🔥 3-day streak
GitHub Enterprise Administrator (GH-100)58 / 79
Question 58 of 79
An enterprise security team wants to ensure that when developers create tokens to access organization repositories via the API, each token is scoped to only the specific repositories the developer needs, requires organization owner approval before gaining access, and can be given a mandatory maximum lifetime. Some developers currently use classic personal access tokens that automatically gain access to all organizations they belong to. Which action best meets these requirements?
Reviewed for accuracy · Report an issueNext question