diff --git a/content/for-delivery-engineers/tutorials/04-preparing-pac-env/adding-github-token.md b/content/for-delivery-engineers/tutorials/04-preparing-pac-env/adding-github-token.md
new file mode 100644
index 00000000..3af0e4f3
--- /dev/null
+++ b/content/for-delivery-engineers/tutorials/04-preparing-pac-env/adding-github-token.md
@@ -0,0 +1,147 @@
+# Configure Personal Access Token
+
+Let's add a few secrets that we will need to get our pipelines running.
+You can check secrets documentation to read more on these secrets.
+
+## Objectives
+
+* Generate a organization level PAT with the necessary permissions for pipeline integration.
+* Securely store the GitHub PAT in Vault for added protection.
+
+## Key Results
+
+* Personal Access Token (PAT) with the specified permissions is generated successfully in the GitHub account.
+* The GitHub PAT is securely stored in Vault and can be accessed only by authorized entities, enhancing security.
+
+## Prerequisites
+
+* Infra GitOps Repository is configured.
+
+## Tutorial
+
+### Creating Personal Access Token
+
+1. Generate a Fine-grained Token (PAT) on GitHub.
+
+1. Go to your GitHub account `settings` for the top-right corner on your profile.
+
+    <div style="text-align:center"><img src="images/git-account-settings.png" /></div>
+
+1. Navigate to `Developer settings`
+
+      <div style="text-align:center"><img src="images/developer-settings.png" /></div>
+
+1. Go to `Personal access tokens`.
+
+1. From drop-down select `Fine-grained Tokens`.
+
+1. Click `Generate new token`.
+
+    <div style="text-align:center"><img src="images/pat-create.png" /></div>
+
+1. Provide a name for the token.
+
+1. Select the `Resource owner`(your organization).
+
+1. Set Repository Access to `All Repositories`.
+
+1. Select the following scopes/permissions:
+
+        * Administration (Read only)
+        * Commit status (Read only)
+        * Contents (Read only)
+        * Metadata (Read only)
+        * Pull requests (Read and write)
+        * Webhook (Read and write)
+
+    <div style="text-align:center"><img src="images/repository-permissions.png" /></div>
+
+   !!! note
+   Save the token cautiously, you'll need to save it in `Vault`.
+
+### Adding Token to Vault
+
+Now that we have created the GitHub Token, we will store it in Vault.
+Login to Vault to view <your-tenant> path.
+
+1. Access Vault from `Forecastle` console, search `Vault` and open the `Vault` tile.
+
+    <div style="text-align:center"><img src="images/forecastle.png" /></div>
+
+1. From the drop-down menu under `Method`, select `OIDC` and click on `Sign in with OIDC Provider`.
+
+    <div style="text-align:center"><img src="images/login-oidc.png" /></div>
+
+1. You will be brought to the `Vault` console. You should see `common-shared-secrets` folder.
+
+    <div style="text-align:center"><img src="images/common-shared-secrets.png" /></div>
+
+1. Click on `common-shared-secrets`.
+
+1. You will now be brought to the `secrets` and the `configurations`. Click on `create secret`.
+
+     <div style="text-align:center"><img src="images/create-secret.png" /></div>
+
+1. Let's create a `git-pat-creds` secret for our webhook secret. Write the name of the secret in `path` which is `git-pat-creds`. Add `secret data`
+     * key: `username`, value: (GitHub username).
+     * key: `password`, value (Newly created PAT).
+   Hit save.
+
+     <div style="text-align:center"><img src="images/git-pat-creds.png" /></div>
+
+### Adding External Secret
+
+Since we want the `git-pat-creds` secret to be deployed in all of the tenant namespaces, we will use a multi-tenant-operator template to deploy it.
+
+1. Open up the `infra-gitops-config` repository that we have already bootstrapped.
+
+1. Open the `tenant-operator-config` folder and create a `templates` folder inside it.
+
+     <div style="text-align:center"><img src="images/template.png" /></div>
+
+1. Now create a file named `git-pat-creds-template.yaml` and add the following content.
