Organizations & teams
Organizations group people and repos under a shared namespace.
A repo at acme/widget is owned by the acme org, and access
is managed through teams + direct collaborators.
Creating an org
Account menu → "New organization". You'll need:
- A name — same rules as usernames; cannot collide with an existing user or org.
- A primary email (for billing/notifications; org settings only).
When paid organization billing is enabled, the flow asks you to pick Free or Team before the form. The creator is the first owner.
Roles
- Owner — full admin: settings, billing, member management, any repo. There must always be at least one owner.
- Member — appears in the org's people list; sees public + the private repos a team grants them.
A user can be both an owner and a team member.
Inviting members
Org → People → "Invite member". Type an existing username or email. The invitee gets a notification + email; they accept on a landing page and become a member immediately.
Invitations expire after 7 days; resend or revoke from the same page.
Removing members
Owner → click a member → "Remove". The user loses team memberships and any direct grants the org had given them. If they authored issues/PRs, those stay; if they had pending invitations, those are cancelled.
Teams
Teams are how you grant repo access at scale.
- Create: Org → Teams → "New team".
- Members: add org members; non-members must be invited to the org first.
- Repo access: add repos with one of
read,triage,write,maintain,admin. Multiple teams can grant on the same repo; the user's effective permission is the maximum. - One-level nesting: a team can have a parent team. Members of a parent team are also considered members of every child team for permission purposes.
Mentioning a team
@acme/security in any markdown body notifies every member of
that team. Useful for review requests and triage.
Org-owned repos
Indistinguishable from user-owned repos in most ways; the difference is that access is governed by team grants instead of the owner being a single user.
Audit
Org → Settings → Audit log surfaces org-level events: member add/remove, team create/delete, repo transferred in/out, role changes. Same per-row IP + user-agent capture as the personal audit log.
View source
| 1 | # Organizations & teams |
| 2 | |
| 3 | Organizations group people and repos under a shared namespace. |
| 4 | A repo at `acme/widget` is owned by the `acme` org, and access |
| 5 | is managed through teams + direct collaborators. |
| 6 | |
| 7 | ## Creating an org |
| 8 | |
| 9 | Account menu → "New organization". You'll need: |
| 10 | |
| 11 | - A name — same rules as usernames; cannot collide with an |
| 12 | existing user or org. |
| 13 | - A primary email (for billing/notifications; org settings only). |
| 14 | |
| 15 | When paid organization billing is enabled, the flow asks you to pick |
| 16 | Free or Team before the form. The creator is the first owner. |
| 17 | |
| 18 | ## Roles |
| 19 | |
| 20 | - **Owner** — full admin: settings, billing, member management, |
| 21 | any repo. There must always be at least one owner. |
| 22 | - **Member** — appears in the org's people list; sees public + the |
| 23 | private repos a team grants them. |
| 24 | |
| 25 | A user can be both an owner and a team member. |
| 26 | |
| 27 | ## Inviting members |
| 28 | |
| 29 | Org → People → "Invite member". Type an existing username or |
| 30 | email. The invitee gets a notification + email; they accept on a |
| 31 | landing page and become a member immediately. |
| 32 | |
| 33 | Invitations expire after 7 days; resend or revoke from the same |
| 34 | page. |
| 35 | |
| 36 | ## Removing members |
| 37 | |
| 38 | Owner → click a member → "Remove". The user loses team |
| 39 | memberships and any direct grants the org had given them. If they |
| 40 | authored issues/PRs, those stay; if they had pending invitations, |
| 41 | those are cancelled. |
| 42 | |
| 43 | ## Teams |
| 44 | |
| 45 | Teams are how you grant repo access at scale. |
| 46 | |
| 47 | - **Create:** Org → Teams → "New team". |
| 48 | - **Members:** add org members; non-members must be invited to |
| 49 | the org first. |
| 50 | - **Repo access:** add repos with one of `read`, `triage`, `write`, |
| 51 | `maintain`, `admin`. Multiple teams can grant on the same repo; |
| 52 | the user's effective permission is the **maximum**. |
| 53 | - **One-level nesting:** a team can have a parent team. Members |
| 54 | of a parent team are also considered members of every child |
| 55 | team for permission purposes. |
| 56 | |
| 57 | ## Mentioning a team |
| 58 | |
| 59 | `@acme/security` in any markdown body notifies every member of |
| 60 | that team. Useful for review requests and triage. |
| 61 | |
| 62 | ## Org-owned repos |
| 63 | |
| 64 | Indistinguishable from user-owned repos in most ways; the |
| 65 | difference is that access is governed by team grants instead of |
| 66 | the owner being a single user. |
| 67 | |
| 68 | ## Audit |
| 69 | |
| 70 | Org → Settings → Audit log surfaces org-level events: member |
| 71 | add/remove, team create/delete, repo transferred in/out, role |
| 72 | changes. Same per-row IP + user-agent capture as the personal |
| 73 | audit log. |