GitHub Community
Replies: 1 comment 2 replies
-
|
Hi @pelikhan , Models are designed to support tokens that are tied to individual user contexts, meaning that they can perform actions based on the permissions and access rights of that individual user. In contrast, GitHub Actions generally use tokens that are scoped to the repository or organization level rather than individual users. Technically, you could pass an individual's Personal Access Token (PAT) into a GitHub Action to execute workflows with the permissions of that user. However, this practice is not recommended. It is generally safer to use GitHub-provided tokens or other methods that maintain proper security boundaries and auditability. Thanks! |
Beta Was this translation helpful? Give feedback.
-
|
Is there a plan to support "models" in the permissions declaration of the GitHub Action? As you mentioned, it is better to rely on the GitHub generated token in a GA rather than passing a PAT through the secrets. |
Beta Was this translation helpful? Give feedback.
-
|
We're thinking about how this could work and agree it would be really frictionless but no updates yet |
Beta Was this translation helpful? Give feedback.
-
Select Topic Area
Question
Body
What permissions does one need to give to allow a github action token to access the models API?
Beta Was this translation helpful? Give feedback.
All reactions