GitHub’s fine-grained personal access tokens allow precise control over repository access. Here’s a step-by-step guide to generate and manage a token for a specific repository:
1. Access Developer Settings
- Log in to your GitHub account.
- Click on your profile picture at the top right corner.
- Select “Settings.”
- From the left sidebar, scroll down and click on “Developer settings.”
2. Create a Fine-Grained Personal Access Token
- In the left sidebar, select “Fine-grained personal access tokens.”
- Click on “Generate new token.”
3. Configure Token with Write Permissions
- Token name: Assign a descriptive name, e.g., “Read/Write Access for [Repository Name].”
- Expiration: Set an expiration date for security purposes.
- Resource owner: Ensure it’s your personal account or the organization that owns the repository.
- Repository access: Choose “Only select repositories” and select your desired repository.
- Repository permissions: expand the Repository permissions. After that, in the drop down menu of Contents, select “Read and write” for editing capabilities.
- Review settings and click “Generate token.”
4. Save Token
Copy the token immediately after generation—it will only be visible once. Store it securely.
Push Changes Using Token
1. Use HTTPS with Token in URL
Use a URL formatted like this to clone the repository:
git clone https://YOUR_USERNAME:YOUR_TOKEN@github.com/YourUserName/YourRepo.git
If you’ve already cloned the repository, update the remote URL:
git remote set-url origin https://YOUR_USERNAME:YOUR_TOKEN@github.com/YourUserName/YourRepo.git
2. Commit and Push Changes
- Stage changes:
git add . - Commit changes:
git commit -m "Your commit message" - Push changes:
git push origin main
Important Security Considerations
- Never commit or share your token publicly.
- Use tokens with the minimum necessary permissions.
- Regularly review and revoke unused tokens.
- For additional security, consider using SSH keys.
Error Handling
If write permissions weren’t initially granted, you may encounter:
remote: Write access to repository not granted.
fatal: unable to access 'https://github.com/...': The requested URL returned error: 403
To resolve:
- Either create a new token with read/write permissions, or
- Edit an existing token’s permissions by following these steps:
- Navigate to “Developer settings.”
- Select “Fine-grained personal access tokens.”
- Locate and edit the token.
- Update permissions (e.g., change from “Read-only” to “Read and write”).
- Save changes.
🚀 Steps to Push Local Changes to GitHub Using Token
1️⃣ Stage your changes (if you haven’t already)
git add .
or select files:
git add path/to/file1 path/to/file2
2️⃣ Commit your changes
git commit -m "Your commit message"
3️⃣ Push to GitHub
If your remote is already set to HTTPS like:
https://github.com/username/repo.git
you can simply:
git push
👉 When prompted:
- Username: your GitHub username
- Password: paste your personal access token (PAT)
⚡ Tip: Update your remote URL to embed token (optional)
If you want to avoid entering the token every time (⚠ not recommended for shared computers):
git remote set-url origin https://<TOKEN>@github.com/username/repo.git
Then push:
git push
⚡ Tip: Use Git credential helper
Let Git remember your token:
git config --global credential.helper cache
# or for permanent storage (plain text, not secure for shared computers)
git config --global credential.helper store
Example full flow
git add .
git commit -m "Update feature XYZ"
git push
(enter username + token when prompted)
Conclusion
Fine-grained tokens provide enhanced control for managing repository access. Remember to prioritize security and minimize permissions to reduce risks.