This version of GitHub Enterprise will be discontinued on This version of GitHub Enterprise was discontinued on 2020-05-23. No patch releases will be made, even for critical security issues. For better performance, improved security, and new features, upgrade to the latest version of GitHub Enterprise. For help with the upgrade, contact GitHub Enterprise support.

Article version: Enterprise Server 2.17

Repository permission levels for an organization

You can customize access to each repository in your organization with granular permission levels, giving people access to the features and tasks they need.

In this article

People with admin permissions can manage individual and team access to an organization-owned repository.

Permission levels for repositories owned by an organization

You can give organization members, outside collaborators, and teams of people different levels of access to repositories owned by an organization. Each permission level progressively increases access to a repository's content and settings. Choose the level that best fits each person or team's role in your project without giving people more access to the project than they need.

From least access to most access, the permission levels for an organization repository are:

  • Read: Recommended for non-code contributors who want to view or discuss your project
  • Write: Recommended for contributors who actively push to your project
  • Admin: Recommended for people who need full access to the project, including sensitive and destructive actions like managing security or deleting a repository

For more information about giving people and teams access to repositories, see "Managing access to your organization's repositories."

Organization owners can set base permissions that apply to all members of an organization when accessing any of the organization's repositories. For more information, see "Setting base permissions for an organization."

Organization owners can also choose to further limit access to certain settings and actions across the organization. For more information on options for specific settings, see "Managing organization settings."

In addition to managing organization-level settings, organization owners have admin permissions for every repository owned by the organization. For more information, see "Permission levels for an organization."

Warning: When someone adds a deploy key to a repository, any user who has the private key can read from or write to the repository (depending on the key settings), even if they're later removed from the organization.

Repository access for each permission level

Repository actionRead permissionsWrite permissionsAdmin permissions
Pull from (read) the person or team's assigned repositoriesXXX
Fork (copy) the person or team's assigned repositoriesXXX
Edit and delete their own comments on commits, pull requests, and issuesXXX
Open issuesXXX
Close issues they opened themselvesXXX
Reopen issues they closed themselvesXXX
Have an issue assigned to themXXX
Send pull requests from forks of the team's assigned repositoriesXXX
Submit reviews on pull requestsXXX
View published releasesXXX
Edit wikisXXX
Push to (write) the person or team's assigned repositoriesXX
Edit and delete anyone's comments on commits, pull requests, and issuesXX
Hide anyone's commentsXX
Lock conversationsXX
Apply labels and milestonesXX
Close, reopen, and assign all issuesXX
Act as a designated code owner for a repositoryXX
Mark a draft pull request as ready for reviewXX
Request pull request reviewsXX
Submit reviews that affect a pull request's mergeabilityXX
Apply suggested changes to pull requests (see "Incorporating feedback in your pull request" for details)XX
Create status checksXX
Create and edit releasesXX
View draft releasesXX
Delete an issue (see "Deleting an issue")X
Merge pull requests on protected branches, even if there are no approving reviewsX
Define code owners for a repositoryX
Edit a repository's descriptionX
Manage topicsX
Add a repository to a team (see "Managing team access to an organization repository" for details)X
Manage outside collaborator access to a repository (see "Adding outside collaborators to repositories in your organization" for details)X
Change a repository's visibility (see "Restricting repository visibility changes in your organization" for details)X
Change a repository's settingsX
Manage team and collaborator access to the repositoryX
Edit the repository's default branchX
Manage webhooks, service hooks, and deploy keysX
Manage the forking policy for a repositoryX
Transfer repositories into the organization account (see "Restricting repository creation in your organization" for details)X
Delete or transfer repositories (see "Setting permissions for deleting or transferring repositories in your organization" for details)X
Archive repositoriesX

Further reading

Ask a human

Can't find what you're looking for?

Contact us