Dev Solve

English

中文
日本語

English

中文
日本語

Appearance

Related Posts

Running GitHub Actions from Non-Master Branches

Git Windows Invalid Path Error

Running GitHub Actions workflows for specific folder changes

GitHub Personal Access Token in Visual Studio Code

Git: Unexpected Disconnect While Reading Sideband Packet

GitHub 403 Error: "Write access to repository not granted" - Solutions

Problem Statement

When attempting to push to a GitHub repository, you may encounter the following error:

sh
remote: Write access to repository not granted.
fatal: unable to access 'https://github.com/...../...../': 
The requested URL returned error: 403

This 403 Forbidden error occurs when GitHub denies write access to your repository, typically due to authentication or permission issues. This problem has become more common since GitHub transitioned to token-based authentication, affecting both personal repositories and collaborative projects.

Common Causes

The error can stem from several different scenarios:

  1. Insufficient permissions for your GitHub account or token
  2. Incorrect repository URL configuration
  3. Token configuration issues (expired, wrong scopes, or fine-grained token limitations)
  4. Organization-level restrictions
  5. GitHub Actions workflow permission settings

Solutions

1. Verify and Update Personal Access Token (PAT)

Most 403 errors stem from incorrect PAT configuration. Ensure your token has the proper permissions:

Token Types

GitHub offers two types of PATs:

  • Classic tokens (recommended for reliability)
  • Fine-grained tokens (newer, more granular control)

Creating a Proper Classic Token

  1. Navigate to GitHub → Settings → Developer settings → Personal access tokens → Tokens (classic)
  2. Click "Generate new token" → "Generate new token (classic)"
  3. Configure with these settings:
    • Note: Descriptive name (e.g., "Git CLI Access")
    • Expiration: Set to maximum (1 year) or "No expiration" for testing
    • Select scopes: Check "repo" for full repository access

Classic Token Configuration

Fine-Grained Token Configuration

If using fine-grained tokens:

  1. Select the correct resource owner (user or organization)
  2. Set repository access to appropriate repositories
  3. Under "Permissions", ensure "Contents" has Read and Write access
  4. Add "Metadata" with Read-only access

Fine-grained Token Permissions

Fine-Grained Token Limitations

Some users report issues with fine-grained tokens despite correct configuration. If problems persist, try a classic token instead.

2. Check Remote URL Configuration

Verify your remote URL points to the correct repository and uses the proper protocol:

sh
git remote get-url origin

For HTTPS URLs:

sh
git remote set-url origin https://github.com/<organization-name>/<repo-name>.git

For SSH URLs:

sh
git remote set-url origin git@github.com:<organization-name>/<repo-name>.git

Authentication Methods

  • HTTPS: Requires username and token/password
  • SSH: Uses SSH keys (often more reliable for write operations)

3. Update Cached Credentials

Old or incorrect credentials might be cached in your system:

On macOS (Keychain Access):

  1. Open Keychain Access
  2. Search for "github.com"
  3. Delete any existing credentials
  4. Re-authenticate with your updated token

Using Git credential helper:

sh
# Clear cached credentials
git credential-cache exit

# Or use the credential manager
git config --global credential.helper manager

4. Organization and Repository Permissions

For organization repositories, check these settings:

  1. Navigate to your organization → Settings → Member privileges
  2. Ensure "Base permissions" are set to "Write"
  3. Verify your user has appropriate access to the specific repository

5. GitHub Actions Workflow Permissions

If the error occurs in GitHub Actions workflows:

  1. Go to your repository → Settings → Actions → General
  2. Scroll to "Workflow permissions"
  3. Select "Read and write permissions"

Workflow Permissions

Alternatively, specify permissions in your workflow file:

yaml
permissions:
  contents: write
  packages: write
  issues: write
  pull-requests: write

6. SSH Key Configuration (Alternative Solution)

For more reliable access, consider using SSH keys:

  1. Generate a new SSH key
  2. Add the SSH key to your GitHub account
  3. Update your remote URL to use SSH:
sh
git remote set-url origin git@github.com:username/repository.git

Troubleshooting Checklist

Step-by-Step Debugging
  1. Verify token permissions - Ensure "repo" scope is selected
  2. Check token expiration - Generate a new token if expired
  3. Confirm remote URL - Use git remote -v to verify
  4. Test with SSH - Switch to SSH if using HTTPS
  5. Clear credentials - Remove cached credentials from your system
  6. Check organization settings - Verify base permissions
  7. Try classic token - If using fine-grained tokens

Preventing Future Issues

  1. Use SSH authentication for more reliable connections
  2. Set appropriate token expiration based on your security needs
  3. Regularly review access permissions for your repositories
  4. Use GitHub CLI for simplified authentication:
sh
gh auth login
  1. Document access requirements for team members

When to Seek Additional Help

If none of these solutions resolve your issue:

  1. Contact the repository owner to verify your access level
  2. Check GitHub Status at status.github.com for ongoing incidents
  3. Review GitHub documentation on access permissions

Security Note

Never share your personal access tokens. Each user should generate their own tokens with appropriate permissions.

By following these steps, you should be able to resolve the "Write access to repository not granted" error and successfully push to your GitHub repositories.