Authentication to trigger a workflow

As documented in Actions - GitHub Docs, GitHub Apps must have the actions:write permission to use this endpoint. I wonder what this actions:write is. Where can I set it? If I want to use some credential in a workflow to trigger another workflow from another repo, what would I use?
Currently I can make it work with a personal access token with repo permission, but I think it is giving too much. After all I only want to trigger the workflow from another repo, but with this PAT, any one can even clone and modify that repo.

1 Like

The repo scope is correct for the PAT. The documentation you linked says that:

You must authenticate using an access token with the repo scope to use this endpoint. GitHub Apps must have the actions:write permission to use this endpoint.

actions:write is a GitHub App permission.