BlameTrail
IntegrationsGitHub

GitHub Token Setup

Configure a GitHub personal access token to enable commit enrichment, PR metadata, and changed file tracking for your services.

A GitHub personal access token allows BlameTrail to fetch commit metadata, pull request details, and changed files for your deploys. This data powers commit enrichment, suspect scoring context, AI-generated incident summaries, and fix proposal PR creation.

Creating a token

  1. Go to GitHub Settings > Developer settings > Personal access tokens.
  2. Click Generate new token (classic).
  3. Give it a descriptive name (e.g., BlameTrail - Acme Corp).
  4. Select the required scope:
Repository visibilityRequired scope
Private repositoriesrepo
Public repositories onlypublic_repo
  1. Set an expiration. If your token expires, enrichment will stop working until you replace it.
  2. Click Generate token and copy it immediately. GitHub only shows the token once.

Adding the token to BlameTrail

Organization-wide token

An organization-wide token applies to all services in your organization:

  1. Navigate to Organization > Settings.
  2. In the GitHub section, paste your personal access token.
  3. Click Save.

All services linked to a GitHub repository will use this token for enrichment.

Per-service token

You can override the organization-wide token for individual services:

  1. Open the service you want to configure.
  2. In the service settings, add a GitHub token in the repository section.
  3. Click Save.

This token takes priority over the organization-wide token for that specific service.

Security

  • Tokens are encrypted at rest. They are never stored in plaintext.
  • The API never returns a saved token. You can replace or delete a token, but you cannot retrieve it.
  • Tokens are only used server-side for GitHub API calls. They are never sent to the browser.

What the token enables

Once a token is configured and a service is linked to a repository (in owner/repo format), BlameTrail automatically enriches deploys with:

  • Full commit messages for all commits in a deploy
  • Linked pull request titles, numbers, and authors
  • Changed files ranked by relevance

This enrichment data appears on deploy detail pages, in suspect scoring results, and in AI-generated incident summaries.

When fix proposals are enabled (Starter/Pro plans), the same token is used to create branches, commit fixes, and open pull requests on your repository.

Updating or revoking a token

To update a token, paste a new token in the same location (organization settings or service settings) and save. The old token is replaced immediately.

If you revoke a token on GitHub, BlameTrail will log authentication failures when attempting enrichment. Deploys will still be recorded, but without enrichment data. Replace the token in BlameTrail to restore enrichment.

Troubleshooting

ProblemCauseSolution
No enrichment data on deploysToken not configured or service not linked to a repositoryVerify both the token and the repository field are set
401 errors in logsToken revoked or expired on GitHubGenerate a new token and update it in BlameTrail
404 on private reposToken has public_repo scope but not repoRegenerate with the repo scope
Enrichment works for some services but not othersPer-service token override missing for certain reposAdd a per-service token or ensure the org-wide token has access to all relevant repos

Suspect Scoring

How BlameTrail ranks recent deploys by likelihood of causing an incident using temporal proximity and enriched commit context.

Push Webhooks

Automatically ingest commits from GitHub push events and optionally trigger AI-powered commit analysis on every push.

On this page

Creating a tokenAdding the token to BlameTrailOrganization-wide tokenPer-service tokenSecurityWhat the token enablesUpdating or revoking a tokenTroubleshooting