Merge pull request #25169 from github/repo-sync

repo sync

data/graphql/ghae/schema.docs-ghae.graphql

@@ -10677,7 +10677,8 @@ type Enterprise implements AnnouncementBanner & Node {
   ): OrganizationConnection!
 
   """
-  Enterprise information only visible to enterprise owners.
+  Enterprise information visible to enterprise owners or enterprise owners'
+  personal access tokens (classic) with read:enterprise or admin:enterprise scope.
   """
   ownerInfo: EnterpriseOwnerInfo
 
@@ -11090,6 +11091,8 @@ type EnterpriseFailedInvitationEdge {
 
 """
 An identity provider configured to provision identities for an enterprise.
+Visible to enterprise owners or enterprise owners' personal access tokens
+(classic) with read:enterprise or admin:enterprise scope.
 """
 type EnterpriseIdentityProvider implements Node {
   """
@@ -11405,7 +11408,8 @@ type EnterpriseOutsideCollaboratorEdge {
 }
 
 """
-Enterprise information only visible to enterprise owners.
+Enterprise information visible to enterprise owners or enterprise owners'
+personal access tokens (classic) with read:enterprise or admin:enterprise scope.
 """
 type EnterpriseOwnerInfo {
   """
@@ -11610,6 +11614,8 @@ type EnterpriseOwnerInfo {
 
   """
   The IP addresses that are allowed to access resources owned by the enterprise.
+  Visible to enterprise owners or enterprise owners' personal access tokens
+  (classic) with admin:enterprise scope.
   """
   ipAllowListEntries(
     """
@@ -12205,8 +12211,7 @@ type EnterpriseOwnerInfo {
   ): OrganizationConnection!
 
   """
-  The SAML Identity Provider for the enterprise. When used by a GitHub App,
-  requires an installation token with read and write access to members.
+  The SAML Identity Provider for the enterprise.
   """
   samlIdentityProvider: EnterpriseIdentityProvider
 
@@ -13215,7 +13220,13 @@ type EnvironmentEdge {
 }
 
 """
-An external identity provisioned by SAML SSO or SCIM.
+An external identity provisioned by SAML SSO or SCIM. If SAML is configured on
+the organization, the external identity is visible to (1) organization owners,
+(2) organization owners' personal access tokens (classic) with read:org or
+admin:org scope, (3) GitHub App with an installation token with read or write
+access to members. If SAML is configured on the enterprise, the external
+identity is visible to (1) enterprise owners, (2) enterprise owners' personal
+access tokens (classic) with read:enterprise or admin:enterprise scope.
 """
 type ExternalIdentity implements Node {
   """
@@ -24144,7 +24155,10 @@ type Organization implements Actor & AnnouncementBanner & MemberStatusable & Nod
   ): RepositoryRulesetConnection
 
   """
-  The Organization's SAML identity providers
+  The Organization's SAML identity provider. Visible to (1) organization owners,
+  (2) organization owners' personal access tokens (classic) with read:org or
+  admin:org scope, (3) GitHub App with an installation token with read or write
+  access to members.
   """
   samlIdentityProvider: OrganizationIdentityProvider
 
@@ -24508,7 +24522,10 @@ type OrganizationEnterpriseOwnerEdge {
 }
 
 """
-An Identity Provider configured to provision SAML and SCIM identities for Organizations
+An Identity Provider configured to provision SAML and SCIM identities for
+Organizations. Visible to (1) organization owners, (2) organization owners'
+personal access tokens (classic) with read:org or admin:org scope, (3) GitHub
+App with an installation token with read or write access to members.
 """
 type OrganizationIdentityProvider implements Node {
   """

data/graphql/ghec/schema.docs.graphql

@@ -12175,7 +12175,8 @@ type Enterprise implements AnnouncementBanner & Node {
   ): OrganizationConnection!
 
   """
-  Enterprise information only visible to enterprise owners.
+  Enterprise information visible to enterprise owners or enterprise owners'
+  personal access tokens (classic) with read:enterprise or admin:enterprise scope.
   """
   ownerInfo: EnterpriseOwnerInfo
 
@@ -12588,6 +12589,8 @@ type EnterpriseFailedInvitationEdge {
 
 """
 An identity provider configured to provision identities for an enterprise.
+Visible to enterprise owners or enterprise owners' personal access tokens
+(classic) with read:enterprise or admin:enterprise scope.
 """
 type EnterpriseIdentityProvider implements Node {
   """
@@ -12903,7 +12906,8 @@ type EnterpriseOutsideCollaboratorEdge {
 }
 
 """
-Enterprise information only visible to enterprise owners.
+Enterprise information visible to enterprise owners or enterprise owners'
+personal access tokens (classic) with read:enterprise or admin:enterprise scope.
 """
 type EnterpriseOwnerInfo {
   """
@@ -13072,7 +13076,8 @@ type EnterpriseOwnerInfo {
   ): OrganizationConnection!
 
   """
-  A list of domains owned by the enterprise.
+  A list of domains owned by the enterprise. Visible to enterprise owners or
+  enterprise owners' personal access tokens (classic) with admin:enterprise scope.
   """
   domains(
     """
@@ -13183,6 +13188,8 @@ type EnterpriseOwnerInfo {
 
   """
   The IP addresses that are allowed to access resources owned by the enterprise.
+  Visible to enterprise owners or enterprise owners' personal access tokens
+  (classic) with admin:enterprise scope.
   """
   ipAllowListEntries(
     """
@@ -13788,8 +13795,7 @@ type EnterpriseOwnerInfo {
   ): OrganizationConnection!
 
   """
-  The SAML Identity Provider for the enterprise. When used by a GitHub App,
-  requires an installation token with read and write access to members.
+  The SAML Identity Provider for the enterprise.
   """
   samlIdentityProvider: EnterpriseIdentityProvider
 
@@ -14874,7 +14880,13 @@ type EnvironmentEdge {
 }
 
 """
-An external identity provisioned by SAML SSO or SCIM.
+An external identity provisioned by SAML SSO or SCIM. If SAML is configured on
+the organization, the external identity is visible to (1) organization owners,
+(2) organization owners' personal access tokens (classic) with read:org or
+admin:org scope, (3) GitHub App with an installation token with read or write
+access to members. If SAML is configured on the enterprise, the external
+identity is visible to (1) enterprise owners, (2) enterprise owners' personal
+access tokens (classic) with read:enterprise or admin:enterprise scope.
 """
 type ExternalIdentity implements Node {
   """
@@ -23440,6 +23452,8 @@ enum NotificationRestrictionSettingValue {
 
 """
 An OIDC identity provider configured to provision identities for an enterprise.
+Visible to enterprise owners or enterprise owners' personal access tokens
+(classic) with read:enterprise or admin:enterprise scope.
 """
 type OIDCProvider implements Node {
   """
@@ -27616,7 +27630,10 @@ type Organization implements Actor & AnnouncementBanner & MemberStatusable & Nod
   ): RepositoryRulesetConnection
 
   """
-  The Organization's SAML identity providers
+  The Organization's SAML identity provider. Visible to (1) organization owners,
+  (2) organization owners' personal access tokens (classic) with read:org or
+  admin:org scope, (3) GitHub App with an installation token with read or write
+  access to members.
   """
   samlIdentityProvider: OrganizationIdentityProvider
 
@@ -28279,7 +28296,10 @@ type OrganizationEnterpriseOwnerEdge {
 }
 
 """
-An Identity Provider configured to provision SAML and SCIM identities for Organizations
+An Identity Provider configured to provision SAML and SCIM identities for
+Organizations. Visible to (1) organization owners, (2) organization owners'
+personal access tokens (classic) with read:org or admin:org scope, (3) GitHub
+App with an installation token with read or write access to members.
 """
 type OrganizationIdentityProvider implements Node {
   """

data/graphql/schema.docs.graphql

@@ -12175,7 +12175,8 @@ type Enterprise implements AnnouncementBanner & Node {
   ): OrganizationConnection!
 
   """
-  Enterprise information only visible to enterprise owners.
+  Enterprise information visible to enterprise owners or enterprise owners'
+  personal access tokens (classic) with read:enterprise or admin:enterprise scope.
   """
   ownerInfo: EnterpriseOwnerInfo
 
@@ -12588,6 +12589,8 @@ type EnterpriseFailedInvitationEdge {
 
 """
 An identity provider configured to provision identities for an enterprise.
+Visible to enterprise owners or enterprise owners' personal access tokens
+(classic) with read:enterprise or admin:enterprise scope.
 """
 type EnterpriseIdentityProvider implements Node {
   """
@@ -12903,7 +12906,8 @@ type EnterpriseOutsideCollaboratorEdge {
 }
 
 """
-Enterprise information only visible to enterprise owners.
+Enterprise information visible to enterprise owners or enterprise owners'
+personal access tokens (classic) with read:enterprise or admin:enterprise scope.
 """
 type EnterpriseOwnerInfo {
   """
@@ -13072,7 +13076,8 @@ type EnterpriseOwnerInfo {
   ): OrganizationConnection!
 
   """
-  A list of domains owned by the enterprise.
+  A list of domains owned by the enterprise. Visible to enterprise owners or
+  enterprise owners' personal access tokens (classic) with admin:enterprise scope.
   """
   domains(
     """
@@ -13183,6 +13188,8 @@ type EnterpriseOwnerInfo {
 
   """
   The IP addresses that are allowed to access resources owned by the enterprise.
+  Visible to enterprise owners or enterprise owners' personal access tokens
+  (classic) with admin:enterprise scope.
   """
   ipAllowListEntries(
     """
@@ -13788,8 +13795,7 @@ type EnterpriseOwnerInfo {
   ): OrganizationConnection!
 
   """
-  The SAML Identity Provider for the enterprise. When used by a GitHub App,
-  requires an installation token with read and write access to members.
+  The SAML Identity Provider for the enterprise.
   """
   samlIdentityProvider: EnterpriseIdentityProvider
 
@@ -14874,7 +14880,13 @@ type EnvironmentEdge {
 }
 
 """
-An external identity provisioned by SAML SSO or SCIM.
+An external identity provisioned by SAML SSO or SCIM. If SAML is configured on
+the organization, the external identity is visible to (1) organization owners,
+(2) organization owners' personal access tokens (classic) with read:org or
+admin:org scope, (3) GitHub App with an installation token with read or write
+access to members. If SAML is configured on the enterprise, the external
+identity is visible to (1) enterprise owners, (2) enterprise owners' personal
+access tokens (classic) with read:enterprise or admin:enterprise scope.
 """
 type ExternalIdentity implements Node {
   """
@@ -23440,6 +23452,8 @@ enum NotificationRestrictionSettingValue {
 
 """
 An OIDC identity provider configured to provision identities for an enterprise.
+Visible to enterprise owners or enterprise owners' personal access tokens
+(classic) with read:enterprise or admin:enterprise scope.
 """
 type OIDCProvider implements Node {
   """
@@ -27616,7 +27630,10 @@ type Organization implements Actor & AnnouncementBanner & MemberStatusable & Nod
   ): RepositoryRulesetConnection
 
   """
-  The Organization's SAML identity providers
+  The Organization's SAML identity provider. Visible to (1) organization owners,
+  (2) organization owners' personal access tokens (classic) with read:org or
+  admin:org scope, (3) GitHub App with an installation token with read or write
+  access to members.
   """
   samlIdentityProvider: OrganizationIdentityProvider
 
@@ -28279,7 +28296,10 @@ type OrganizationEnterpriseOwnerEdge {
 }
 
 """
-An Identity Provider configured to provision SAML and SCIM identities for Organizations
+An Identity Provider configured to provision SAML and SCIM identities for
+Organizations. Visible to (1) organization owners, (2) organization owners'
+personal access tokens (classic) with read:org or admin:org scope, (3) GitHub
+App with an installation token with read or write access to members.
 """
 type OrganizationIdentityProvider implements Node {
   """

src/graphql/data/dotcom/schema.json

@@ -20356,7 +20356,7 @@
         },
         {
           "name": "ownerInfo",
-          "description": "<p>Enterprise information only visible to enterprise owners.</p>",
+          "description": "<p>Enterprise information visible to enterprise owners or enterprise owners'\npersonal access tokens (classic) with read:enterprise or admin:enterprise scope.</p>",
           "type": "EnterpriseOwnerInfo",
           "id": "enterpriseownerinfo",
           "kind": "objects",
@@ -20776,7 +20776,7 @@
       "kind": "objects",
       "id": "enterpriseidentityprovider",
       "href": "/graphql/reference/objects#enterpriseidentityprovider",
-      "description": "<p>An identity provider configured to provision identities for an enterprise.</p>",
+      "description": "<p>An identity provider configured to provision identities for an enterprise.\nVisible to enterprise owners or enterprise owners' personal access tokens\n(classic) with read:enterprise or admin:enterprise scope.</p>",
       "implements": [
         {
           "name": "Node",
@@ -21194,7 +21194,7 @@
       "kind": "objects",
       "id": "enterpriseownerinfo",
       "href": "/graphql/reference/objects#enterpriseownerinfo",
-      "description": "<p>Enterprise information only visible to enterprise owners.</p>",
+      "description": "<p>Enterprise information visible to enterprise owners or enterprise owners'\npersonal access tokens (classic) with read:enterprise or admin:enterprise scope.</p>",
       "fields": [
         {
           "name": "admins",
@@ -21520,7 +21520,7 @@
         },
         {
           "name": "domains",
-          "description": "<p>A list of domains owned by the enterprise.</p>",
+          "description": "<p>A list of domains owned by the enterprise. Visible to enterprise owners or\nenterprise owners' personal access tokens (classic) with admin:enterprise scope.</p>",
           "type": "VerifiableDomainConnection!",
           "id": "verifiabledomainconnection",
           "kind": "objects",
@@ -21739,7 +21739,7 @@
         },
         {
           "name": "ipAllowListEntries",
-          "description": "<p>The IP addresses that are allowed to access resources owned by the enterprise.</p>",
+          "description": "<p>The IP addresses that are allowed to access resources owned by the enterprise.\nVisible to enterprise owners or enterprise owners' personal access tokens\n(classic) with admin:enterprise scope.</p>",
           "type": "IpAllowListEntryConnection!",
           "id": "ipallowlistentryconnection",
           "kind": "objects",
@@ -22913,7 +22913,7 @@
         },
         {
           "name": "samlIdentityProvider",
-          "description": "<p>The SAML Identity Provider for the enterprise. When used by a GitHub App,\nrequires an installation token with read and write access to members.</p>",
+          "description": "<p>The SAML Identity Provider for the enterprise.</p>",
           "type": "EnterpriseIdentityProvider",
           "id": "enterpriseidentityprovider",
           "kind": "objects",
@@ -24579,7 +24579,7 @@
       "kind": "objects",
       "id": "externalidentity",
       "href": "/graphql/reference/objects#externalidentity",
-      "description": "<p>An external identity provisioned by SAML SSO or SCIM.</p>",
+      "description": "<p>An external identity provisioned by SAML SSO or SCIM. If SAML is configured on\nthe organization, the external identity is visible to (1) organization owners,\n(2) organization owners' personal access tokens (classic) with read:org or\nadmin:org scope, (3) GitHub App with an installation token with read or write\naccess to members. If SAML is configured on the enterprise, the external\nidentity is visible to (1) enterprise owners, (2) enterprise owners' personal\naccess tokens (classic) with read:enterprise or admin:enterprise scope.</p>",
       "implements": [
         {
           "name": "Node",
@@ -31965,7 +31965,7 @@
       "kind": "objects",
       "id": "oidcprovider",
       "href": "/graphql/reference/objects#oidcprovider",
-      "description": "<p>An OIDC identity provider configured to provision identities for an enterprise.</p>",
+      "description": "<p>An OIDC identity provider configured to provision identities for an enterprise.\nVisible to enterprise owners or enterprise owners' personal access tokens\n(classic) with read:enterprise or admin:enterprise scope.</p>",
       "implements": [
         {
           "name": "Node",
@@ -38879,7 +38879,7 @@
         },
         {
           "name": "samlIdentityProvider",
-          "description": "<p>The Organization's SAML identity providers.</p>",
+          "description": "<p>The Organization's SAML identity provider. Visible to (1) organization owners,\n(2) organization owners' personal access tokens (classic) with read:org or\nadmin:org scope, (3) GitHub App with an installation token with read or write\naccess to members.</p>",
           "type": "OrganizationIdentityProvider",
           "id": "organizationidentityprovider",
           "kind": "objects",
@@ -39932,7 +39932,7 @@
       "kind": "objects",
       "id": "organizationidentityprovider",
       "href": "/graphql/reference/objects#organizationidentityprovider",
-      "description": "<p>An Identity Provider configured to provision SAML and SCIM identities for Organizations.</p>",
+      "description": "<p>An Identity Provider configured to provision SAML and SCIM identities for\nOrganizations. Visible to (1) organization owners, (2) organization owners'\npersonal access tokens (classic) with read:org or admin:org scope, (3) GitHub\nApp with an installation token with read or write access to members.</p>",
       "implements": [
         {
           "name": "Node",

src/graphql/data/ghae/schema.json

@@ -17655,7 +17655,7 @@
         },
         {
           "name": "ownerInfo",
-          "description": "<p>Enterprise information only visible to enterprise owners.</p>",
+          "description": "<p>Enterprise information visible to enterprise owners or enterprise owners'\npersonal access tokens (classic) with read:enterprise or admin:enterprise scope.</p>",
           "type": "EnterpriseOwnerInfo",
           "id": "enterpriseownerinfo",
           "kind": "objects",
@@ -18075,7 +18075,7 @@
       "kind": "objects",
       "id": "enterpriseidentityprovider",
       "href": "/graphql/reference/objects#enterpriseidentityprovider",
-      "description": "<p>An identity provider configured to provision identities for an enterprise.</p>",
+      "description": "<p>An identity provider configured to provision identities for an enterprise.\nVisible to enterprise owners or enterprise owners' personal access tokens\n(classic) with read:enterprise or admin:enterprise scope.</p>",
       "implements": [
         {
           "name": "Node",
@@ -18493,7 +18493,7 @@
       "kind": "objects",
       "id": "enterpriseownerinfo",
       "href": "/graphql/reference/objects#enterpriseownerinfo",
-      "description": "<p>Enterprise information only visible to enterprise owners.</p>",
+      "description": "<p>Enterprise information visible to enterprise owners or enterprise owners'\npersonal access tokens (classic) with read:enterprise or admin:enterprise scope.</p>",
       "fields": [
         {
           "name": "admins",
@@ -18887,7 +18887,7 @@
         },
         {
           "name": "ipAllowListEntries",
-          "description": "<p>The IP addresses that are allowed to access resources owned by the enterprise.</p>",
+          "description": "<p>The IP addresses that are allowed to access resources owned by the enterprise.\nVisible to enterprise owners or enterprise owners' personal access tokens\n(classic) with admin:enterprise scope.</p>",
           "type": "IpAllowListEntryConnection!",
           "id": "ipallowlistentryconnection",
           "kind": "objects",
@@ -20045,7 +20045,7 @@
         },
         {
           "name": "samlIdentityProvider",
-          "description": "<p>The SAML Identity Provider for the enterprise. When used by a GitHub App,\nrequires an installation token with read and write access to members.</p>",
+          "description": "<p>The SAML Identity Provider for the enterprise.</p>",
           "type": "EnterpriseIdentityProvider",
           "id": "enterpriseidentityprovider",
           "kind": "objects",
@@ -21585,7 +21585,7 @@
       "kind": "objects",
       "id": "externalidentity",
       "href": "/graphql/reference/objects#externalidentity",
-      "description": "<p>An external identity provisioned by SAML SSO or SCIM.</p>",
+      "description": "<p>An external identity provisioned by SAML SSO or SCIM. If SAML is configured on\nthe organization, the external identity is visible to (1) organization owners,\n(2) organization owners' personal access tokens (classic) with read:org or\nadmin:org scope, (3) GitHub App with an installation token with read or write\naccess to members. If SAML is configured on the enterprise, the external\nidentity is visible to (1) enterprise owners, (2) enterprise owners' personal\naccess tokens (classic) with read:enterprise or admin:enterprise scope.</p>",
       "implements": [
         {
           "name": "Node",
@@ -34070,7 +34070,7 @@
         },
         {
           "name": "samlIdentityProvider",
-          "description": "<p>The Organization's SAML identity providers.</p>",
+          "description": "<p>The Organization's SAML identity provider. Visible to (1) organization owners,\n(2) organization owners' personal access tokens (classic) with read:org or\nadmin:org scope, (3) GitHub App with an installation token with read or write\naccess to members.</p>",
           "type": "OrganizationIdentityProvider",
           "id": "organizationidentityprovider",
           "kind": "objects",
@@ -34552,7 +34552,7 @@
       "kind": "objects",
       "id": "organizationidentityprovider",
       "href": "/graphql/reference/objects#organizationidentityprovider",
-      "description": "<p>An Identity Provider configured to provision SAML and SCIM identities for Organizations.</p>",
+      "description": "<p>An Identity Provider configured to provision SAML and SCIM identities for\nOrganizations. Visible to (1) organization owners, (2) organization owners'\npersonal access tokens (classic) with read:org or admin:org scope, (3) GitHub\nApp with an installation token with read or write access to members.</p>",
       "implements": [
         {
           "name": "Node",

src/graphql/data/ghec/schema.json

@@ -20356,7 +20356,7 @@
         },
         {
           "name": "ownerInfo",
-          "description": "<p>Enterprise information only visible to enterprise owners.</p>",
+          "description": "<p>Enterprise information visible to enterprise owners or enterprise owners'\npersonal access tokens (classic) with read:enterprise or admin:enterprise scope.</p>",
           "type": "EnterpriseOwnerInfo",
           "id": "enterpriseownerinfo",
           "kind": "objects",
@@ -20776,7 +20776,7 @@
       "kind": "objects",
       "id": "enterpriseidentityprovider",
       "href": "/graphql/reference/objects#enterpriseidentityprovider",
-      "description": "<p>An identity provider configured to provision identities for an enterprise.</p>",
+      "description": "<p>An identity provider configured to provision identities for an enterprise.\nVisible to enterprise owners or enterprise owners' personal access tokens\n(classic) with read:enterprise or admin:enterprise scope.</p>",
       "implements": [
         {
           "name": "Node",
@@ -21194,7 +21194,7 @@
       "kind": "objects",
       "id": "enterpriseownerinfo",
       "href": "/graphql/reference/objects#enterpriseownerinfo",
-      "description": "<p>Enterprise information only visible to enterprise owners.</p>",
+      "description": "<p>Enterprise information visible to enterprise owners or enterprise owners'\npersonal access tokens (classic) with read:enterprise or admin:enterprise scope.</p>",
       "fields": [
         {
           "name": "admins",
@@ -21520,7 +21520,7 @@
         },
         {
           "name": "domains",
-          "description": "<p>A list of domains owned by the enterprise.</p>",
+          "description": "<p>A list of domains owned by the enterprise. Visible to enterprise owners or\nenterprise owners' personal access tokens (classic) with admin:enterprise scope.</p>",
           "type": "VerifiableDomainConnection!",
           "id": "verifiabledomainconnection",
           "kind": "objects",
@@ -21739,7 +21739,7 @@
         },
         {
           "name": "ipAllowListEntries",
-          "description": "<p>The IP addresses that are allowed to access resources owned by the enterprise.</p>",
+          "description": "<p>The IP addresses that are allowed to access resources owned by the enterprise.\nVisible to enterprise owners or enterprise owners' personal access tokens\n(classic) with admin:enterprise scope.</p>",
           "type": "IpAllowListEntryConnection!",
           "id": "ipallowlistentryconnection",
           "kind": "objects",
@@ -22913,7 +22913,7 @@
         },
         {
           "name": "samlIdentityProvider",
-          "description": "<p>The SAML Identity Provider for the enterprise. When used by a GitHub App,\nrequires an installation token with read and write access to members.</p>",
+          "description": "<p>The SAML Identity Provider for the enterprise.</p>",
           "type": "EnterpriseIdentityProvider",
           "id": "enterpriseidentityprovider",
           "kind": "objects",
@@ -24579,7 +24579,7 @@
       "kind": "objects",
       "id": "externalidentity",
       "href": "/graphql/reference/objects#externalidentity",
-      "description": "<p>An external identity provisioned by SAML SSO or SCIM.</p>",
+      "description": "<p>An external identity provisioned by SAML SSO or SCIM. If SAML is configured on\nthe organization, the external identity is visible to (1) organization owners,\n(2) organization owners' personal access tokens (classic) with read:org or\nadmin:org scope, (3) GitHub App with an installation token with read or write\naccess to members. If SAML is configured on the enterprise, the external\nidentity is visible to (1) enterprise owners, (2) enterprise owners' personal\naccess tokens (classic) with read:enterprise or admin:enterprise scope.</p>",
       "implements": [
         {
           "name": "Node",
@@ -31965,7 +31965,7 @@
       "kind": "objects",
       "id": "oidcprovider",
       "href": "/graphql/reference/objects#oidcprovider",
-      "description": "<p>An OIDC identity provider configured to provision identities for an enterprise.</p>",
+      "description": "<p>An OIDC identity provider configured to provision identities for an enterprise.\nVisible to enterprise owners or enterprise owners' personal access tokens\n(classic) with read:enterprise or admin:enterprise scope.</p>",
       "implements": [
         {
           "name": "Node",
@@ -38879,7 +38879,7 @@
         },
         {
           "name": "samlIdentityProvider",
-          "description": "<p>The Organization's SAML identity providers.</p>",
+          "description": "<p>The Organization's SAML identity provider. Visible to (1) organization owners,\n(2) organization owners' personal access tokens (classic) with read:org or\nadmin:org scope, (3) GitHub App with an installation token with read or write\naccess to members.</p>",
           "type": "OrganizationIdentityProvider",
           "id": "organizationidentityprovider",
           "kind": "objects",
@@ -39932,7 +39932,7 @@
       "kind": "objects",
       "id": "organizationidentityprovider",
       "href": "/graphql/reference/objects#organizationidentityprovider",
-      "description": "<p>An Identity Provider configured to provision SAML and SCIM identities for Organizations.</p>",
+      "description": "<p>An Identity Provider configured to provision SAML and SCIM identities for\nOrganizations. Visible to (1) organization owners, (2) organization owners'\npersonal access tokens (classic) with read:org or admin:org scope, (3) GitHub\nApp with an installation token with read or write access to members.</p>",
       "implements": [
         {
           "name": "Node",