Skip to content
Latchkey

act "GITHUB_TOKEN not set" running Actions locally

On GitHub, each job receives an automatic GITHUB_TOKEN. act does not generate one, so any step that calls the GitHub API sees an empty or missing token and fails with a 401 or "not set" error. You provide the token yourself.

What this error means

A step using the GitHub API fails with "Bad credentials", "401 Unauthorized", or a message that GITHUB_TOKEN / secrets.GITHUB_TOKEN is empty under act.

act
Error: HttpError: Bad credentials
Error: Unhandled error: HttpError: Bad credentials (401)

Common causes

act does not auto-provision GITHUB_TOKEN

The automatic token is a GitHub-hosted feature; locally the secret is empty unless you pass it in.

The step calls the GitHub API

Actions like create-release or the gh CLI need a real token, which is absent by default under act.

How to fix it

Pass a token with -s

Supply a personal access token (a gh token works) as the GITHUB_TOKEN secret.

Terminal
act -s GITHUB_TOKEN="$(gh auth token)" -j release

Load it from a .secrets file

Keep the token in a gitignored .secrets file that act reads automatically.

.secrets
GITHUB_TOKEN=ghp_your_token_here

How to prevent it

  • Provide GITHUB_TOKEN whenever a step touches the GitHub API.
  • Store it in a gitignored .secrets file for repeatable local runs.
  • Grant the token only the scopes the workflow actually needs.

Related guides

Tired of flaky CI? Latchkey auto-heals failed jobs and retries them for you. Start free →