When it comes to dealing with the API, personal access tokens work the same as OAuth tokens, and can easily be generated on GitHub.com.

Personal access tokens are useful when it's too cumbersome to provide a client/secret pair for a full application, such as when authenticating to GitHub from Git using HTTPS, or within a command line utility or script.

Every personal access token generated from the UI can have any kind of scope that you grant it. For more technical information on the process of using authorization tokens, see "Create a new authorization" in the GitHub API.

We recommend that you regularly review your authorized applications list and remove any applications that haven't been used in a while.

Creating a token

  1. In the top right corner of any page, click . Settings icon in the user bar

  2. In the user settings sidebar, click Personal access tokens. Personal access tokens

  3. Click Generate new token. Generate new token button

  4. Give your token a descriptive name. Token description field
  5. Select the scopes you wish to grant to this token. The default scopes allow you to interact with public and private repositories, user data, and gists. Selecting token scopes
  6. Click Generate token. Generate token button
  7. Copy the token to your clipboard. For security reasons, after you navigate off this page, no one will be able to see the token again. Newly created token

Remember to keep your tokens secret; treat them just like passwords! They act on your behalf when interacting with the API. Don't hardcode them into your programs. Instead, opt to use them as environment variables.

When you're done using your token, feel free to click Delete to get rid of it permanently.