# Generate Chassy Tokens Chassy's GitHub actions require that you provide a Chassy token for authentication. This guide will get you up and running with the generation of Chassy tokens. {% embed url="" %} Video tutorial alternative {% endembed %} {% hint style="info" %} Only an Admin or Manager is allowed to generate Chassy Tokens {% endhint %} {% hint style="danger" %} These tokens are secret and the compromise of such tokens would allow malicious actors to execute your workflows or upload packages to the Chassy Index on your behalf. It is strongly recommended to take care to keep them safe using best practices. {% endhint %} ## How to generate Chassy Tokens This guide assumes you already have a Workspace. If you do not, please consult our guide instructing how to [create-a-workspace](https://docs.chassy.io/getting-started/create-a-workspace "mention"). First, navigate to the *Settings* tab in the Chassy Console. There, you will see your account settings.

The Generate Chassy Token section is below the Permissions section on the Settings tab.

To generate your token, just click the *Generate* button. Upon success, you'll see the censored token accompanied by a *Copy* button.

Use the Copy button on the right of the censored token.

Clicking the *Copy* button will copy the token to your clipboard for use elsewhere. ## Providing a token to your GitHub actions To protect your secret, it is recommended that you use GitHub Secrets (see [documentation](https://docs.github.com/en/actions/security-for-github-actions/security-guides/using-secrets-in-github-actions)) to store and reference your secret in Actions workflows. If you named your secret "CHASSY\_TOKEN", you can then define the `CHASSY_TOKEN` environment variable as follows: ```yaml env: CHASSY_TOKEN: ${{ secrets.CHASSY_TOKEN }} ```