Comment 2 for bug 2039669

We have followed up with some internal investigation, and we were able to create and use repository access tokens (for non-owners) via the API. This seems to be an issue limited to the UI in the sense that the UI only exposes it to repository owners.