GitHub Fine Grained Personal Access Token
Description
General
-
Documentation: https://docs.github.com/en/rest/overview/permissions-required-for-fine-grained-personal-access-tokens
-
Summary: GitHub Fine-Grained Personal Access Tokens are a more granular and secure alternative to classic Personal Access Tokens. These tokens allow users to define highly specific permissions for accessing repositories, organizations, or other resources.
-
IPs allowlist: No
-
Scopes: Fine-Grained Personal Access Tokens can have a wide variety of permissions, including read/write access to specific repositories, workflows, or packages. For a full list of available permissions, refer to the GitHub documentation.
Revoke the secret
Tokens can be revoked from the access tokens panel. Navigate to the "Fine-grained tokens" section and delete the token to revoke access.
Check for suspicious activity
There is no way to check the exact last API calls made with a token. However, GitHub provides security logs to review account activity and detect suspicious behavior.
Details for Github fine grained pat
-
Family: token
-
Category: version_control_platform
-
Company: GitHub
-
High recall: False
-
Validity check available: True
-
Analyzer available: False
-
On-premise instances exist: True
-
Only valid secrets raise an alert: False
-
Minimum number of matches: 1
-
Occurrences found for one million commits: 45.53
-
Prefixed: False
-
PreValidators:
- type: ContentWhitelistPreValidator
patterns:
- github_pat_
Examples
- text: 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
apikey: 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
# Fat-fingered secret
- text: g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
apikey: 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