How do I determine which scopes are attached to a GitHub token?
A customer asked: > How can I determine which scopes are attached to a given GitHub Personal Access Token (PAT)? --- <ins datetime="2023-01-23T21:17:25Z"> <p><a href="https://support.gruntwork.io/hc/requests/109823">Tracked in ticket #109823</a></p> </ins>
You can use the following command to make a call to GitHub's API, supplying the GitHub personal access token (PAT) in question and requesting that curl only return the response headers: `curl -H "Authorization: Bearer $GH_TOKEN" https://api.github.com/user -Is | grep x-oauth-scopes` GitHub's API returns the scopes attached to a given token in the `x-oauth-scopes` response header, like so: `x-oauth-scopes: repo:invite, repo:status` The above response indicates the token set in `$GH_TOKEN` only had the `repo:invite and repo:status` permissions attached to it. If, instead ALL repo permissions had been attached, you'd find this header response from GitHub: `x-oauth-scopes: repo` - which indicates that ALL permissions under the `repo` section have been applied to the token. 