GITHUB_TOKEN - CI/CD Glossary Definition
GITHUB_TOKEN is the short-lived access token GitHub Actions creates automatically for each workflow run, available as ${{ secrets.GITHUB_TOKEN }} and used to authenticate API calls back to the repository.
Lifetime and scope
The token is generated at the start of a run and revoked when the run finishes, so it never needs to be stored. Its permissions are controlled by the permissions: block and the repository default. It cannot trigger new workflow runs by default, which prevents recursive loops.
Related guides
Workflow Permissions - CI/CD Glossary DefinitionWorkflow Permissions: Workflow permissions are the access scopes granted to the automatic `GITHUB_TOKEN`, set…
OIDC Token - CI/CD Glossary DefinitionOIDC Token: An OIDC token is a short-lived OpenID Connect JWT that GitHub Actions can issue to a job, letting…
Encrypted Secret - CI/CD Glossary DefinitionEncrypted Secret: An encrypted secret is a sensitive value (token, key, password) stored encrypted by GitHub…