Team Coverage
-
Repos with at least one team grant
Run GitHub Access Health Check
Connect one GitHub org, sync once, and surface risky access before you create an account.
Read access is enough for this health check: orgs, repos, teams, team membership, and team-repo permissions. Organization -> Administration: Read is required so repod can detect base org repository permission; without it this field may show UNKNOWN. Write access is only needed later if you want repod to apply changes. We encrypt tokens at rest, keep this public audit session for 24 hours unless you claim it sooner, and do not keep unclaimed audits on a recurring sync loop.
How to Create It
- In GitHub, open Settings then Developer settings.
- Open Personal access tokens, then Fine-grained tokens.
- Click Generate new token.
- Select the target org as the Resource owner.
- Choose the repo access and permissions above, then generate the token.
The token owner must already be a member of the org. If your org requires approval for fine-grained PATs, an org owner must approve the token before repod can read private org data.
Fine-grained PAT for This Audit
| Area | Permission | Level |
|---|---|---|
| Organization | Members | Read |
| Organization | Administration | Read (required) |
| Repository | Metadata | Read |
| Repository | Access | All repositories, or the repos you want audited |
No write permission required for the free audit. Required: Organization -> Administration must be Read so base repository permission is detected (otherwise it can appear as UNKNOWN). Apply/fix actions can ask for Repository -> Administration: Write later.