{{ message }}
GitHub Community
REST API: expose org-level classic PAT policy setting (disable classic personal access tokens) #199801
Unanswered
corinnakollegger
asked this question in
Apps, API and Webhooks
REST API: expose org-level classic PAT policy setting (disable classic personal access tokens)
#199801
Replies: 1 comment
-
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
-
🏷️ Discussion Type
Product Feedback
💬 Feature/Topic Area
API
Body
What problem does this solve?
GitHub allows organization admins to disable classic personal access tokens
org-wide via the UI (Settings → Personal access tokens → "Allow access via
personal access tokens (classic)"). However, this setting is not exposed via
the public REST API - it is absent from
PATCH /orgs/{org}.This makes it impossible to manage this security-critical setting as code.
Organizations that manage GitHub configuration programmatically (via Terraform,
Kubernetes operators, or CI workflows) cannot enforce or drift-correct this toggle.
Current workaround
None. The setting must be applied manually through the GitHub UI by an org admin.
Proposed solution
Add a field to
PATCH /orgs/{org}, for example:members_can_create_classic_personal_access_tokens: falseThis follows the same pattern as existing fields like
members_can_create_public_repositories.Related discussions
Beta Was this translation helpful? Give feedback.
All reactions