I have my hub setup to authenticate via GitHub OAuth. This works fine from the UI. My question is whether I can use an already issued GitHub OAuth to make REST API calls or do I need to use the /authorizations/token to get an API toke for the user and use that.
With the default JupyterHub config you’ll need to get a new API token for the user.
You can override the default server token permissions though:
I think I understand your question. You cannot use OAuth tokens issued by GitHub to make API requests to JupyterHub. While GitHub can be an authentication provider to JupyterHub and JupyterHub itself uses OAuth tokens, only OAuth tokens issued by JupyterHub are valid for use with the JupyterHub API. The external OAuth provider like GitHub is used for logging in only.
With some customizations to GitHubOAuthenticator, you could modify it to accept certain GitHub-issued tokens in a POST /api/users/:user/tokens request in order to _exchange_them for JupyterHub tokens to use them with the rest of the API. I’d make sure that’s really something you want, though.