Merge pull request #1571 from 2i2c-org/update-docs-githu-teams

Update auth-management.md
2i2c-org · Jul 28, 2022 · 0768110 · 0768110
2 parents ed1ee93 + d3276d6
commit 0768110
Showing 1 changed file with 12 additions and 0 deletions.
diff --git a/docs/howto/configure/auth-management.md b/docs/howto/configure/auth-management.md
@@ -186,6 +186,18 @@ There are also some steps that a Community Representative will need to take to s
 
     When authenticating against a GitHub Team, we are required to use the `read:org` scope as the GitHub OAuth App needs to know which teams belong to the organisation as well as the members of the specified team.
     ```
+
+    ````{note}
+    Allowing access to a specific GitHub team, let's say `ORG_NAME:TEAM_NAME`, doesn't mean that the users that are only members of the TEAM_NAME sub-teams, e.g. ORG_NAME:TEAM_NAME:SUB_TEAM_NAME`, will get access too.
+
+    Instead, each sub-team must be explicitly added to the `allowed_organizations` list:
+    ```yaml
+    allowed_organizations:
+        - ORG_NAME:TEAM_NAME
+        - ORG_NAME:SUB_TEAM_NAME
+    ```
+
+    ````
 
 6. Run the deployer as normal to apply the config.