diff --git a/lib/platform/github/gh-got-wrapper.js b/lib/platform/github/gh-got-wrapper.js
index 2738dcc8266379c702f9ccedc8c16b4ec2e6b171..64a0fbe1e35a8b6af3864ddb8eef1f85c0fe7817 100644
--- a/lib/platform/github/gh-got-wrapper.js
+++ b/lib/platform/github/gh-got-wrapper.js
@@ -159,11 +159,11 @@ async function get(path, options, retries = 5) {
       throw err;
     } else if (
       err.statusCode === 403 &&
-      !(
-        err.message &&
-        err.message.startsWith('Resource not accessible by integration')
-      )
+      err.message &&
+      err.message.startsWith('Resource not accessible by integration')
     ) {
+      throw new Error('integration-unauthorized');
+    } else if (err.statusCode === 403) {
       if (retries > 0) {
         logger.info(
           { statusCode: err.statusCode, message: err.message },
diff --git a/lib/workers/branch/index.js b/lib/workers/branch/index.js
index b88425043287cb8a66364a8077fee4bbd185d0e2..7443558168ba5fec22e4f5afcd3558cff1124b08 100644
--- a/lib/workers/branch/index.js
+++ b/lib/workers/branch/index.js
@@ -299,6 +299,10 @@ async function processBranch(branchConfig, prHourlyLimitReached, packageFiles) {
       logger.debug('Passing bad-credentials error up');
       throw err;
     }
+    if (err.message === 'integration-unauthorized') {
+      logger.debug('Passing integration-unauthorized error up');
+      throw err;
+    }
     if (err.message === 'lockfile-error') {
       logger.debug('Passing lockfile-error up');
       throw err;
diff --git a/lib/workers/repository/error.js b/lib/workers/repository/error.js
index d1e1eee5b177b54abfe61678523f7ff570ea61e6..f2c726c50b2d411d66f1c23bfbdd5817c91db09f 100644
--- a/lib/workers/repository/error.js
+++ b/lib/workers/repository/error.js
@@ -94,6 +94,11 @@ async function handleError(config, err) {
     delete config.branchList; // eslint-disable-line no-param-reassign
     return err.message;
   }
+  if (err.message === 'integration-unauthorized') {
+    logger.warn('Integration unauthorized - aborting');
+    delete config.branchList; // eslint-disable-line no-param-reassign
+    return err.message;
+  }
   if (err.message === 'lockfile-error') {
     delete config.branchList; // eslint-disable-line no-param-reassign
     logger.info('Lock file error - aborting');
diff --git a/test/platform/github/gh-got-wrapper.spec.js b/test/platform/github/gh-got-wrapper.spec.js
index 0fa27ec6c2af14b8ecf338a033cd338d290c7710..abb6aeae66db6b914f5956ee979b2d84926e07ee 100644
--- a/test/platform/github/gh-got-wrapper.spec.js
+++ b/test/platform/github/gh-got-wrapper.spec.js
@@ -314,4 +314,20 @@ describe('platform/gh-got-wrapper', () => {
     expect(e).toBeDefined();
     expect(e.message).toEqual('platform-failure');
   });
+  it('should throw for unauthorized integration', async () => {
+    ghGot.mockImplementationOnce(() =>
+      Promise.reject({
+        statusCode: 403,
+        message: 'Resource not accessible by integration (403)',
+      })
+    );
+    let e;
+    try {
+      await get('some-url', {}, 0);
+    } catch (err) {
+      e = err;
+    }
+    expect(e).toBeDefined();
+    expect(e.message).toEqual('integration-unauthorized');
+  });
 });
diff --git a/test/workers/repository/error.spec.js b/test/workers/repository/error.spec.js
index 36866aee74ded91ddca869f8b838b46d5635df79..3cc00d5a4719aaee1486941c8bc6838a3db51215 100644
--- a/test/workers/repository/error.spec.js
+++ b/test/workers/repository/error.spec.js
@@ -30,6 +30,7 @@ describe('workers/repository/error', () => {
       'platform-failure',
       'no-vulnerability-alerts',
       'cannot-fork',
+      'integration-unauthorized',
     ];
     errors.forEach(err => {
       it(`errors ${err}`, async () => {