About

  • Generated automatically - GitHub creates this for you on an action run.
  • You can use it in actions only - not for API requests.
  • Read it in an action:
       ${{ secrets.GITHUB_TOKEN }}
    
  • Docs
    • Authenticating with the GitHub Token
      • GitHub automatically creates a GITHUB_TOKEN secret to use in your workflow. You can use the GITHUB_TOKEN to authenticate in a workflow run.

      • Includes use in REST API request (such as for Jekyll build), which not straightforward to set up from what I read before.
      • See the Permissions section.

Set access

By default, the token as read and write access but you can restrict this to read-only.

Go to the Settings section of your repo and then Actions.

Select one of:

  • Read and write permissions
  • Read repository contents permission

Use in workflow

The token will be available on each workflow run.

Use env to set as environment variable.

e.g.

steps:
  # ...

  - name: Deploy
    run: # ...
    env:
      GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}

Or with to set as an argument to an Action.

e.g.

steps:
  # ...

  - name: Deploy to GitHub Pages 🚀
    uses: peaceiris/actions-gh-pages@v3
    with:
      github_token: ${{ secrets.GITHUB_TOKEN }}
      publish_dir: public