+
+     ```yaml
+     apiVersion: tenantoperator.stakater.com/v1alpha1
+     kind: Template
+     metadata:
+       name: git-pat-creds
+     resources:
+       manifests:
+         - apiVersion: external-secrets.io/v1beta1
+           kind: ExternalSecret
+           metadata:
+             name: git-pat-creds
+           spec:
+             dataFrom:
+               - extract:
+                   conversionStrategy: Default
+                   key: git-pat-creds
+             refreshInterval: 1m0s
+             secretStoreRef:
+               kind: SecretStore
+               name: tenant-vault-shared-secret-store
+             target:
+               name: git-pat-creds
+     ```
+
+1. Create another file named `git-pat-creds-tgi.yaml` and add the below content.
+
+     ```yaml
+        apiVersion: tenantoperator.stakater.com/v1alpha1
+        kind: TemplateGroupInstance
+        metadata:
+          name: git-pat-creds
+        spec:
+          template: git-pat-creds
+          selector:
+            matchExpressions:
+              - key: stakater.com/kind
+                operator: In
+                values: [ build, pr ]
+          sync: true
+     ```
+
+1. Lets see our Template and TGI in ArgoCD. Open up ArgoCD and look for `tenant-operator-config` application. You should be able to see your Template and TGI deployed.
+
+     <div style="text-align:center"><img src="images/tgi-and-template.png" /></div>
diff --git a/content/for-delivery-engineers/tutorials/04-preparing-pac-env/images/common-shared-secrets.png b/content/for-delivery-engineers/tutorials/04-preparing-pac-env/images/common-shared-secrets.png
new file mode 100644
index 00000000..63303ff0
Binary files /dev/null and b/content/for-delivery-engineers/tutorials/04-preparing-pac-env/images/common-shared-secrets.png differ
diff --git a/content/for-delivery-engineers/tutorials/04-preparing-pac-env/images/create-secret.png b/content/for-delivery-engineers/tutorials/04-preparing-pac-env/images/create-secret.png
new file mode 100644
index 00000000..835b6358
Binary files /dev/null and b/content/for-delivery-engineers/tutorials/04-preparing-pac-env/images/create-secret.png differ
diff --git a/content/for-delivery-engineers/tutorials/04-preparing-pac-env/images/developer-settings.png b/content/for-delivery-engineers/tutorials/04-preparing-pac-env/images/developer-settings.png
new file mode 100644
index 00000000..dc95df75
Binary files /dev/null and b/content/for-delivery-engineers/tutorials/04-preparing-pac-env/images/developer-settings.png differ
diff --git a/content/for-delivery-engineers/tutorials/04-preparing-pac-env/images/forecastle.png b/content/for-delivery-engineers/tutorials/04-preparing-pac-env/images/forecastle.png
new file mode 100644
index 00000000..0eeeef63
Binary files /dev/null and b/content/for-delivery-engineers/tutorials/04-preparing-pac-env/images/forecastle.png differ
diff --git a/content/for-delivery-engineers/tutorials/04-preparing-pac-env/images/git-account-settings.png b/content/for-delivery-engineers/tutorials/04-preparing-pac-env/images/git-account-settings.png
new file mode 100644
index 00000000..07b94f26
Binary files /dev/null and b/content/for-delivery-engineers/tutorials/04-preparing-pac-env/images/git-account-settings.png differ
diff --git a/content/for-delivery-engineers/tutorials/04-preparing-pac-env/images/git-pat-creds.png b/content/for-delivery-engineers/tutorials/04-preparing-pac-env/images/git-pat-creds.png
new file mode 100644
index 00000000..de915a36
Binary files /dev/null and b/content/for-delivery-engineers/tutorials/04-preparing-pac-env/images/git-pat-creds.png differ
diff --git a/content/for-delivery-engineers/tutorials/04-preparing-pac-env/images/login-oidc.png b/content/for-delivery-engineers/tutorials/04-preparing-pac-env/images/login-oidc.png
new file mode 100644
index 00000000..4d97062c
Binary files /dev/null and b/content/for-delivery-engineers/tutorials/04-preparing-pac-env/images/login-oidc.png differ
diff --git a/content/for-delivery-engineers/tutorials/04-preparing-pac-env/images/open-secret.png b/content/for-delivery-engineers/tutorials/04-preparing-pac-env/images/open-secret.png
