GitHub App Permissions
To enable Cimon's functionality, you must install our GitHub App and grant it the necessary permissions. This page explains why we require these permissions and how they are used.
Read Permissions for Repository "Contents"
contents read access that allows viewing information such as repository file content, commits, branches, downloads, releases, and merges. This permission is essential for Cimon to read workflows and monitor installations in real time.
By monitoring your Cimon installations, we can provide valuable insights into your security posture, showing you where you installed Cimon as a runtime security solution and where you missed it and left a security gap. Using the GitHub App, we can also get updates in real-time about workflow updates, ensuring that Cimon remains up-to-date and effective at all times.
Read Permissions for Repository "Administration"
administration read access to gather information related to the administration settings of your repositories. This permission allows Cimon to retrieve details such as repository creation. By having access to this information, Cimon can manage installations by monitoring the repositories in the organization effectively through webhooks.
Read Permissions for Repository "Actions"
actions read access to retrieve information about GitHub Actions workflows associated with your repositories. This permission allows Cimon to analyze and monitor repositories workflows so you can monitor Cimon installation in the Cycode platform.
Read Permissions for Organization "Administration"
Cimon requires organization
administration read access to gather information related to the administration settings of your GitHub organization. This organization-wide permission is needed to allow the Github app correctly onboard and allow the Cycode platform fully integrate with your organization so data sync will be effective and efficient.
Read Permissions for User Email Addresses
Cimon requires read access to users' email addresses for the following purposes:
- Authorization: By verifying users' email addresses, Cimon can authenticate and authorize user access to our platform. This ensures that only authorized users would have access to the organization's data.
- Multi-organization Management: Many users manage multiple organizations or work with different teams on various projects. Read access to users' email addresses allows Cimon to recognize a single user across multiple organizations, streamlining the management process and making it easier for users to oversee and manage Cimon for all their projects.
Please note that Cimon only uses the granted permissions to provide its intended functionality and does not access, modify, or store any data beyond what is necessary for its operation. Your privacy and data security is of utmost importance to us.