LogoLogo
  • Getting Started
    • Pandium Documentation
    • What is Pandium?
      • The Pandium Platform
      • What Companies Use Pandium For
      • Platform Structure
      • Users of Pandium
    • Anatomy of an Integration
      • Run Triggers
      • PANDIUM.yaml
        • Schema
        • UiSchema
        • Dynamic Configurations
        • Dependent Selector Configurations
      • Environment Variables
        • Context: StdOut
        • Logging (StdErr)
    • Key Terminology
    • Pandium Integration Tutorial
      • Pokémon of the Day, Part 1
        • Create App in Slack to get Credentials
        • Create Integration on the Pandium Integration Hub
        • Make a Tenant
        • Write the Integration in Typescript
          • Add the .env
          • Configure the PANDIUM.yaml
          • Check the Customized Connection Settings Page
          • Add the Pokémon client
          • Add the Slack Client
          • Add the pokemonSync flow
          • Run Normal Sync on the Tenant
        • Update the Tenant Schedule
      • Pokémon of the Day, Part 2
        • Update the PANDIUM.yaml
        • Check the Updated Connection Settings Page
        • Add Dynamic Configs
        • Run Init Sync on the Tenant
        • Update the pokemonSync flow
        • Run updated Normal Sync on the Tenant
  • Integration Hub
    • Setting Up Source Control
    • Creating An Integration
      • Getting Started with Creating an Integration
      • Demo Video: Creating an Integration With Pandium
    • Managing Internal Integrations
    • Creating a Tenant In the Integration Hub
    • Managing and Updating Tenants
    • Managing and Updating Releases
    • Managing External Integrations
    • Managing Tenant Connection Settings
    • Creating Users
    • Managing Users
    • Administrator Settings
    • Site Metrics
  • Marketplaces
    • Integration Onboarding Experiences Overview
      • Embedding the In-App Marketplace
      • Embedding the Integration Install Only
      • Embedding Auth-Only Connections
    • Customizing the JWT
    • Marketplace Settings
    • App Installation Options
    • Flags, Tags, and Categories
    • Public Gallery
  • Connectors
    • Connectors 101
      • Active Campaign
      • Afterpay
      • AfterShip
      • Airship
      • Alasco
      • Algolia
      • Amadeus
      • Amazon
      • Ankored
      • Apollo.io
      • AppSignal
      • AskNicely
      • Assembled
      • Attentive
      • AWS
      • Azure Devops
      • Azure Personal Access Token
      • Bandcamp
      • Bazaarvoice
      • BigCommerce
      • Bitbucket
      • Booker
      • Box
      • Braze
      • Brightpearl
      • Campaign Monitor
      • Capabl
      • Chargebee
      • Chargify
      • Chubb
      • Cin7
      • Coach Packet
      • ConnectSports
      • Constant Contact
      • Customer Thermometer
      • Datadog
      • Datev
      • Dayforce
      • Delighted
      • DHL
      • DHL Unified
      • Domo
      • Dotdigital
      • Drip
      • Dropbox
      • Dynamic Yield
      • Easyship
      • Eloqua
      • Emotive
      • Endear
      • Envision
      • eTip
      • EvaluAgent
      • Exact Online
      • eZCom
      • Fabric
      • Facebook
      • Falcon.io
      • Famer
      • Fedex
      • Field Nation
      • Finch
      • Fivetran
      • Fleetio
      • Flowcode
      • Follow Up Boss
      • Fortnox
      • Foundation Software
      • Fulfil
      • GetResponse
      • GitHub
      • GitLab
      • Gladly
      • Google
      • Google Service Account
      • Gooten
      • Gorgias
      • Greenhouse.io
      • Happy Returns
      • HootSuite
      • Hubspot
      • Image Relay (Basic)
      • Imgur
      • Iterable
      • Jasper
      • JDP
      • Justuno
      • Kentico Kontent
      • Klaus
      • Klaviyo
      • Kombo
      • Kustomer
      • kvCORE
      • LeagueApps
      • Lessonly
      • Lexoffice
      • Linga rOS
      • Linnworks
      • Listrak
      • Loop Returns
      • LoyaltyLion
      • Lucid Travel
      • Lytx
      • MaestroQA
      • Magento (OAuth)
      • Mailchimp
      • Marketo
      • Medallia
      • Microsoft Entra
      • Mintsoft
      • NCSA Athletic Recruiting
      • Netomi
      • Netsuite
      • Nicereply
      • Nylas
      • Omnisend
      • OnPay
      • OnRamp
      • Ontraport
      • Optimizely Data Platform (ODP)
      • Pandium
      • Personio
      • PayCom
      • Perspective
      • Player's Health
      • Playvox
      • Pleo
      • Postscript
      • Promoter
      • Quickbooks Online
      • Qualtrics
      • Recart
      • ReCharge
      • Recurly
      • Returnly
      • ReverseLogix
      • Rydership (formerly Whiplash)
      • Sage Intacct
      • SailThru
      • Salesforce
      • Salesforce Marketing Cloud
      • Salesforce Pardot
      • SendGrid
      • Sendlane
      • SevenRooms
      • SFTP
      • ShipBob
      • ShipHero
      • ShipMonk
      • Shippo
      • Shipstation
      • Shopify
      • Skubana
      • Slack (OAuth2)
      • SmartrMail
      • Smartrr
      • Smartvatten
      • Smile.io
      • Solidus
      • Springbig
      • Square
      • Square (Sandbox)
      • Stamped
      • Stella Connect
      • SugarCRM
      • Swell
      • Talkable
      • TeamGenius
      • Tether
      • Thankful
      • TikTok
      • Trinet-B2B Test
      • Triple Whale
      • TrustPilot
      • Twilio
      • Twitter
      • Unbabel
      • UPS
      • Upscribe
      • USPS
      • Visma e-conomic
      • Visma.net
      • Walmart
      • Wix
      • WorkMax
      • Xero (OAuth)
      • Yardstik
      • Yotpo
      • Zendesk (Support)
      • Zingtree
      • Zonos
  • Partners
    • Inviting Partners
    • Partner Form
    • Integration Form
    • Managing Partners
    • Partner User Guide
  • Reference
    • Pandium API
    • Pandium CLI
    • FAQ
    • Sample Integrations
    • Repository Permissions
      • Bitbucket
      • Azure
      • GitLab
      • GitHub
    • Email Support
Powered by GitBook
On this page
  • Source Control and Repository Permissions
  • Why Read and Write?

