+1 for this as a feature request.

I assumed this was possible, but couldn't figure out how to do it, and ended up here after googling and now learning that it's not possible.

Not being able to differentiate read-only vs. read/write access when selectively sharing something private seems to me to be somewhat of a departure from the common practice of other web services.

+1 to read only access rights for a private repo

+1. Useful feature for sharing in interviews and with potential collaborators.

Maybe the description of a private repo needs to be changed? I'm a workshop presenter with proprietary material I need to let people clone, but not commit. A private repo looked ideal when I read:

"Private
You choose who can see and commit to this repository."

That gives the impression I can let someone see it, but not commit to it... which is what I need.

Add me to the list of people wanting read only access to private repo's. Right now you have to give read and write for access tokens.

+1 for making a private repo read only using only shared url

+1 Definitely need better security. I believe bitbucket has this capability.

Another +1 for read-only.

+2 (me and partner) for read-only feature for private repos