Working on GitHub Enterprise Server 3.8:
My user is no "site-admin", but on the GitHub Web-UI I see on a users profile if the user was suspended:
I also see that information, when I do a REST call:
However, if I try to to access the same information via the GitHub GraphQL API (using the same token as with the REST call) I get an error:
query FindUsers ($myQuery: String!) {
search (query: $myQuery type: USER first: 10) {
userCount
nodes {
... on User {
login
name
email
suspendedAt
}
}
}
}
"Your token has not been granted the required scopes to execute this query. The 'suspendedAt' field requires one of the following scopes: ['site_admin'], but your token has only been granted the: ['admin:org', 'repo', 'user:email'] scopes. Please modify your token's scopes at: https://github.developer.allianz.io/settings/tokens."
The error is the same regardless of I perform a 'search' or a direct 'user' query.
As I said, I'm no site_admin, so I can't add that scope to my token.
But I also don't understand why I would need that scope, when I can see the information on the UI.
I'm assuming a bug in GitHub, but the question is, should I actually not see the information in the UI and on the Rest-API, or should a lesser scope be sufficient to receive it also via the GraphQL-API? (FTR: I tried user but it didn't work either.)
Note: I actually only care about the 'suspended' state. I do not need the timestamp of suspension.