Managing repository access for your organization's codespaces

You can manage the repositories in your organization that GitHub Codespaces can access.

Who can use this feature

To manage access and security for GitHub Codespaces for an organization, you must be an organization owner.

Organizations on GitHub Team and GitHub Enterprise plans can pay for members' and collaborators' use of GitHub Codespaces. These organizations can then access settings and policies to manage codespaces paid for by the organization. For more information, see "Choosing who owns and pays for codespaces in your organization" and "GitHub’s plans."

Deprecation note: The access and security setting described below is now deprecated and is documented here for reference only. To enable expanded access to other repositories, add the requested permissions to your devcontainer.json configuration file. For more information, see "Managing access to other repositories within your codespace."

By default, a codespace can only access the repository where it was created. When you enable access and security for a repository owned by your organization, any codespaces that are created for that repository will also have read permissions to all other repositories the organization owns and the codespace creator has permissions to access. If you want to restrict the repositories a codespace can access, you can limit it to either the repository where the codespace was created, or to specific repositories. You should only enable access and security for repositories you trust.

To manage which users in your organization can use GitHub Codespaces, see "Enabling or disabling GitHub Codespaces for your organization."

  1. In the upper-right corner of GitHub.com, select your profile photo, then click Your organizations.

    Screenshot of the dropdown menu under @octocat's profile picture. "Your organizations" is outlined in dark orange.

  2. Next to the organization, click Settings.

  3. In the left sidebar, click Codespaces.

  4. Under Codespaces, in the left sidebar, click General.

  5. On the Codespaces settings page, under "Access and security", select the setting you want for your organization:

    • Disabled - Limit the access of codespaces to only the repository they were created from.
    • All repositories - All codespaces created from repositories in my organization can access other repositories owned by my organization.
    • Selected repositories - Codespaces created for specific repositories in my organization can access other repositories owned by my organization.

  6. If you chose "Selected repositories", select the "Select repositories" dropdown menu, then click a repository to allow the repository's codespaces to access other repositories owned by your organization. Repeat this step for all repositories whose codespaces you want to access other repositories.

Further reading