GITHUB_TOKEN Permissions - CI/CD Glossary Definition
GITHUB_TOKEN permissions set what the auto-generated workflow token is allowed to do.
GITHUB_TOKEN permissions are the permissions: scopes granted to the automatic token each workflow run receives, controlling what API actions the run may perform.
Declaring permissions: at the workflow or job level narrows the token from its default scopes; setting contents: read and adding only what is needed follows least-privilege.
Related guides
Least-Privilege Token - CI/CD Glossary DefinitionLeast-Privilege Token: A least-privilege token is a credential granted only the minimum scopes required for a…
Third-Party Action Risk - CI/CD Glossary DefinitionThird-Party Action Risk: Third-party action risk is the supply-chain exposure from using actions you do not c…