You are not authorized to read security events

[ChrisMedicom]

Hello, we are getting the following error when running the action:

Our yml file is setup like this with the github-security-report-action after the codeql action.

The secret being used currently is a PAT token with all the boxes checked (including the "repo" and "security_events" boxes)

Thank you for any help that can be provided!

[peter-murray]

That error would seem to indicate that the token in use does not have the required permissions... That error message will be coming directly from the Octokit REST library and is the message presented from the GitHub APIs.

I just ran a test to validate the necessary settings on the token to ensure nothing has changed and with these permissions on a PAT that I just generated, it works without an error;