Organization owners can now better control which users are allowed to install GitHub Apps across their repositories with a new setting, available in public preview.

Previously, any user with admin permissions on a repository, including outside collaborators, could install GitHub Apps that requested only repository-level permissions. This sometimes resulted in unexpected app installations and governance challenges, particularly for organizations with strict security or compliance requirements.

With this new setting, organization owners can prevent repository admins from installing GitHub Apps on the repositories they manage. When the setting is enabled, only organization owners will be able to install Apps on organization repositories. Repository admins must instead request an app installation from an organization owner.

How this benefits you

  • Strengthen governance for your organization by ensuring only trusted users can install GitHub Apps across repositories.
  • Reduce the risk of unauthorized or unexpected app installations.
  • Help meet compliance requirements.

To get started, organization owners can navigate to their organization’s Settings and look for the new option under GitHub Apps within the Member privileges tab.

The checkbox that determines whether repository administrators can install GitHub apps in their organization

How to give feedback

If you have any questions or feedback, feel free to leave a comment in our Community discussion.