Using Personal Access Tokens with GIT and GitHub –

Background

We described our motivation as we announced similar changes to authenticating with the API as follows:

Brownouts

To ensure all affected customers are aware of the authentication change, during two scheduled brownouts, we will temporarily disable support for password authentication, and Git operations made using a password will temporarily fail. The brownouts are scheduled for the following dates and times:

Configure credential caching

Lastly, to ensure the local computer remembers the token, we can enable caching of the credentials. This configures the computer to remember the complex token so that we dont have too.

git config --global credential.helper cache

If needed, you can later clear the token from the local computer by running 

git config --global --unset credential.helper

Enabling two-factor authentication

If you would like to ensure that your account does not allow password-based authentication, you can enable two-factor authentication for your account today. This will require you to use a personal access token for all authenticated operations via Git and third-party integrations.

Get token

The first step in using tokens is to generate a token from the GitHub website. Note that it would be best practice to use different tokens for different computers/systems/services/tasks so that they can be easily managed.

To generate a token:

  1. Log into GitHub
  2. Click on your name / Avatar in the upper right corner and select Settings
  3. On the left, click Developer settings
  4. Select Personal access tokens and click Generate new token
  5. Give the token a description/name and select the scope of the token
    • I selected repo only to facilitate pull, push, clone, and commit actions
    • Click the link Red more about OAuth scopes for details about the permission sets
  6. Click Generate token
  7. Copy the token – this is your new password!
Похожее:  Работа с VK API на Python 3.x / СоХабр

Timeline

If you have any questions, please see the related API password authentication blog post, learn more about keeping your account secure, or contact GitHub Support. Need a security key? Head over to the GitHub Shop.

Workflows affected

The following customers remain unaffected by this change:

Добавить комментарий

Ваш адрес email не будет опубликован. Обязательные поля помечены *