obtain-github-app-installation-access-token

You want to set up a CI workflow for your project that can access other repositories on GitHub. You don’t want to use your personal access token, because it gives access to all of your repositories. You want an access token that has fine-grained permissions, giving access to only the repositories you want to use. This tool helps you get that access token.

Set up a GitHub App

  1. Go to Your Developer settings page (or your organization’s page: Settings  Developer Settings  GitHub Apps)

  2. Click New GitHub App.

  3. Enter the name of your app.

  4. Enter a dummy URL for Callback URL.

  5. Uncheck Webhook  Active.

  6. Add the required permissions. These actions are recommended:

    • Contents  Read & write

    • Workflows  Read & write

  7. Select whether the GitHub App can be installed on your account only or any account.

  8. Note the App ID.

  9. Scroll down to the Private keys section, and click Generate a private key.

  10. In the navigation on the left, click Install App.

  11. Click Install.

  12. Select the repositories you want the app to be able to access, then click Install.

  13. Note the Installation ID in the URL.

Get a CI token

This CI token is a bundle of your App ID, Installation ID, and the private key. Make sure you have these information ready:

  • App ID

  • Installation ID

  • Private key file

To generate a CI token, follow these steps:

  1. Go to the CI token generator webpage.

  2. Fill in the App ID and the Installation ID fields.

  3. Drag the private key file into the GitHub App Private Key field.

  4. Copy the resulting GH_APP_CREDENTIALS_TOKEN.

Use it

The CI token generator will also generate a workflow snippet that you can use in GitHub Actions.