Configure organization-level GitHub Apps for secure cross-repository automation. Machine identity, audit trails, and enterprise-grade authentication.
Configure organization-level GitHub Apps for secure cross-repository automation with machine identity and audit trails. Use when setting up permanent infrastructure automation that needs access to multiple repositories across your organization.
/plugin marketplace add adaptive-enforcement-lab/claude-skills/plugin install secure@ael-skillsThis skill inherits all available tools. When active, it can use any tool Claude has access to.
This guide describes the concept, setup, and configuration of a GitHub Core App for organization-level automation.
Required Access
To create a Core App, you need:
- Organization owner role
- Access to organization settings:
https://github.com/organizations/{ORG}/settings/apps
Planning Considerations
Before creating the app, determine:
- Permission scope - Which repository and organization permissions are needed
- Installation scope - All repositories or specific teams
- Token management - Where secrets will be stored (repository or organization level)
- Naming convention - Standard naming (e.g., "CORE App", "Automation Core")
See the full implementation guide in the source documentation.
| Aspect | Core App | Standard App |
|---|---|---|
| Scope | Organization-wide | Single repository or selected repos |
| Purpose | Infrastructure automation | Feature-specific functionality |
| Permissions | Broad, covers common operations | Narrow, task-specific |
| Installation | All repositories | Selective repositories |
| Ownership | Organization-level admin | Project or team |
| Lifespan | Permanent infrastructure | Project lifecycle |