From 937d792a86ee3746b4ad9ab3252d3b08d6a035a6 Mon Sep 17 00:00:00 2001
From: Jason O'Donnell <2160810+jasonodonnell@users.noreply.github.com>
Date: Fri, 26 Mar 2021 14:03:15 -0400
Subject: [PATCH] Add GitHub authentication notice (#200)

* Add GitHub authentication notice

* Typo in perm name
---
 README.md | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/README.md b/README.md
index be0688b..073dc15 100644
--- a/README.md
+++ b/README.md
@@ -71,12 +71,19 @@ with:
   caCertificate: ${{ secrets.VAULTCA }}
 ```
 - **github**: you must provide the github token as `githubToken`
+
+**Notice: [Vault GitHub authentication](https://www.vaultproject.io/docs/auth/github)
+requires `read:org` permissions for authentication. The auto-generated `GITHUB_TOKEN`
+created for projects does not have these permissions and GitHub does not allow this
+token's permissions to be modified. A new GitHub Token secret must be created with
+`read:org` permissions to use this authentication method.**
+
 ```yaml
 ...
 with:
   url: https://vault.mycompany.com:8200
   method: github
-  githubToken: ${{ secrets.GITHUB_TOKEN }}
+  githubToken: ${{ secrets.MY_GITHUB_TOKEN }}
   caCertificate: ${{ secrets.VAULTCA }}
 ```