GitHub hosts your git repositories — version history, branches, and (optionally) a public website via GitHub Pages. A personal access token (PAT) is a secret string you create in your GitHub account so programs (not just the website) can act as you: push commits, manage repos, or publish Pages — within the permissions (scopes) you attach to that token.
New to git, commits, or remotes? The Git & GitHub Academy track walks through version control and backups; this module stays focused on the PAT as a credential.
Tools like the Print Punch portfolio engine let you build HTML in the browser and push the result to a repo so it can go live (for example on Pages). The browser cannot “log in to GitHub” the way you do with a password in a tab — it needs an API credential. A PAT is the usual way: you create it once in GitHub’s settings, paste it into the tool, and the app sends it over HTTPS to GitHub’s API when you click push.
Important: That paste happens in your browser session. Coffee is not asking you to upload the PAT to “our cloud” for storage — treat it like any other secret: prefer storing long-lived tokens in Key Vault patterns and avoid committing them to git or screenshots.
GitHub’s web login is for humans. OAuth apps can delegate access without you pasting a token (great for “Sign in with GitHub”). A PAT is simpler for scripts and one-off tools: you choose expiration, scopes (repo, workflow, etc.), and you can revoke one token without changing your account password. If a PAT leaks, revoke it immediately and create a new one with the minimum scopes you need.
Open Print Punch, use the field labeled for your PAT when you’re ready to push, and keep this lesson open in another tab if you need a refresher.
Open Print Punch engine