Enforcing GitHub Actions policies for your enterprise

Enterprise administrators can manage access to GitHub Actions in an enterprise.

Note: GitHub Actions is currently in beta for GitHub AE.

About GitHub Actions permissions for your enterprise

You can choose to disable GitHub Actions for all organizations in your enterprise, or only allow specific organizations. You can also limit the use of public actions, so that people can only use local actions that exist in your enterprise.

Managing GitHub Actions permissions for your enterprise

  1. In the top-right corner of GitHub AE, click your profile photo, then click Enterprise settings. "Enterprise settings" in drop-down menu for profile photo on GitHub AE

  2. In the enterprise sidebar, click Policies. Policies tab in the enterprise account sidebar

  3. Under " Policies", click Actions.

  4. Under "Policies", select your options.

    You can choose which organizations in your enterprise can use GitHub Actions, and you can restrict access to public actions.

    Enable, disable, or limits actions for this enterprise account

Enabling workflows for private repository forks

If you rely on using forks of your private repositories, you can configure policies that control how users can run workflows on pull_request events. Available to private and internal repositories only, you can configure these policy settings for enterprises, organizations, or repositories. For enterprises, the policies are applied to all repositories in all organizations.

  • Run workflows from fork pull requests - Allows users to run workflows from fork pull requests, using a GITHUB_TOKEN with read-only permission, and with no access to secrets.
  • Send write tokens to workflows from pull requests - Allows pull requests from forks to use a GITHUB_TOKEN with write permission.
  • Send secrets to workflows from pull requests - Makes all secrets available to the pull request.

Configuring the private fork policy for your enterprise

  1. In the top-right corner of GitHub AE, click your profile photo, then click Enterprise settings. "Enterprise settings" in drop-down menu for profile photo on GitHub AE

  2. In the enterprise sidebar, click Policies. Policies tab in the enterprise account sidebar

  3. Under " Policies", click Actions.

  4. Under Fork pull request workflows, select your options. For example: Enable, disable, or limits actions for this repository

  5. Click Save to apply the settings.

Did this doc help you?Privacy policy

Help us make these docs great!

All GitHub docs are open source. See something that's wrong or unclear? Submit a pull request.

Make a contribution

Or, learn how to contribute.