Our organization uses github service accounts, and those use personal access tokens for a variety of tasks. We have a requirement that all accounts have multifactor authentication (MFA/TOTP) enabled. We also have a requirement that all keys be rotated on a regular basis, and this includes personal access tokens.
Is there any way that a personal access token can either be created or regenerated via a personal access token without a password?
We can rotate the personal access token using the API using basic authentication, but currently we need both the password and the MFA TOTP which inhibits automation. An example bash script to rotate personal access token is here. ](https://gist.github.com/StevenACoffman/f0c084b428977430d2baacd0263c3563). )
Any ideas? Thanks!