diff --git a/DESCRIPTION b/DESCRIPTION
index e1415fbf..0d82aa1f 100644
--- a/DESCRIPTION
+++ b/DESCRIPTION
@@ -1,6 +1,6 @@
 Package: orderly2
 Title: Orderly Next Generation
-Version: 1.99.39
+Version: 1.99.40
 Authors@R: c(person("Rich", "FitzJohn", role = c("aut", "cre"),
                     email = "rich.fitzjohn@gmail.com"),
              person("Robert", "Ashton", role = "aut"),
diff --git a/R/location_packit.R b/R/location_packit.R
index f3cceb5e..f7fe346e 100644
--- a/R/location_packit.R
+++ b/R/location_packit.R
@@ -43,6 +43,12 @@ do_oauth_device_flow <- function(base_url, cache_disk) {
 # server from within the same session.
 auth_cache <- new.env(parent = emptyenv())
 packit_authorisation <- function(base_url, token, save_token) {
+  # If a non-Github token is provided, we assume it is a native Packit token
+  # and use that directly.
+  if (!is.null(token) && !grepl('^gh._', token)) {
+    return(list("Authorization" = paste("Bearer", token)))
+  }
+
   key <- rlang::hash(list(base_url = base_url, token = token))
 
   if (is.null(auth_cache[[key]])) {
diff --git a/tests/testthat/test-location-packit.R b/tests/testthat/test-location-packit.R
index 664c082d..15f2cb23 100644
--- a/tests/testthat/test-location-packit.R
+++ b/tests/testthat/test-location-packit.R
@@ -1,15 +1,14 @@
-test_that("can authenticate with existing token", {
+test_that("can authenticate with existing GitHub token", {
   clear_auth_cache()
   withr::defer(clear_auth_cache())
 
-  token <- "my-github-token"
+  token <- "ghp_github-token"
 
   mock_post <- local_mock_response(
     to_json(list(token = jsonlite::unbox("my-packit-token"))),
     wrap = FALSE)
 
-  res <- evaluate_promise(
-    packit_authorisation("http://example.com/", token))
+  res <- evaluate_promise(packit_authorisation("http://example.com/", token))
 
   expect_length(res$messages, 2)
   expect_match(res$messages[[1]], "Logging in to http://example.com")
@@ -20,7 +19,7 @@ test_that("can authenticate with existing token", {
   mockery::expect_called(mock_post, 1)
   args <- mockery::mock_args(mock_post)[[1]]
   expect_equal(args[[1]]$url, "http://example.com/packit/api/auth/login/api")
-  expect_equal(args[[1]]$body$data, list(token = scalar("my-github-token")))
+  expect_equal(args[[1]]$body$data, list(token = scalar("ghp_github-token")))
   expect_equal(args[[1]]$body$type, "json")
 
   ## And a second time, does not call mock_post again:
@@ -31,6 +30,18 @@ test_that("can authenticate with existing token", {
 })
 
 
+test_that("can authenticate with existing Packit token", {
+  clear_auth_cache()
+  withr::defer(clear_auth_cache())
+
+  token <- "my-packit-token"
+
+  result <- packit_authorisation("http://example.com/", token)
+  expect_equal(result,
+               list("Authorization" = paste("Bearer", "my-packit-token")))
+})
+
+
 test_that("can authenticate using device flow", {
   clear_auth_cache()
   withr::defer(clear_auth_cache())
@@ -39,7 +50,8 @@ test_that("can authenticate using device flow", {
     to_json(list(token = jsonlite::unbox("my-packit-token"))),
     wrap = FALSE)
 
-  mockery::stub(packit_authorisation, "do_oauth_device_flow", "my-github-token")
+  mockery::stub(packit_authorisation, "do_oauth_device_flow",
+                "ghp_github-token")
 
   res <- evaluate_promise(packit_authorisation("http://example.com/",
                                                token = NULL,
@@ -54,7 +66,7 @@ test_that("can authenticate using device flow", {
   mockery::expect_called(mock_post, 1)
   args <- mockery::mock_args(mock_post)[[1]]
   expect_equal(args[[1]]$url, "http://example.com/packit/api/auth/login/api")
-  expect_equal(args[[1]]$body$data, list(token = scalar("my-github-token")))
+  expect_equal(args[[1]]$body$data, list(token = scalar("ghp_github-token")))
   expect_equal(args[[1]]$body$type, "json")
 })
 
@@ -62,7 +74,7 @@ test_that("location_packit uses authentication", {
   clear_auth_cache()
   withr::defer(clear_auth_cache())
 
-  token <- "my-github-token"
+  token <- "ghp_github-token"
   id <- outpack_id()
   metadata <- "packet metadata"
 
@@ -85,7 +97,7 @@ test_that("location_packit uses authentication", {
 
   args <- mockery::mock_args(mock)[[1]]
   expect_equal(args[[1]]$url, "http://example.com/packit/api/auth/login/api")
-  expect_equal(args[[1]]$body$data, list(token = scalar("my-github-token")))
+  expect_equal(args[[1]]$body$data, list(token = scalar("ghp_github-token")))
   expect_equal(args[[1]]$body$type, "json")
 
   args <- mockery::mock_args(mock)[[2]]
@@ -126,8 +138,8 @@ test_that("Can configure oauth caching behaviour", {
 
 test_that("can create a packit location using an environment variable token", {
   loc <- withr::with_envvar(
-    c("PACKIT_TOKEN" = "abc123"),
-    orderly_location_packit("http://example.com", "$PACKIT_TOKEN"))
+    c("GITHUB_TOKEN" = "ghp_abc123"),
+    orderly_location_packit("http://example.com", "$GITHUB_TOKEN"))
 
   mock_login <- local_mock_response(
     to_json(list(token = jsonlite::unbox("my-packit-token"))),
@@ -139,12 +151,12 @@ test_that("can create a packit location using an environment variable token", {
 
   args <- mockery::mock_args(mock_login)[[1]]
   expect_equal(args[[1]]$url, "http://example.com/packit/api/auth/login/api")
-  expect_equal(args[[1]]$body$data, list(token = scalar("abc123")))
+  expect_equal(args[[1]]$body$data, list(token = scalar("ghp_abc123")))
   expect_equal(args[[1]]$body$type, "json")
 })
 
 
-test_that("error of token variable not found", {
+test_that("error if token variable not found", {
   withr::with_envvar(
     c("PACKIT_TOKEN" = NA_character_),
     expect_error(