Improved organization permissions give organizations fine-grained permissions designed to make it easier to use teams, control organization-wide settings, and improve security.

Changes to your organization's previous Owners team

Instead of giving the highest level of organization privileges to members of the Owners team, individuals can now be directly given owner privileges for the organization. All members of your previous Owners team already have this permission, so we recommend that you rename or delete the Owners team according to your needs.

Additionally, owners can now promote organization members to team maintainers, who can manage the team's members and settings.

Expanded team settings

Teams can be visible or secret:

  • Visible teams can be viewed and @mentioned by every organization member, even if they aren't organization owners or members of those teams. If you make every team in your organization visible, your members will be able to use team @mentions across your organization.
  • Secret teams are only visible to the people on the team and people with owner permissions. They're great for hiding teams with sensitive names or team members, such as those used for working with external partners or clients.

Tip: Because we've expanded the abilities of regular organization members, we encourage you to reduce the number of people with owner permissions.

Additional security for repositories

You can now set a default repository access level for all members. If you run a more open organization, this allows you to give every member access to every repository without making them all owners or creating a giant catch-all team.

Organization owners and users with admin access to a repository can make anyone with a GitHub Enterprise account an outside collaborator on individual repositories without making them a member of your organization. This is great for managing contractors, interns, or temporary employees.

By default, all organization members can create repositories for the organization. If you choose, you can restrict repository creation permissions to organization owners only.