diff --git a/APPLY_ACCESS_TOKEN.md b/APPLY_ACCESS_TOKEN.md
new file mode 100644
index 00000000..bf33f027
--- /dev/null
+++ b/APPLY_ACCESS_TOKEN.md
@@ -0,0 +1,29 @@
+# Apply for a nodejs-github-bot token
+
+Automation in https://github.com/nodejs may require github access token to access
+permission scoped endpoints. In the case of such requirement, the access token can
+be requested to be created under the name of https://github.com/nodejs-github-bot. 
+
+Only fine-grained access token can be created under the name of https://github.com/nodejs-github-bot.
+
+To create a fine-grained access token with nodejs-github-bot, submit a PR to
+add the requested repo in the registry below, and a TSC member or a build WG member
+(who has access to the https://github.com/nodejs-github-bot account) need to take
+action to create the fine-grained token and save the token to the requested repo's
+repository secrets.
+
+Fine-grained tokens created with access to https://github.com/nodejs resources will
+be audited at https://github.com/organizations/nodejs/settings/personal-access-tokens/active.
+
+## Registry
+
+The "repo" is a string of the GitHub `<owner>/<repo>`. Generally, the token should
+only be created for repo in the https://github.com/nodejs organization.
+
+The "token name" is a string that the token can be referenced in the GitHub Action
+scripts. Like a token name of `RELEASE_PLEASE_TOKEN` can be accessed from the script
+as `${{ secrets.RELEASE_PLEASE_TOKEN }}`.
+
+Repo                        | Token name
+---                         | ---
+nodejs/import-in-the-middle | RELEASE_PLEASE_GITHUB_TOKEN