Home > Blockchain >  Can I create a github access token for another user?
Can I create a github access token for another user?

Time:03-28

I am trying to understand the use cases for access tokens on github. I know they have replaced passwords for one thing.

However, I would like to know if I can create access tokens to give to other developers so they can work on my repository.

And if so, how can they use the token to do a git push repo branch.

CodePudding user response:

if you scroll down to the bottom of your link, you can see that there are a myriad of ways to set permissions

That might be the part:

Select the scopes, or permissions, you'd like to grant this token. To use your token to access repositories from the command line, select repo.

https://docs.github.com/assets/cb-43299/images/help/settings/token_scopes.gif

for what appears to be other users that will use the token.

As far as I know, a PAT remains personal. For your usage only.

CodePudding user response:

No, you can't create tokens for other users. You can only create tokens for yourself, and if you give one of those tokens to another user, they will be acting as you, which is insecure.

However, if you grant other users some sort of access to your repository, then they can create their own tokens, and those tokens will have access to your repository. A token for a user which has repo scope has access to all the repositories that that user has access to, whoever owns them.

It is the case that you can create multiple tokens which different sets of permissions. For example, I have tokens which I use to access Git repositories on my home and work machines, plus one for a VM I use. If I had a personal CI job that needed to upload things like release assets, I could create one for that CI job as well. The goal is to allow you to limit the usage of a single token to a single environment and single purpose, so that if it's compromised, you can revoke and replace just that one token, without impacting anything else.

  • Related