Use the project enablement API or org enablement APIs instead of looping through Org/Project to find repo list and then checking if individual repo is enabled.
Docs - Project Enablement - REST API + Org Enablement - REST API
Further, the permissions required are simplified. To call the apis to list projects/repos required the scopes:
Code - Read (needed by default ... for Scope= organization or project lookup of repository list )
Use the project enablement API or org enablement APIs instead of looping through Org/Project to find repo list and then checking if individual repo is enabled. Docs - Project Enablement - REST API + Org Enablement - REST API
Further, the permissions required are simplified. To call the apis to list projects/repos required the scopes:
Code - Read
(needed by default ... for Scope= organization or project lookup of repository list )Projects - Read
(for Scope= organization)Enablement api just needs:
Advanced Security - Read
Ex: