jprdonnelly/docs
1
0
Fork 0
mirror of synced 2026-01-08 12:01:53 -05:00
Code Issues Projects Releases Wiki Activity

Update explanation for the scope of permissions in the provided code examples for token authentication (#28551)

Browse Source 
Co-authored-by: cmwilson21 <77312589+cmwilson21@users.noreply.github.com>
This commit is contained in:
Dimitris Alexandridis
2023-10-06 14:02:01 +01:00
committed by GitHub
parent 744c364ae2
commit f5740b6f79
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
content/actions/security-guides/automatic-token-authentication.md
View File

@@ -117,7 +117,7 @@ You can use the `permissions` key in your workflow file to modify permissions fo
{% data reusables.actions.forked-write-permission %}
The two workflow examples earlier in this article show the `permissions` key being used at the workflow level, and at the job level. In [Example 1](#example-1-passing-the-github_token-as-an-input) the two permissions are specified for the entire workflow. In [Example 2](#example-2-calling-the-rest-api) write access is granted for one scope for a single job.
The two workflow examples earlier in this article show the `permissions` key being used at the job level, as it is best practice to limit the permissions' scope.
For full details of the `permissions` key, see "[AUTOTITLE](/actions/using-workflows/workflow-syntax-for-github-actions#permissions)."