Only classic PATs are accepted as authentication

[NotAwar]

🚨 Please Read Before Posting 🚨

You are currently in a PUBLIC REPOSITORY.

No Internal Information: Do not share links to internal Zendesk tickets, repositories, team names, or any internal
details.

Confidentiality Matters: Remember that this repository is visible to the public. Avoid posting anything that should
remain confidential or private.

Description

Tried with making an app and using it to authenticate via app token in GitHub, tried using fine grained, and basically any other alternative I could find. When using Classic PATs I can authenticate. However when using any other authentication method I cant seem to make ADO2GH work.

[molson504x]

The classic PAT requirement is in the documentation - https://docs.github.com/en/enterprise-cloud@latest/migrations/using-github-enterprise-importer/migrating-from-azure-devops-to-github-enterprise-cloud/managing-access-for-a-migration-from-azure-devops#creating-a-personal-access-token-for-github

I suspect this is due to Fine-Grained PATs (and apps) not having support built in for all permissions yet (for example Packages also requires using Classic PATs still too).

[NotAwar]

@molson504x you're probably right! Fine grained tokens seem to be quite limited. After working a bit more with GitHub Apps I do believe it is possible to make it work with an app, though you'd have to be quite creative to make it viable.

[AakashSuresh2003]

I hope this would help you.
Verify that you have a sufficient role for the task you want to complete. For more information, see Required roles.

Create a personal access token (classic), making sure to grant all the scopes required for the task you want to complete. You can only use a personal access token (classic), not a fine-grained personal access token. For more information, Managing your personal access tokens and Required scopes for personal access token.

[NotAwar]

@AakashSuresh2003 Thank you,

As I mentioned in my description, I am able to do this with PAT, however for the purposes of creating a dispatch workflow which can do this centrally I need to be able to do this with either an app or fine-grained PAT (as it can be set on the org itself). Thank you for participating anyway.

[AakashSuresh2003]

Hi @NotAwar,

I understand that you're looking for a more centralized approach using an app or fine-grained PAT instead of the classic PAT. However, as you've already observed, the current implementation of GitHub's authentication doesn't support workflows (like the dispatch workflow you're trying to set up) with fine-grained PATs or app tokens as effectively as with the classic PAT.

Unfortunately, as of now, fine-grained PATs do not fully support workflows or certain actions that a classic PAT would, especially when it comes to centralizing tasks across the organization via a dispatch workflow. The fine-grained PAT is more limited in its scope and doesn’t allow the same level of granular access to workflows or actions like the classic PAT does.

For the kind of workflow you're trying to set up, you might need to continue using the classic PAT, as it’s the only method that fully supports this use case. You may also want to check if there are any updates or changes to the GitHub API or permission management system that could eventually allow fine-grained PATs or apps to handle workflows more effectively.