GitHub Actions GITHUB_TOKEN "cannot access another repository"
The automatic GITHUB_TOKEN is scoped to the repository running the workflow. Any call targeting a different repo (clone, dispatch, API write) returns 403/404 because the token has no rights outside its own repo.
What this error means
A step touching a second repository fails with not found or resource not accessible while same-repo calls work.
github-actions
RequestError [HttpError]: Not Found
The GITHUB_TOKEN is scoped to this repository and cannot access another repository.
status: 404Common causes
Cross-repo access with GITHUB_TOKEN
GITHUB_TOKEN permissions do not extend beyond the workflow repository by design.
How to fix it
Use a dedicated credential for the other repo
- Create a GitHub App installation token or a fine-grained PAT with access to the target repo.
- Store it as a secret and pass it to the cross-repo step instead of GITHUB_TOKEN.
.github/workflows/sync.yml
- uses: actions/checkout@v4
with:
repository: org/other-repo
token: ${{ secrets.CROSS_REPO_TOKEN }}How to prevent it
- Reserve GITHUB_TOKEN for same-repo operations.
- Use a least-privilege App token for cross-repo automation.
Related guides
GitHub Actions "Resource not accessible by personal access token" (fine-grained)Fix "Resource not accessible by personal access token" when a fine-grained PAT lacks the required repository…
GitHub Actions GITHUB_TOKEN cannot trigger another workflowFix the GitHub Actions behavior where events created with the default GITHUB_TOKEN do not trigger further wor…
GitHub Actions checkout "fatal: could not read Username" (submodules)Fix actions/checkout "fatal: could not read Username for https://github.com" on submodules - the default toke…