Help
cancel
Showing results for 
Search instead for 
Did you mean: 
Ground Controller Lvl 1
Message 1 of 2

Rotate Personal Access Tokens

Solved! Go to Solution.

Our organization uses github service accounts, and those use personal access tokens for a variety of tasks. We have a requirement that all accounts have multifactor authentication (MFA/TOTP) enabled. We also have a requirement that all keys be rotated on a regular basis, and this includes personal access tokens.

 

Is there any way that a personal access token can either be created or regenerated via a personal access token without a password?

 

We can rotate the personal access token using the API using basic authentication, but currently we need both the password and the MFA TOTP which inhibits automation. An example [bash script to rotate personal access token is here](https://gist.github.com/StevenACoffman/f0c084b428977430d2baacd0263c3563). 
Any ideas? Thanks!

1 Reply
Solution
Community Manager
Message 2 of 2

Re: Rotate Personal Access Tokens

As far as I know, there is no way to generate new personal access tokens using only a personal access token. I have some Ruby code that I use to create a new personal access token inside scripts that handles 2FA. So the rotation step could be automated, but the TOTP code would still have to be supplied manually via a script, tool, or webpage at the time of rotation.

 

I hope that helps!