[SOLVED] How do I use GitHub API to create a new repository for a user that installs my GitHub App?

How do I use GitHub API to create a new repository for a user that installs my GitHub App?

I have created a GitHub App for GitHub users to install on their personal accounts. I want it to use the GitHub API to create a new repository on their user account.

I've spent a couple days trying to follow the instructions in the official GitHub API Documentation, specifically how to create a repository for the authenticated user. I haven't had much success.

I can generate a JWT using my GitHub App's private key, and then use that to generate an access token on behalf of a GitHub App installation (an installation refers to any user or organization account that has installed the app).

Request:

curl -i -X POST -H "Authorization: Bearer <<<JWT>>>" -H "Accept: application/vnd.github+json" https://api.github.com/app/installations/<<<Installation ID>>>/access_tokens

Response:

{
  "token": "ghs_zdhWvuGrhoi4UJsd1tX4Ggtae5f84jdu8tH3",
  "expires_at": "2022-11-01T12:00:00Z",
  "permissions": {
    "administration": "write",
    "metadata": "read"
  },
  "repository_selection": "all"
}

Based off the response, it appears that the scope of that access token should be able to create a new repository, since it says administration: write in the permissions body response JSON, but I could be mistaken on that assumption.

Can anyone help me with formatting my request to the GitHub API for creating the new repository for an installation of my GitHub App? According to the documentation I linked above, it should look something like this. Should I add the new access token that I generate?

curl \
  -X POST \
  -H "Accept: application/vnd.github+json" \
  -H "Authorization: Bearer ghs_zdhWvuGrhoi4UJsd1tX4Ggtae5f84jdu8tH3" \
  https://api.github.com/user/repos \
  -d '{"name":"Repo-Created-From-GitHub-API"}'

Solution

Instead of using a GitHub App, I opted to create an OAuth App. In retrospect, either would work as long as you have OAuth enabled. The important thing is to make sure you are authenticating as a user, and not authenticating as an installation. Upon receiving the code in the query parameter from the OAuth authorization callback, you will need to request an access token to authenticate as the GitHub user that authorized the app, via an API call to https://github.com/login/oauth/access_token. This will issue you an access token that you can use with the GitHub REST API to perform actions on behalf of the user, like creating a new repository. Pretty standard OAuth flow, but I had trouble navigating the process, so maybe I can help other alleviate their suffering. Cheers!