-
Notifications
You must be signed in to change notification settings - Fork 33
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
401 Unauthorized failure #159
Comments
The user who issued the token must have access to security alerts in the repo. From your description, I think this is the most likely cause. |
Hi @arnested! I am having the same problem and I have access to the security alerts of the repo, can you tell us which permission we need to add when we make a new token on GitHub? Thanks |
A secret called GitHubSecurityToken which should contain a Personal Access Token for the GitHub user under which this action should be executed. The token must include the public_repo scope if checking only public repos, or the repo scope for use on private repos. Also, the user must have access to security alerts in the repo. |
I'm closing this now. Please let us know if you still have problems. |
I'm receiving a 401 unauthorized failure and having trouble identifying root cause. My secret is an Organization secret and an Actions environment secret named GitHubSecurityToken and I tested it via curl to the graphql api, I was able to return dependabot results. Any advice would be appreciated. Thanks!
The text was updated successfully, but these errors were encountered: