GitHub has introduced personal access tokens (PATs) with the ability to customize access rights to all or strictly defined repositories.
This innovation should increase the data security of developers and organizations using PATs and reduce the risks in the case of stolen credentials.
Classisic - gives access to all repositories and organizations to which the user can gain access. Token lifespans are also unlimited.
PATs - they give access to a strictly specified list of organization APIs, repositories, read-only access and some others. There are a total of 50 parameters in the access filter. Each permission can be granted on a "no access", "read" or "read and edit" basis.
The validity period of personal PATs can also be adjusted. In addition, the owner of an organization can prohibit the use of old token variants for access to repositories and APIs altogether, if desired.