What is the correct authenication method for the Delete repository permission group endpoint?

I am trying to make a DELETE API request to the endpoint /repositories/{workspace}/{repo_slug}/permissions-config/groups/{group_slug}, as per the documentation I have created an App Password and am trying to make the request using the Bearer token but I get the following response:

{
	"type": "error",
	"error": {
		"message": "Token is invalid or not supported for this endpoint."
	}
}

I set the scopes for the token as below and I am workspace admin, but I have so far been unsuccessful making this request.

  • Project:Read
  • Project:Write
  • Project:Admin
  • Repository:Read
  • Repository:Write
  • Repository:Admin

Hi @AlexWhite1,

When using an App password, the authentication requires either the user or the Authorization header to be specified as shown here.

I’ve just tried to use the API you shared with an App password with the following permissions and it worked correctly:

  • Repository:Read
  • Repository:Write
  • Repository:Admin

Let us know how it goes,
Caterina