Github GraphQL fine-grained access token for projects

Question

Trying to figure out how to use GraphQL to access project info on Github. The following request will fail (type":"FORBIDDEN","path":["repository","projects"],"extensions":{"saml_failure":false},"locations":[{"line":1,"column":58}],"message":"Resource not accessible by personal access token"}]}:

curl -v POST \
  -H "Authorization: Bearer github_pat_blablabla" \
  -H "Content-Type: application/json" \
  -d '{"query":"query { repository(owner:\"CorrectName\", name:\"CorrectRepo\") { projects(first: 10) { nodes { name } } } }"}' \
  https://api.github.com/graphql

It's a test token which I have given every permission possible. When querying something other than projects, it works fine (issues, for example). So the issue lies there. I cannot seem to find a way to grant "project" permissions using a fine grained token. Any advice?

Kind regards, Matt

Edit: it is an organisation token and it has ALL permissions Read & Write on both organisations and repositories.

Answer 1

Fine-grained tokens should work with organizations. They currently aren't available for individuals according to this issue: https://github.com/actions/add-to-project/issues/289#issuecomment-1839684489

You can try using the classic Personal Access Keys (that's what I'm doing now) or you can reach out to Github as to why it isn't allow you set it up through an Organization. That may also be privilege issue, so you may want to reach out to your organization's Github Admin first.