GitHub: Generate Access Token

The following appendix provides detailed instructions on how to register apps on GitHub and generate access tokens.

GitHub: App Registration

The section provides information on how to register an app on the GitHub platform. To register an app:

1. Go to the GitHub Website: https://github.com/

2. Sign in to your GitHub account.

3. The user should create the Organization before registering the app.

4. For a GitHub App owned by an organization, in the upper-right corner of any page, click your profile photo, then click Your Organizations. Then, to the right of the organization, click Settings.

5. In the left sidebar, click Developer settings.

6. In the left sidebar, click GitHub Apps.

7. Click New GitHub App.
8. Under GitHub App name, enter a name for your app. You should choose a clear and short name.
9. Optionally, under "Description", type a description of your app. Users and organizations will see this description when they install your app.
10. Under Homepage URL, type the full URL to your app's website. e.g (Homepage URL: https://github.com/myapp)

11. Optionally, under Callback URL, enter the full URL to redirect to after a user authorizes the installation. e.g. (Homepage URL: https://example.com).
12. Optionally, to prevent user access tokens from expiring, deselect Expire user authorization tokens.

13. Optionally, to prompt users to authorize your app when they install it, select Request user authorization (OAuth) during installation. If a user authorizes your app, your app can generate a user access token to make API requests on the user's behalf and attribute app activity to the user.

14. Optionally, if you want to use device flow to generate a user access token, select checkbox Enable Device Flow.

15. Optionally, under Setup URL, enter the URL to redirect users after they install your app.
16. Optionally, if you want to redirect users to the setup URL after they update an installation, select Redirect on update.
17. Optionally, if you do not want your app to receive webhook events, deselect Active.

18. If you selected Active in the previous step, under "Webhook URL", enter the URL that GitHub should send webhook events to.
19. Optionally, if you selected Active in the previous step, under "Webhook secret", enter a secret token to secure your webhooks.
20. Under Permissions, choose the permissions that your app needs. For each permission, select the dropdown menu and click Read-only, Read & write, or No access. You should select the minimum permissions necessary for your app.

21. If you selected Active in the earlier step to indicate that your app should receive webhook events, under "Subscribe to events", select the webhook events that you want your app to receive. The permissions that you selected in the previous step determine what webhook events are available.
22. Under Where can this GitHub App be installed? select Only on this account or any account.

23. Click Create GitHub App.

24. After creating the GitHub App, click Install App and then click on the Install. This will redirect you to the browser, where you need to click on the "Install" button again.

25. After Creating the GitHub App click Optional features on left panel.

26. Next to the optional feature click Opt-out to enable your app.

Generate an Access Token

The following section explains how to generate an access token for GitHub on Postman. To generate an access token:

1. Run the following link in the browser, add client_id, and client_secret and allow the app to generate an authorization code. The information page appears. See the following image.

tip

You will get the client ID and client secret code after successfully registering app on GitHub. Log in to GitHub → General→About.

Link: https://github.com/login/oauth/authorize?client_id=<client_id>&client_secret=<client_secret>&grant_type=authorization_code&redirect_uri=https://example.com&scope=repo,user

2. Copy highlighted authorization code from address bar of browser.

   tip

   The authorization code is valid for a short period of time.

   After you have received the code value, you can redeem this code for a set of tokens that allows you to authenticate with the GitHub API.

3. To redeem the code, make the following request in postman. See the following details: POST https://github.com/login/oauth/access_token Headers: Content-Type: application/x-www-form-urlencoded Body: x-www-form-urlencoded (key value pair) client_id={client_id} client_secret={client_secret} grant_type=authorization_code code={code} redirect_uri={redirect_uri} Example: Postman Request: [Image of Postman Request - placeholder, as I cannot generate images] Postman Response: [Image of Postman Response - placeholder, as I cannot generate images]