WaffleBot and Waffle.io have two different types of authentication in order for each to work. For WaffleBot, it just needs limited permissions because it has limited functionality such as moving issues and adding/removing column labels on an issue, so it doesn't require the same permissions as Waffle.io.

Waffle.io requires read/write permissions in GitHub because in order to create a project, we need to pull in all of your GitHub issues (more info here). Unfortunately, there's no workaround to avoid the OAuth permissions on Waffle.

Did this answer your question?