About authentication to github
To keep your account secure, you must authenticate before you can access certain resources on GitHub. When you authenticate to GitHub, you supply or confirm credentials that are unique to you to prove that you are exactly who you declare to be.
You can access your resources in GitHub in a variety of ways: in the browser, via GitHub Desktop or another desktop application, with the API, or via the command line. Each way of accessing GitHub supports different modes of authentication.
Authenticating git command line with personal access token · discussion #23419 · community
I got an email today while pushing an update to a repo to say that password authentication will be deprecated later this year in favour of access tokens. I want to set myself up for this change now rather than waiting until August. Better fix now rather than later :slight_smile:
I read the notice linked to by the email, and the documentation linked from there, and went about setting up a personal access token:
The GitHub Blog – 15 Dec 20
Beginning August 13th, 2021, we will no longer accept account passwords when authenticating Git operations on GitHub.com and will instead require token-based authentication (for example, a personal access, OAuth, or GitHub App installation token) for…
However, I’m a little confounded by the last step which seems to suggest that I have to copy the PAT into the password field for git whenever I make a request?
Quote from the documentation below:
Once you have a token, you can enter it instead of your password when performing Git operations over HTTPS.
For example, on the command line you would enter the following:
Is this really the only way to use a PAT? Surely there must be a way to authenticate without my having to copy/paste the token from the clipboard every time I want to push a commit? Moreover, the github website only shows the token to you once when it is created. So do I have to store the token in a plain text file on my machine?
Some guidance here would be much appreciated because I’m quite sure I’ve missed something. I had imagined that there would be a way to use a PAT like a public/private key where I would save it in a secure file on my system, could inform git of the location of the file and then git would handle all necessary authentication automatically in repsonse to requests.
Many thanks for your time!
Authenticating with github desktop
You can authenticate with GitHub Desktop using your browser. For more information, see “Authenticating to GitHub.”
Authenticating with the api
You can authenticate with the API in different ways.
Github’s token formats
GitHub issues tokens that begin with a prefix to indicate the token’s type.