People with owner or team maintainer roles can manage repository access with teams. Each team can have different repository access permissions.
There are three types of repository permissions available for people or teams collaborating on repositories that belong to an organization:
In addition, organization members with owner permissions have extensive permissions across all repositories in an organization. For more information, see "Permission levels for an organization".
|Repository action||Read permissions||Write permissions||Admin permissions||Owner permissions|
|Pull (read), push (write), and clone (copy) all repositories in the organization||X|
|Promote organization members to team maintainer||X|
|Convert organization members to outside collaborators||X|
|Create repositories (see "Creating repositories" for details)||X||X||X||X|
|Delete repositories (see "Deleting repositories" for details)||X||X|
|Change a repository's settings (see "Changing repository settings" for details)||X||X|
|Change a repository's visibility||X||X|
|Transfer repositories into, and out of, the organization account||X||X|
|Add a repository to a team (see "Adding a repository to a team" for details)||X||X|
|Add outside collaborators to a repository||X||X|
|Remove outside collaborators from a repository||X||X|
|Pull from (read) the team's assigned repositories||X||X||X||X|
|Push to (write) the team's assigned repositories||X||X||X|
|Fork (copy) the team's assigned repositories||X||X||X||X|
|Send pull requests from forks of the team's assigned repositories||X||X||X||X|
|Merge and close pull requests||X||X||X|
|Close, reopen, and assign issues||X||X||X|
|Close issues they opened themselves||X||X||X||X|
|Apply labels and milestones||X||X||X|
|Have an issue assigned to them||X||X||X||X|
|Create and edit releases||X||X||X|
|View draft releases||X||X||X|
|View published releases||X||X||X||X|
|Edit and delete their own comments on commits, pull requests, and issues||X||X||X||X|
|Edit and delete anyone's comments on commits, pull requests, and issues||X||X||X|
Changing repository settings
Repository settings include:
- Adding, removing, and editing collaborator access
- Editing the repository's default branch
- Adding, removing, and editing webhooks and service hooks
- Adding deploy keys
- Changing repository visibility
Warning: When someone adds a deploy key to a repository, any user who has the private key can read from or write to the repository (depending on the key settings), even if they're later removed from the organization.
Adding a repository to a team
Organization owners can add any repository to any team in the organization. Organization members with admin access to a repository can add that repository to any other team they belong to.
An organization owner can promote any member of the organization to team maintainer for one or more teams. Members with team maintainer permissions can:
- Change the team's name, description, and visibility
- Add organization members to the team
- Remove organization members from the team
- Promote an existing team member to team maintainer
- Remove the team's access to repositories
For more information, see "Giving team maintainer permissions to an organization member."
Repository collaborators can include organization members or outside collaborators. An outside collaborator is a person who has access to one or more organization repositories but is not explicitly a member of the organization, such as a consultant or temporary employee. For more information, see:
- "Adding outside collaborators to repositories in your organization"
- "Converting an organization member to an outside collaborator"
- "Removing an outside collaborator from an organization repository"
Restricting people from creating repositories
By default, all organization members can create repositories for the organization. If you choose, you can restrict repository creation permissions to organization owners only.
Warning: Members of teams that had admin permissions under the legacy organization membership structure will still be able to to create repositories for the organization under improved organization permissions, even if the repository creation setting is not enabled. For more information, see "Migrating your previous admin teams to the improved organization permissions."
In the top right corner of GitHub Enterprise, click your profile photo, then click Your profile.
On the left side of your profile page, under "Organizations", click the icon for your organization.
Under your organization name, click Settings.
In the left sidebar, click Member privileges.
- Under "Repository Creation", deselect Allow members to create repositories for this organization.
- Click Save.
Organization owners can delete any repository in the organization. Organization members can delete repositories for which they have admin privileges.