This guide explains how to create and use a fine-grained GitHub Personal Access Token (PAT) for the BYOT flow in @knighted/develop.
BYOT controls are available by default. The token is used to:
- authenticate GitHub API requests
- load repositories where you have write access
- let you choose which repository to work with
- use PR context features (Open PR / Push Commit flows)
The same token is also used for GitHub Models requests in AI chat flows.
- Your token is stored only in your browser
localStorage. - The token is never sent to any service except the GitHub endpoints required by the feature.
- You can remove it at any time using the delete button in the BYOT controls.
Create a fine-grained PAT in GitHub settings and grant the permissions below.
- Repository permissions screenshot: docs/media/byot-repo-perms.png
- Models permission screenshot: docs/media/byot-model-perms.png
- Contents: Read and write
- Pull requests: Read and write
- Metadata: Read-only (required)
- Models: Read-only
Use either of these scopes depending on your needs:
- Only select repositories
- All repositories
@knighted/develop will only show repositories where your token has write access.
- Create token with the permissions above.
- Open
@knighted/develop. - Paste token into the BYOT input and click add.
- Verify repository list loads.
- Select your target repository.
- Use AI chat as needed after connecting your token.
The screenshots above show the recommended repository and account permission settings.