Personal Access Token
Create a PAT for Octocopy
PATs are ideal for quick trials or when you cannot install the full Octocopy GitHub App. Follow these steps to generate a least-privilege token that still lets Octocopy orchestrate copy jobs.
- 1
Visit github.com/settings/personal-access-tokens and choose “Fine-grained” token.
- 2
Give the token a recognizable name such as “Octocopy (laptop)” and set an expiration (30 days keeps risks low).
- 3
Scope the token to the organization or repositories Octocopy should copy from. Select “Repository access → Only selected repositories” whenever possible.
- 4
When you reach “Repository permissions”, enable only the options listed below so the PAT stays least-privilege.
- 5
Create the token and copy it once. Store it in your secret manager and paste it into the Octocopy client when prompted.
Permissions required
Octocopy needs read access so it can inspect repositories and summarize copy work. Keep everything else disabled.
- ContentsRead only
- Pull requestsRead only
Security notes
- Rotate tokens as part of your onboarding/offboarding checklist.
- Store the PAT in 1Password, Secrets Manager, or another encrypted vault.
- Prefer the Octocopy GitHub App for automation; tokens are best for single operators.