Github API OAuth token validation
From the Github API docs on authorizations:
OAuth applications can use a special API method for checking OAuth token validity without running afoul of normal rate limits for failed login attempts.
Authentication works differently with this particular endpoint. You must use Basic Authentication when accessing it, where the username is the OAuth application client_id and the password is its client_secret. Invalid tokens will return 404 NOT FOUND.
You can do this with curl:
curl -u client_id:client_secret https://api.github.com/applications/:client_id/tokens/:token
Or, if using fetch, use Curl to Fetch.
This is compiled from the helpful comments on the OP's question.
Check headers to see what OAuth scopes you have, and what the API action accepts:
curl -H "Authorization: token OAUTH-TOKEN" https://api.github.com/users/codertocat -I
HTTP/1.1 200 OK
X-OAuth-Scopes: repo, user
X-Accepted-OAuth-Scopes: user
curl -H "Authorization: <TOKEN>" https://api.github.com/
Or
curl https://api.github.com/ -u <USERNAME>:<TOKEN>