GitHub Personal Access Tokens

These expire annually.

We use a couple for testing and automated access.

Creation

To create a new token, open the GitHub page.

Click on your profile in the upper right.

Scroll down and click Settings.

Scroll down to the bottom of the left-hand menu, and click on Developer Settings.

Expand the Personal Access Tokens node, and select Fine-Grained Tokens.

It will list any tokens you currently have and their expiry.

To make a new one, click Generate New Token.

Give it a meaningful token name.
Ideally, this will be a multi-term token, such as:

For example, the user's pat may be:

LeeWhite187-UserAccess-20260426

User Access Token Specifics

~~The~~We ~~current~~have ~~token~~two ~~name~~active ~~is:~~tokens.

LeeWhite187-UserAccess-20260426

LeeWhite187-TestAccess-20260426

LeeWhite187-UserAccess-20260426

This is a Fine-Grained token.

Named: LeeWhite187-UserAccess-20260426

Expiry, set to one year from creation.

Repository Access, set to All Repositories.

Here are added permissions:

Commit Statuses - Access: Read Only
Contents - Access: Read Only
Environments - Access: Read Only
Issues - Access: Read Only
Metadata - Access: Read Only (Grayed Out)
Commit Statuses - Access: Read Only
Pull Requests - Access: Read Only

LeeWhite187-TestAccess-20260426

This is a classic Personal Access Token.

It was created to get around the access limitation of the fine-grained token.
Specifically, the classic PAT inherently has access across all orgs.
Whereas, the fine-grained PAT needs to be granted access to each one.
So, we wanted the classic token, so we don't have to edit token permissions, just to make testing work.

Named: LeeWhite187-TestAccess-20260426

Expiry, set to one year from creation.

It has access for:

Repo:status

public_repo

read:org

read:user

read:email

read:enterprise

read:audit_log