diff --git a/docs/public/images/org-owned_dark.png b/docs/public/images/org-owned_dark.png new file mode 100644 index 0000000000..0315321993 Binary files /dev/null and b/docs/public/images/org-owned_dark.png differ diff --git a/docs/public/images/org-owned_light.png b/docs/public/images/org-owned_light.png new file mode 100644 index 0000000000..e5ce554dc7 Binary files /dev/null and b/docs/public/images/org-owned_light.png differ diff --git a/docs/public/images/user-owned_dark.png b/docs/public/images/user-owned_dark.png new file mode 100644 index 0000000000..c60c1be763 Binary files /dev/null and b/docs/public/images/user-owned_dark.png differ diff --git a/docs/public/images/user-owned_light.png b/docs/public/images/user-owned_light.png new file mode 100644 index 0000000000..714116a65f Binary files /dev/null and b/docs/public/images/user-owned_light.png differ diff --git a/docs/public/videos/create-workflow-on-github.png b/docs/public/videos/create-workflow-on-github.png index cd80ec9f66..6715641bb7 100644 Binary files a/docs/public/videos/create-workflow-on-github.png and b/docs/public/videos/create-workflow-on-github.png differ diff --git a/docs/public/videos/install-and-add-workflow-in-cli.png b/docs/public/videos/install-and-add-workflow-in-cli.png index 4d3c059f00..d69fda7e9f 100644 Binary files a/docs/public/videos/install-and-add-workflow-in-cli.png and b/docs/public/videos/install-and-add-workflow-in-cli.png differ diff --git a/docs/public/videos/user-vs-org-ownership.png b/docs/public/videos/user-vs-org-ownership.png new file mode 100644 index 0000000000..e4e49d055e Binary files /dev/null and b/docs/public/videos/user-vs-org-ownership.png differ diff --git a/docs/src/content/docs/reference/tokens.md b/docs/src/content/docs/reference/tokens.md index feb202580b..227e3cebd8 100644 --- a/docs/src/content/docs/reference/tokens.md +++ b/docs/src/content/docs/reference/tokens.md @@ -7,6 +7,34 @@ sidebar: GitHub Agentic Workflows authenticate using multiple tokens depending on the operation. This reference explains which token to use, when it's required, and how precedence works across different operations. +## User vs. Org Ownership + +Ownership affects token requirements for repositories and Projects (v2). If the owner is your personal username, it is user-owned. If the owner is an organization, it is org-owned and managed with shared roles and access controls. + +To confirm ownership, check the owner name and avatar at the top of the page or in the URL (`github.com/owner-name/...`). Clicking the owner takes you to a personal profile or an organization page, which confirms it instantly. + +
+
+ + + User-owned repository example + +
+ User-owned repository: avatar shows a personal profile icon, URL includes username +
+
+ +
+ + + Organization-owned repository example + +
+ Organization-owned repository: avatar shows organization icon, URL includes org name +
+
+
+ ## Quick start: tokens you actually configure GitHub Actions always provides `GITHUB_TOKEN` for you automatically. @@ -67,6 +95,9 @@ jobs: - For very sensitive tokens, prefer GitHub Environments or organization-level secrets with required reviewers so only trusted workflows can use them. +### Distinguish user-owned vs organization-owned repos and Projects + +Token requirements often depend on who owns the repository or Project. See [User vs. Org Ownership](#user-vs-org-ownership) for how to tell whether a repo or Project is user-owned or organization-owned. ## Token Overview | Token | Type | Purpose | User Configurable |