Was this helpful?

  1. Reference

Repository Permissions

Last updated 1 month ago

Was this helpful?

Source Control and Repository Permissions

When setting up your integration within the Pandium Integration Hub, you’ll be logging into your repository of choice as part of the process. Currently, we support four different platforms: Azure, Bitbucket, GitHub and GitLab. Please contact Pandium support if you are utilizing a different system.

For each of these systems, you’ll need to ensure that Pandium has the proper read and write permissions to access and modify relevant files within your repository. Once properly authenticated, the Connect button will change to Disconnect on the Source Control setting page, and you can continue developing integrations.

Why Read and Write?

Pandium needs read access in order to pull the integration code and build an executable to run your code on our platform. Write access is necessary for initial repository setup if you would like Pandium to pre-seed quickstart code for your integration. Pandium users will often setup Pandium specific repositories for their integrations and even setup users with specific organization permissions to ensure Pandium only has access to your integration repositories.

Below you’ll find the specific permissions required for each repository:

Github

Required permissions for setting up Github are the following:

  • Repo scope access - "Grants full access to private and public repositories. That includes read/write access to code, commit statuses, repository and organization projects, invitations, collaborators, adding team memberships, deployment statuses, and repository webhooks for public and private repositories and organizations. It also grants the ability to manage user projects."

To learn more about Github’s permissions, check out their docs .

Gitlab

Required permissions for setting up Gitlab are the following:

  • API access - "Grants complete read/write access to the API, including all groups and projects, the container registry, and the package registry."

  • Read repository access - "Grants read-only access to repositories on private projects using Git-over-HTTP or the Repository Files API."

  • Write repository access - "Grants read-write access to repositories on private projects using Git-over-HTTP (not using the API)."

Azure DevOps

Required permissions for setting up Azure are the following:

  • Scope access of vso.code_full - “Grants full access to source code, metadata about commits, changesets, branches, and other version control artifacts. Also grants the ability to create and manage code repositories, create and manage pull requests and code reviews, and to receive notifications about version control events via service hooks. Also includes limited support for Client OM APIs.”

Bitbucket

Required permissions for setting up Bitbucket are the following:

  • Full Read access

  • Full Write access

To look further into Gitlab permissions, check out their docs .

To learn more about various permissions for Azure DevOps with OAuth2, check out the page .

Learn more about Bitbucket permissioning .

Source Control
here
here
here
here