Overview
This article outlines the necessary permissions required when registering a new GitHub App (VCS Provider) using the CLI with the Terraform Enterprise (TFE) provider. It also highlights a common issue related to insufficient permissions when using a Classic GitHub Personal Access Token (PAT).
Issue
You may be able to successfully create a new workspace using the TFE provider, but encounter issues when attempting to register a GitHub App as a VCS Provider via the CLI. Error may look like :
Error: Error updating workspace ws-xxxxxxxxxx: invalid attribute │ │ Repository doesn't exist or isn't accessible
Cause
The Classic GitHub Personal Access Token (PAT) used may not have the required scopes to properly register a GitHub App. Missing or insufficient scopes can lead to authentication or authorization errors when connecting to GitHub.
Resolution
When registering a new GitHub App as a VCS Provider via CLI, ensure your GitHub PAT includes the following scopes:
- repo – Full control of private repositories.
- admin : org – Read and write access to organization membership, organization projects, and team membership.
💡 These scopes are essential for the GitHub integration to manage repositories and access the organization settings during the app registration process.