Access to Private Organization Repositories in GitHub MCP Server

[adamklepacz]

Access to Private Organization Repositories in GitHub MCP Server

Describe the feature or problem you'd like to solve

Currently, GitHub MCP Server lacks the ability to access private repositories that belong to organizations where a user is a member. This is a significant limitation for professional developers who primarily work with company repositories.

A clear and concise description of what the feature or problem is:
As professional developers, the majority of our work happens in private repositories owned by our employers or client organizations. Without access to these organization-owned private repositories, GitHub MCP Server's functionality is severely limited for enterprise users and professional developers. We need a way to securely access and work with private repositories within organizations we belong to, just as we can with personal repositories.

Proposed solution

Extend GitHub MCP Server's capabilities to support authentication and access to private repositories owned by organizations where the user has appropriate permissions. This should include:

1. Support for organization-scoped tokens or authentication methods
2. Ability to browse, and work with private organization repositories
3. Respect for organization permission levels (maintaining the same access controls as GitHub.com)
4. Integration with existing MCP Server workflows for these repositories

How will it benefit GitHub MCP Server and its users?

This enhancement would dramatically increase MCP Server's utility for professional developers and enterprise users. Most professional development work happens in private organizational repositories, not personal ones. By enabling access to these repositories, MCP Server would become a viable tool for daily professional use rather than just for personal projects.

Benefits include:

• Higher adoption rates among professional developers
• Increased productivity by allowing users to work with their most important repositories
• Better integration into professional workflows
• Enabling enterprise teams to utilize MCP Server's capabilities for their critical work

Additional context

Most professional developers spend 90%+ of their working time on company repositories. Without organization repository access, MCP Server is effectively unavailable for our main development activities. This creates a significant gap between the tool's potential and its current practical utility.

This feature would transform MCP Server from a tool that's primarily useful for personal projects to one that can be integrated into professional development workflows, greatly expanding its relevance and impact in the development community.

[juruen]

@adamklepacz you can already use the server with private repos that belong to orgs. You just need to make sure that:

• Your token has access to them
• You prompt the agent correctly

[adamklepacz]

@juruen

How do I get access to those private repos under my company org?
Can you guide me?

I'm generating PAT using my GitHub account. I'm a member of my company organization, but still I don't see the company repos through MCP.

Should I ask company to generate a member PAT token for me instead?

[SamMorrowDrums]

Does your organization use SSO? Sometimes after generating a PAT you also need to give it specific access to restricted orgs.

[kdevkr]

I also failed fine-grained PAT with full (read-only) permisson.

and it worked after change to classic token.

what should I request my organization? 😅

[zerone2]

I did everything with my PAT from my company's organization account but I couldn't use github MCP properly.

[aphexcx]

I also tried a fine-grained PAT and a classic PAT, gave both all of the permissions, and I still cannot list issues under my private repo under my organization.

github:list_issues (MCP)(owner: "my-org", repo: "myrepo", state: "open")…
  ⎿  MCP error -32603: Not Found: Resource not found: Not Found

What's interesting is that claude sees that the organization exists, and search_repositories even succeeds in finding my private repo. But list_issues fails with 404.

Error executing code: MCP error -32603: failed to list issues: GET https://api.github.com/repos/my-org/myrepo/issues?state=open: 404 Not Found []

And this query:

{
  `q`: `repo:my-org/myrepo is:issue is:open`
}
Error executing code: MCP error -32603: failed to search issues: GET https://api.github.com/search/issues?page=1&per_page=30&q=repo%3Amy-org%2Fmyrepo+is%3Aissue+is%3Aopen: 422 Validation Failed [{Resource:Search Field:q Code:invalid Message:The listed users and repositories cannot be searched either because the resources do not exist or you do not have permission to view them.}]

[tomthomas-helix]

I also faced this issue with the fine grained token. Our org uses SSO, so I had to switch to the Classic tokens which support enabling SSO.

However, I still faced issues initially with the scopes I enabled in the beginning. Then I realized, it seems we need to check the top level repo checkbox that grants it all the permissions under it. The top level checkbox has this description next to it Full control of private repositories which it seems is only permitted if you check the top level box. If you only enable one of the subsets, there is no private repo support

[thiagoscodelerae]

@adamklepacz I successfully made it work by using a fine-grained personal access token with "Resource Owner" pointing to my company's organization.
Tokens (classic) should work as well if allowed by your Organization.

[saivarsha17]

@thiagoscodelerae I tried setting up in both ways Classic tokens / Fine grained PAT and gave all permissions , still facing the same issue .

[thiagoscodelerae]

@saivarsha17 do you know if your organization allows API/Git access through PAT? See settings below:

Also, if you are using docker to run the MCP server, did you restart the server after adding the generated PAT? This is required to get the environment variable GITHUB_PERSONAL_ACCESS_TOKEN correctly:

         "args":[
            "run",
            "-i",
            "--rm",
            "-e",
            "GITHUB_PERSONAL_ACCESS_TOKEN",
            "ghcr.io/github/github-mcp-server"
         ],

[SamMorrowDrums]

I think this is more of a discussion and possible documentation gap, so I have removed the bug label. As @thiagoscodelerae has shared, orgs can have different rules for PATs, and you can selected different permissions when creating them too (which may well block certain actions as intended), and then there are also issues like SSO and other considerations like your individual access level for various repositories, so I think largely this is case of auth working as GitHub intends, and it sometimes causes confusion for end users - but it's not really in the scope of the MCP server to fix, and you would find the same issues calling the API directly with the same tokens.

[saivarsha17]

@thiagoscodelerae Yes , my organization allows access through PAT . And also I'm using node package instead of docker . But still i restarted after updating the token . Still facing the same issue (MPC -32603: Authentication Failed: Bad credentials)