Getting a Token for GitHub Oauth Apps

Normally for PAT tokens you're rate limited to 5000 api requests per hour(ish).

To get more requests, the usual option is to use a Github App. This is the best option as it's more secure and the tokens rotate.

If you can't use that or are limited to a PAT you can use a GitHub Oauth App, they have a higher, 15'000 rate limit.

Create an Oauth App

In your GitHub Organisation, go to Settings → Developer settings → OAuth Apps → New OAuth App

Set the callback url to something that doesn't exist - this is important. Usually something on localhost is fine.

If you haven't created had the application owned by an organisation you'll need to allow it in your Org settings. It's best to have the app owned by the org, however.

Note the Client ID and Client Secret, you'll need these in the next step.

Get an Auth Token

Open the following URL in a browser (replace YOUR_CLIENT_ID with your actual Client ID) - change the scopes in this url to match the scopes you want.

You can see a list of scopes here: https://docs.github.com/en/apps/oauth-apps/building-oauth-apps/scopes-for-oauth-apps

https://github.com/login/oauth/authorize?client_id=YOUR_CLIENT_ID&scope=repo:status,public_repo,repo:invite,read:org,user:email,read:user,workflow

Authorise the app when prompted. You will need to have Owner permissions for this. GitHub will redirect to your callback URL with a code parameter in the URL (e.g., https://localhost/callback?code=XXXXXXXX ). Copy that code value

Exchange the code for an access token

Make a POST request to the following URL (replace YOUR_CLIENT_ID and YOUR_CLIENT_SECRET with your actual Client ID and Client Secret) - you can use curl or Postman for this.

curl -X POST https://github.com/login/oauth/access_token  \
  -H "Accept: application/json" \
  -d "client_id=YOUR_CLIENT_ID" \
  -d "client_secret=YOUR_CLIENT_SECRET" \
  -d "code=AUTH_CODE_FROM_PREVIOUS_STEP"

You'll get a reposnse with a token you can use.