GitHub Repo Access

If you are selling access to a GitHub repository, SaaS Blueprint includes that flow already. The product ships with the GitHub setup step, an invite capture form, and guidance for cloning the repo once access is granted.

Use this if your offer includes private repo access as part of the purchase.

GitHub Repository Access Overview

Access to the private repository is managed through a GitHub organization, which owns the repo and controls all permissions.

Use a dedicated, free organization for this purpose. Otherwise, GitHub may require a paid per-user seat if you use a personal or existing paid org.

Recommended setup:

• Create a new GitHub organization to contain the private repository
• Set the organization’s default repository access to READ
• Optionally adjust permissions (for example, allowing users to submit issues)
• Optionally create a team that purchasers are added to automatically

This approach keeps access simple, avoids unnecessary seat costs, and makes it easy to grant or revoke repository access as users come and go.

GitHub Setup

• Set teh Environment Variable: GITHUB_TEAM_ID

and the secret:

npx wrangler secret put GITHUB_API_TOKEN -c workers/app/wrangler.jsonc

From GitHub → Settings → Developer Settings → Fine-grained tokens → Generate new token

• The resource owner should be an organization.
• Need 'Read and Write' permission to 'Members'.

To create fine-grained access tokens that don't expire, you may need to adjust the organization settings. From the organization settings page -> Third-party Access -> Personal access tokens -> Settings

• Deselect Fine-grained personal access tokens must expire under Set maximum lifetimes for personal access tokens.
• Click Save