Skip to main content

Overview

This guide explains how to generate a fine-grained personal access token in GitHub for securely integrating your repository with DeepTraQ or other external systems. Fine-grained tokens provide repository-level permissions, allowing you to grant access only to specific repositories instead of your entire GitHub account.

Using fine-grained tokens improves security by enabling:

  • Scoped access to selected repositories
  • Controlled permission levels
  • Configurable expiration dates
  • Safer integrations with third-party platforms

Follow the steps below to generate a secure token for your integration.

Supported Platforms

  • GitHub repositories

Prerequisites

  • A GitHub account with access to the target repository
  • Repository access permissions for the project you want to integrate
  • Access to GitHub account settings

Steps

  1. Sign in to your GitHub account.

  2. Open your profile menu and navigate to Settings.

  3. In the left sidebar, go to Developer Settings.

  4. Select Personal Access Tokens.

  5. Choose Fine-grained tokens.

  6. Click Generate new token to begin creating a new token.

  7. Provide a token name so it can be easily identified later.

  8. Set an expiration date for the token.
    Shorter expiration periods are recommended for improved security.

  9. Under Repository Access, choose Only select repositories.

  10. Select the specific repository you want the token to access.

  11. Configure the required permissions for the integration.

  12. Click Generate token.

  13. Copy the generated token immediately and store it securely.
    GitHub displays the token only once for security reasons.

Field Reference

FieldDescriptionExample
Token NameA descriptive name to identify the token in GitHubDeepTraQ Integration Token
Expiration DateDefines how long the token remains valid30 days
Repository AccessSpecifies whether the token can access all repositories or only selected onesOnly selected repositories
Repository SelectionThe specific repository the integration can accessdeeptraq-security-scanner
PermissionsDefines what actions the integration can performRead access to repository metadata
  • Connecting GitHub Repositories
  • Creating a Code Scan
  • Managing Integrations