> ## Documentation Index
> Fetch the complete documentation index at: https://bloodhound.specterops.io/llms.txt
> Use this file to discover all available pages before exploring further.

# GH_ValidToken

> Secret scanning alert contains a valid, active token belonging to this user

<img noZoom src="https://mintcdn.com/specterops/tTIczgde9H07oLXf/assets/enterprise-AND-community-edition-pill-tag.svg?fit=max&auto=format&n=tTIczgde9H07oLXf&q=85&s=ad49a576589f4d2a8081df77d07fdf56" alt="Applies to BloodHound Enterprise and CE" width="482" height="45" data-path="assets/enterprise-AND-community-edition-pill-tag.svg" />

## Edge Schema

* Source: [GH\_SecretScanningAlert](/opengraph/extensions/github/nodes/gh_secretscanningalert)
* Destination: [GH\_User](/opengraph/extensions/github/nodes/gh_user)
* Traversable: ✅

## General Information

The traversable GH\_ValidToken edge represents a secret scanning alert that contains a valid, active GitHub Personal Access Token belonging to a specific user. This edge is only emitted when the alert's state is `open`, the secret type is `github_personal_access_token`, and the token is confirmed valid by calling the GitHub API. This edge is traversable because possessing the leaked token grants the ability to act as the token's owner, effectively compromising that user's identity and all permissions granted to the token.

```mermaid theme={null}
graph LR
    node1("GH_SecretScanningAlert #42")
    node2("GH_User jdoe")
    node1 -- GH_ValidToken --> node2
```