new file mode 100644
index 00000000..52c81670
Binary files /dev/null and b/content/for-delivery-engineers/tutorials/04-preparing-pac-env/images/open-secret.png differ
diff --git a/content/for-delivery-engineers/tutorials/04-preparing-pac-env/images/pat-create.png b/content/for-delivery-engineers/tutorials/04-preparing-pac-env/images/pat-create.png
new file mode 100644
index 00000000..4faac041
Binary files /dev/null and b/content/for-delivery-engineers/tutorials/04-preparing-pac-env/images/pat-create.png differ
diff --git a/content/for-delivery-engineers/tutorials/04-preparing-pac-env/images/pat-permissions.png b/content/for-delivery-engineers/tutorials/04-preparing-pac-env/images/pat-permissions.png
new file mode 100644
index 00000000..0c36d2d8
Binary files /dev/null and b/content/for-delivery-engineers/tutorials/04-preparing-pac-env/images/pat-permissions.png differ
diff --git a/content/for-delivery-engineers/tutorials/04-preparing-pac-env/images/provider-token.png b/content/for-delivery-engineers/tutorials/04-preparing-pac-env/images/provider-token.png
new file mode 100644
index 00000000..7c3b02dc
Binary files /dev/null and b/content/for-delivery-engineers/tutorials/04-preparing-pac-env/images/provider-token.png differ
diff --git a/content/for-delivery-engineers/tutorials/04-preparing-pac-env/images/repository-permissions.png b/content/for-delivery-engineers/tutorials/04-preparing-pac-env/images/repository-permissions.png
new file mode 100644
index 00000000..da4a4182
Binary files /dev/null and b/content/for-delivery-engineers/tutorials/04-preparing-pac-env/images/repository-permissions.png differ
diff --git a/content/for-delivery-engineers/tutorials/04-preparing-pac-env/images/secret-engines.png b/content/for-delivery-engineers/tutorials/04-preparing-pac-env/images/secret-engines.png
new file mode 100644
index 00000000..15c30eec
Binary files /dev/null and b/content/for-delivery-engineers/tutorials/04-preparing-pac-env/images/secret-engines.png differ
diff --git a/content/for-delivery-engineers/tutorials/04-preparing-pac-env/images/template.png b/content/for-delivery-engineers/tutorials/04-preparing-pac-env/images/template.png
new file mode 100644
index 00000000..c9421e70
Binary files /dev/null and b/content/for-delivery-engineers/tutorials/04-preparing-pac-env/images/template.png differ
diff --git a/content/for-delivery-engineers/tutorials/04-preparing-pac-env/images/tgi-and-template.png b/content/for-delivery-engineers/tutorials/04-preparing-pac-env/images/tgi-and-template.png
new file mode 100644
index 00000000..348c7473
Binary files /dev/null and b/content/for-delivery-engineers/tutorials/04-preparing-pac-env/images/tgi-and-template.png differ
diff --git a/content/for-developers/tutorials/outer-loop/add-ci-pipeline/04.2-add-external-secret.md b/content/for-developers/tutorials/outer-loop/add-ci-pipeline/04.2-add-external-secret.md
index 72d1b903..ddfb4433 100644
--- a/content/for-developers/tutorials/outer-loop/add-ci-pipeline/04.2-add-external-secret.md
+++ b/content/for-developers/tutorials/outer-loop/add-ci-pipeline/04.2-add-external-secret.md
@@ -1,4 +1,4 @@
-# Add External Secrets
+# Add External Secret
 
 Let's add the External Secret CR for the secret that we just stored in Vault. This will allow us to fetch the secret from Vault and distribute it to the build namespace of our tenant.
 
diff --git a/mkdocs.yml b/mkdocs.yml
index c178e2af..3e8ca531 100644
--- a/mkdocs.yml
+++ b/mkdocs.yml
@@ -104,6 +104,7 @@ nav:
               - for-delivery-engineers/tutorials/03-deploy-demo-app/deploy-demo-app.md
               - for-delivery-engineers/tutorials/04-add-tekton-pipeline-to-demo-app/add-pipeline.md
               - for-delivery-engineers/tutorials/04-preparing-pac-env/pipeline-as-code-env.md
+              - for-delivery-engineers/tutorials/04-preparing-pac-env/adding-github-token.md
         - How-to guides:
             - for-delivery-engineers/how-to-guides/configure-repository-secret/configure-repository-secret.md
             - for-delivery-engineers/how-to-guides/add-a-cluster-task/add-cluster-task.md