From a696699ad877fdc420e5e436399fc552dc808af6 Mon Sep 17 00:00:00 2001
From: Josh McKinney <joshka@users.noreply.github.com>
Date: Fri, 28 Nov 2025 18:12:29 -0800
Subject: [PATCH] owners: explain GitHub org access policy link in team error

---
 src/controllers/krate/owners.rs | 12 +++++++++---
 1 file changed, 9 insertions(+), 3 deletions(-)

diff --git a/src/controllers/krate/owners.rs b/src/controllers/krate/owners.rs
index abe5fda0daf..32397c55f94 100644
--- a/src/controllers/krate/owners.rs
+++ b/src/controllers/krate/owners.rs
@@ -450,12 +450,18 @@ pub async fn create_or_update_github_team(
                 format!("Failed to decrypt GitHub token: {err}"),
             )
         })?;
-    let team = gh_client.team_by_name(org_name, team_name, &token).await
+    let team = gh_client
+        .team_by_name(org_name, team_name, &token)
+        .await
         .map_err(|_| {
             bad_request(format_args!(
                 "could not find the github team {org_name}/{team_name}. \
-                    Make sure that you have the right permissions in GitHub. \
-                    See https://doc.rust-lang.org/cargo/reference/publishing.html#github-permissions"
+                 This can happen if crates.io is blocked by the organization's \"Third-party \
+                 application access policy\": \
+                 https://github.com/organizations/{org_name}/settings/oauth_application_policy. \
+                 If the policy shows \"Access restricted\", temporarily disable it, add the team, \
+                 then re-enable. \
+                 See https://doc.rust-lang.org/cargo/reference/publishing.html#github-permissions"
             ))
         })?;