You can now create your own personal API tokens for use in scripts and on the command line. Be careful, these tokens are like passwords so you should guard them carefully. The advantage to using a token over putting your password into a script is that a token can be revoked, and you can generate lots of them. Head on over to your settings to manage personal API tokens.
Wait! There are already some tokens in there!
Don’t panic. You’ve always been able to create arbitrary OAuth access tokens via the API. In fact, if you use tools like hub or boxen they already make use of the authorizations endpoint to generate tokens instead of storing your password.
