pulls/{pr}/commentsPull requests: readRetrieve PR comments to analyze team discussions and feedback.

Minimal Scope Principle

Leanmote follows the principle of least privilege.

  • We only request read-only permissions.
  • We never request write or admin access to your repositories.
  • Each permission is tied to a specific endpoint and a clear purpose, ensuring transparency and security in how your data is accessed.

Powered By EazyDocs