📝 Edit page
➕ Add page
GitHub Token
A guide to using the secure auto-generated
GITHUB_TOKENtoken in workflows
About
- Generated automatically - GitHub creates this for you on an action run.
- You can use it in actions only - not for API requests.
- Read it in an action:
${{ secrets.GITHUB_TOKEN }} - Docs
- Authenticating with the GitHub Token
-
GitHub automatically creates a
GITHUB_TOKENsecret to use in your workflow. You can use the GITHUB_TOKEN to authenticate in a workflow run. - Includes use in REST API request (such as for Jekyll build), which not straightforward to set up from what I read before.
- See the Permissions section.
-
- Authenticating with the GitHub Token
Set access
By default, the token as read and write access but you can restrict this to read-only.
Go to the Settings section of your repo and then Actions.
Select one of:
- Read and write permissions
- Read repository contents permission
Use in workflow
The token will be available on each workflow run.
Use env to set as environment variable.
e.g.
steps:
# ...
- name: Deploy
run: # ...
env:
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
Or with to set as an argument to an Action.
e.g.
steps:
# ...
- name: Deploy to GitHub Pages 🚀
uses: peaceiris/actions-gh-pages@v3
with:
github_token: ${{ secrets.GITHUB_TOKEN }}
publish_dir: public