Fine-grained PATs can target multiple organizations in an enterprise [Public Preview]

[glider-bot]

Value Prop

Today, fine-grained PATs (Personal Access Tokens) can only be targeted to a single organization, which can be very restrictive for developers who's workflows span multiple organizations. Right now they're stuck juggling multiple tokens, or more likely falling back to PATs (Classic) at the cost of improved security.

With multi-targeting, a single fine-grained PAT can be given access to multiple organizations at once, allowing more developers to move off of PATs (Classic).

Expected Outcome

When creating a fine-grained PAT, developers can pick which enterprise they'd like to target, and then select the organizations within that enterprise the token should be valid for. The permissions selected for the token will be the same in each organization - selecting specific permissions per organization is not supported in this release.

For each organization that has an approval process setup, the token will have to be approved. Organization access will light up on a one by one basis as those approvals are granted.

At this time, for the sake of governance and isolation, we are not looking to let a token access multiple unrelated organizations. Thus, Free-plan and Team-plan organizations you are a member of would still have to be individually targeted with a token.