Authenticate section omits fine-grained PAT public repository limitation and organization requirements

[ekuris-repos]

Code of Conduct

• I have read and agree to the GitHub Docs project's Code of Conduct

What article on docs.github.com is affected?

Automate With Actions

What part(s) of the article would you like to see updated?

The Authenticate section instructs readers to create a fine-grained personal access token with the Copilot Requests permission but does not disclose that tokens scoped to a personal account only work with public repositories.

For private organization repositories, the token must be created with the organization as the resource owner, which requires the organization administrator to enable fine-grained personal access token access.

The article should also note that administrators may need to enable the Copilot CLI policy and approve individual token requests.

Finally, the article should clarify whether COPILOT_GITHUB_TOKEN is used solely for Copilot API calls or also for GitHub API calls against the repository.

Additional information

This issue affects any organization attempting to use Copilot CLI in GitHub Actions workflows on private repositories. The current instructions will result in authentication failures without explanation for these users.

[welcome]

Thanks for opening this issue. A GitHub docs team member should be by to give feedback soon. In the meantime, please check out the contributing guidelines.