> ## Documentation Index
> Fetch the complete documentation index at: https://specterops-bp-2641-crowdstrike-integration.mintlify.site/llms.txt
> Use this file to discover all available pages before exploring further.

# Configure a Personal Access Token

> Create a Fine-grained Personal Access Token for GitHub data collection.

<img noZoom src="https://mintcdn.com/specterops-bp-2641-crowdstrike-integration/_rZ1zFkP5xLBuV5I/assets/enterprise-AND-community-edition-pill-tag.svg?fit=max&auto=format&n=_rZ1zFkP5xLBuV5I&q=85&s=2b8e51d7e5a52c262dd70a93b9024f7e" alt="Applies to BloodHound Enterprise and CE" width="482" height="45" data-path="assets/enterprise-AND-community-edition-pill-tag.svg" />

This page covers creating a Fine-grained Personal Access Token (PAT) for GitHub. PATs have a rate limit of **5,000 API requests per hour**.

<Tip>For higher rate limits, see [Configure a GitHub App Installation](/openhound/collectors/github/configure-app).</Tip>

## Create a Fine-grained Personal Access Token

<Steps>
  <Step title="Navigate to Personal Access Tokens">
    Navigate to your GitHub **Profile** > **Settings**.

    <Frame>
      <img src="https://mintcdn.com/specterops-bp-2641-crowdstrike-integration/TDhbZnCmXQTvvZ88/images/extensions/github/pat/1_proile_settings.png?fit=max&auto=format&n=TDhbZnCmXQTvvZ88&q=85&s=cae68370466304d54456828c79395aac" alt="GitHub profile settings menu" width="344" height="751" data-path="images/extensions/github/pat/1_proile_settings.png" />
    </Frame>
  </Step>

  <Step title="Open Developer Settings">
    Go to **Developer settings** (bottom left).

    <Frame>
      <img src="https://mintcdn.com/specterops-bp-2641-crowdstrike-integration/TDhbZnCmXQTvvZ88/images/extensions/github/pat/2_developer_settings.png?fit=max&auto=format&n=TDhbZnCmXQTvvZ88&q=85&s=a7922f07275287f4c43cba96301743fa" alt="Developer settings in GitHub profile" width="1300" height="1163" data-path="images/extensions/github/pat/2_developer_settings.png" />
    </Frame>
  </Step>

  <Step title="Go to Fine-grained Tokens">
    Navigate to **Personal access tokens** > **Fine-grained tokens**.

    <Frame>
      <img src="https://mintcdn.com/specterops-bp-2641-crowdstrike-integration/TDhbZnCmXQTvvZ88/images/extensions/github/pat/3_fine-grained_tokens.png?fit=max&auto=format&n=TDhbZnCmXQTvvZ88&q=85&s=67bdcd2b71d69acd0b9365c0abe9c3f6" alt="Fine-grained tokens in Developer settings" width="1135" height="196" data-path="images/extensions/github/pat/3_fine-grained_tokens.png" />
    </Frame>
  </Step>

  <Step title="Generate a new token">
    Click **Generate new token**.

    <Frame>
      <img src="https://mintcdn.com/specterops-bp-2641-crowdstrike-integration/TDhbZnCmXQTvvZ88/images/extensions/github/pat/4_generate_token.png?fit=max&auto=format&n=TDhbZnCmXQTvvZ88&q=85&s=4a073b94e8f9dca50047e91954909392" alt="Generate new fine-grained token page" width="1135" height="278" data-path="images/extensions/github/pat/4_generate_token.png" />
    </Frame>
  </Step>

  <Step title="Set resource owner">
    Set the **Resource owner** to your target organization.
  </Step>

  <Step title="Configure the access scope">
    Under **Repository access**, select **All repositories**.

    <Frame>
      <img src="https://mintcdn.com/specterops-bp-2641-crowdstrike-integration/TDhbZnCmXQTvvZ88/images/extensions/github/pat/5_all_repositories.png?fit=max&auto=format&n=TDhbZnCmXQTvvZ88&q=85&s=fe4b64baa36072b36bcb9a5c66c5d3da" alt="Select All repositories for token access" width="1135" height="763" data-path="images/extensions/github/pat/5_all_repositories.png" />
    </Frame>
  </Step>

  <Step title="Configure the repository and org permissions">
    Set the following permissions to **Read-only**:

    <Expandable title="required permissions">
      **Repository permissions**

      * Actions
      * Administration
      * Contents
      * Environments
      * Metadata
      * Secret scanning alerts
      * Secrets
      * Variables

      **Organization permissions**

      * Administration
      * Custom organization roles
      * Custom repository roles
      * Members
      * Personal access tokens
      * Personal access token requests
      * Secrets
      * Self-hosted runners
      * Variables
    </Expandable>
  </Step>

  <Step title="Generate the token">
    <Warning>You must save the token value (preferably in a password manager) at this point. You will not be able to recover it later.</Warning>

    Click **Generate token** and copy the token value.

    <Frame>
      <img src="https://mintcdn.com/specterops-bp-2641-crowdstrike-integration/TDhbZnCmXQTvvZ88/images/extensions/github/pat/7_save_pat.png?fit=max&auto=format&n=TDhbZnCmXQTvvZ88&q=85&s=d6d1e122d5299c6f0d2431545a6f980f" alt="Copy the generated token" width="803" height="243" data-path="images/extensions/github/pat/7_save_pat.png" />
    </Frame>
  </Step>
</Steps>

<Tip>For organizations with SAML SSO enabled, you must [authorize the PAT for SSO access](https://docs.github.com/en/enterprise-cloud@latest/authentication/authenticating-with-saml-single-sign-on/authorizing-a-personal-access-token-for-use-with-saml-single-sign-on) after creating it.</Tip>

## Next Steps

After creating a token, proceed to [configure the collector](/openhound/collectors/github/collect-data) to start collection.
