When it comes to dealing with the API, personal access tokens work the same as OAuth tokens, and can easily be generated on GitHub.com.
Personal access tokens are useful when it's too cumbersome to provide a client/secret pair for a full application, such as when authenticating to GitHub from Git using HTTPS, or within a command line utility or script.
Every personal access token generated from the UI can have any kind of scope that you grant it. For more technical information on the process of using authorization tokens, see "Create a new authorization" in the GitHub API.
Tip: We recommend that you regularly review your authorized applications list. Remove any applications and tokens that haven't been used in a while.
Creating a token
In the top right corner of any page, click .
In the user settings sidebar, click Applications.
Click Generate new token.
- Give your token a descriptive name.
- Select the scopes you wish to grant to this token. The default scopes allow you to interact with public and private repositories, user data, and gists.
- Click Generate token.
- Copy the token to your clipboard. For security reasons, after you navigate off this page, no one will be able to see the token again.
Remember to keep your tokens secret; treat them just like passwords! They act on your behalf when interacting with the API. Don't hardcode them into your programs. Instead, opt to use them as environment variables.
When you're done using your token, feel free to click Delete to get rid of it permanently.