I am the owner of a private repository and I need to give a teammate full access so they can manage settings, edit webhooks, and add other collaborators. I know how to add someone as a basic contributor, but I want them to have the same "Admin" privileges that I have. What are the specific steps in the GitHub settings to change a user's role from 'Read' or 'Write' to 'Admin'? Also, if I am working within a GitHub Organization rather than a personal account, does the process for granting full access change?
3 answers
To give a user full access to a personal repository, navigate to the Settings tab of the repo, click on Collaborators in the left sidebar, and add the user by their username or email. Once they are added (or if they are already there), you can use the dropdown menu next to their name to select Admin. For GitHub Organizations, the process is slightly different: you manage access under Teams or People, where you can assign "Repository roles." Setting someone to the "Admin" role gives them total control over the repository, including the ability to delete it or change its visibility, so use this level of access sparingly.
I followed these steps for my organization, but I noticed there is also a "Maintain" role. What is the difference between a Maintainer and an Admin? If I want my lead developer to be able to manage the codebase and releases but not be able to delete the entire repository by accident, which one should I choose?
Remember that the user won't actually see the new permissions until they accept the invitation sent to their email or via their GitHub notifications. I've seen many teams get stuck wondering why a user can't push code simply because the invite is still pending!
I agree with Jordan. It’s also worth noting that if you have Branch Protection rules turned on, even Admins might be blocked from pushing directly to main without a pull request. This is a standard Cloud Technology safety measure to prevent accidental code breakages.
Marcus, that is a great question for anyone managing a professional Software Development team. You should choose the Maintain role. Maintainers can manage issues, pull requests, and some repository settings, but they cannot perform high-risk actions like deleting the repository or managing sensitive security keys. The Admin role should really be reserved for the project owner or a trusted DevOps lead.