From 72174f6615792488fb00ca2e551911a63e02b052 Mon Sep 17 00:00:00 2001
From: Jason O'Donnell <2160810+jasonodonnell@users.noreply.github.com>
Date: Thu, 25 Mar 2021 10:34:29 -0400
Subject: [PATCH] Add GitHub authentication notice

---
 README.md | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/README.md b/README.md
index be0688b..5bc55c1 100644
--- a/README.md
+++ b/README.md
@@ -71,12 +71,19 @@ with:
   caCertificate: ${{ secrets.VAULTCA }}
 ```
 - **github**: you must provide the github token as `githubToken`
+
+**Notice: [Vault GitHub authentication](https://www.vaultproject.io/docs/auth/github)
+requires `org:read` permissions for authentication. The auto-generated `GITHUB_TOKEN`
+created for projects does not have these permissions and GitHub does not allow this
+token's permissions to be modified. A new GitHub Token secret must be created with
+`org:read` permissions to use this authentication method.**
+
 ```yaml
 ...
 with:
   url: https://vault.mycompany.com:8200
   method: github
-  githubToken: ${{ secrets.GITHUB_TOKEN }}
+  githubToken: ${{ secrets.MY_GITHUB_TOKEN }}
   caCertificate: ${{ secrets.VAULTCA }}
 ```