Organization owners can set a policy to restrict the access of personal access tokens (classic) to their organization.
GitHub recommends that you use fine-grained personal access tokens instead of personal access tokens (classic) whenever possible.īoth fine-grained personal access tokens and personal access tokens (classic) are tied to the user who generated them and will become inactive if the user loses access to the resource. GitHub currently supports two types of personal access tokens: fine-grained personal access tokens and personal access tokens (classic). For more information, see ' About creating GitHub Apps.' Types of personal access tokens To access resources on behalf of an organization, or for long-lived integrations, you should use a GitHub App. Personal access tokens are intended to access GitHub resources on behalf of yourself. Personal access tokens are an alternative to using passwords for authentication to GitHub when using the GitHub API or the command line. For more information, see ' Keeping your personal access tokens secure.' About personal access tokens Warning: Treat your access tokens like passwords.