Question about personal access token

[morrowcj]

Problem

I'm trying to implement the add-to-project action to an organization's repository. It appears that, in order to do so, a personal access token is required:

# from action.yaml
github-token:
    required: true
    description: A GitHub personal access token with write access to the project

However, I don't fully understand how to store a PAT in an organization's secret variables. Does the "value" field of the secret variable actually need to be a PAT for this action to work? Since organizations aren't able to generate PATs, does one member of the org need to be responsible for generating and maintaining the token?

[omerbensaadon]

Hey! Yes, one member needs to generate the token and add it as an organization Secret from the Repo settings page

[omerbensaadon]

Check out these docs on encrypted secrets: https://docs.github.com/en/actions/security-guides/encrypted-secrets

[uhbif19]

Cannot GITHUB_TOKEN be used for that?

[saturnflyer]

I'm curious about @uhbif19's question too, @omerbensaadon
Is it required that it be a personal access token and not the GITHUB_TOKEN?

[levibostian]

This comment seems to suggest that, no, GITHUB_TOKEN cannot be used.

[saturnflyer]

Thanks for the update @levibostian

I'm trying this out on a private project with a bot account we use to share the PAT across our organization but the action just isn't running with that change. I'm fairly certain that I haven't set up permissions properly but debugging is difficult.
I'm poring over documentation about secrets/roles/permissions/etc but am commenting here hoping that someone has a straightforward explanation of how to set this up properly.

I'll comment again if I solve my problem.

EDIT: specifically I'm not seeing checks on my PRs but when I look at the Actions tab, I can see this action has failed but reports Could not resolve to a ProjectV2 with the number 9.
Is this a permissions problem?