The following discussion from !145008 should be addressed: - [ ] @ghinfey started a [discussion](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/145008#note_1782963847): (+2 comments) > We are not skipping auth here. Is this inconsistent with the update service? We should add the ability to skip_authorization to all the ProtectedBranches services. We call these services from other services and mutations that have already authorized the action so we don't need to authorize again.