I connected to github from vscode. From what I saw, it generated a OAuth2 token with vscode-auth.github.com
Now, I would like to know:
How I can disable this token from github.com (it doesn't show up in https://github.com/settings/developers)
How I can delete this token from my VSCode installation
How it works on remote sessions: it looks like magic but I would also need to clean the keys from my remote server
The applications which are authorized by OAuth are listed at https://github.com/settings/applications and under tab Authorized OAuth Apps and from there one can revoke the authorization.
Related
I recently created a new 'personal access token' as prompted by Github.
They deprecated the use of a password and replaced it with the personal access token on August 13, 2021 when pushing a local repository to a newly created GitHub repository.
I had to create and delete 2 other personal access tokens before my 3rd personal access token was accepted. And I am no longer prompted to enter username/personal access token now, as an email from GitHub confirmed my new PAT is associated with my GitHub account now.
But I notice in addition to my personal access token which I created in GitHub, I also see in the Authenticator app on my phone a 6 digit token is being generated. (The personal access token is very long, looks like an SHA) It is identified as connected to GitHub but GitHub hasn't prompted me to use it nor does GitHub documentation make a reference to its requirement or use. Can anyone offer some information as to why, and to what end this other token is for?
The 6-digit token you're describing sounds like a two-factor authentication token, which is used to secure your account logins to the github.com website. In contrast, the Personal Access Token is used when interacting with github via a command line interface.
To see the 6-digit code being used in action, try opening a Private/Incognito browser tab and logging into github.com. After entering your username and password, the site should prompt you to enter that 6-digit rotating code as a second factor to secure your account.
See the GitHub documentation for two-factor authentication here.
This question already has answers here:
Message "Support for password authentication was removed. Please use a personal access token instead."
(47 answers)
Closed 1 year ago.
Error message when using git push:
Support for password authentication was removed on August 13, 2021. Please use a personal access token instead.
remote: Please see https://github.blog/2020-12-15-token-authentication-requirements-for-git-operations/ for more information.
fatal: unable to access 'https://github.com/codingTheWorld777/react-mini-projects.git/': The requested URL returned error: 403"***
I cannot use my token to access GitHub, so how can I push code to GitHub?
GitHub announced their intent to require the use of token-based authentication for all authenticated Git operations. They will no longer accept account passwords when authenticating Git operations on GitHub.com:
Generate token:
Go to your GitHub account token settings
Generate a token
On Mac:
Go to keychain Access
Press the Login tab and all items
Click GitHub key
Change the password to the recent generated token
On Windows:
Go to Control Panel → User Accounts → Credential Manager
Edit the Generic Credential of GitHub
Paste the token instead of the password
You need to change the remote URL with:
git remote set-url <stream> https://<token>#github.com/<username>/<repo>
token can be found here.
I also encounter this problem today, on macOS.
I solve this problem by:
First, get a token! Follow the guidance of GitHub. I think you can just click the link provided in the warning.
Second, change the key chain on macOS:
Search "Keychain" on macOS.
Search "GitHub".
Change the password in the one that with "Internet Password", using your new token.
Then, my problem is solved and I can "git push" now.
Step 1: Go to your GitHub account → Settings → Developer settings → Personal access tokens → Generate / regenerate your token
Step 2: Go to https://cli.github.com and download GitHub CLI
Step 3: Go to your command line or Terminal → gh auth login and follow with login credentials. Done.
I have the same problem. For me the solution was install the GitHub CLI in https://cli.github.com/. After installing in my OS, I ran gh auth login in my terminal and logged in through the browser with the access token that I generated in the GitHub profile. Follow:
My Account → Settings → Developer settings → Personal access tokens [GENERATE NEW TOKEN]
First of all, you need to create a personal access token in Creating a personal access token
git clone https://github.com/username/repo.git
Username: your_username
Password: your_token
Solution for Mac:
First generate a token from GitHub. And replace your password with the token from the keychain access in the GitHub section.
You need to create a personal access token. You can find the instructions on creating personal access token in Creating a personal access token
Make sure you keep the access token secure & secret. After that you need to replace your current saved password in the device (laptop/desktop) with the access token. In macOS you can search for Keychain and find GitHub with an Internet password and replace it with your access token. For instructions, see Updating credentials from the macOS Keychain.
In Windows, it might be Credential Manager (I'm not sure). Check this out: How to update your Git credentials on Windows
GitHub is retiring password based authentication for command line tools: https://github.blog/2020-12-15-token-authentication-requirements-for-git-operations/
Normally I work in some server, git clone https://...., enter my username and password and get the code that I have to deploy.
What am I supposed to do now? Do I create a token, write it down on a piece of paper, take it with me and retype it into a terminal? Seems a bit too convoluted for just getting some code. Is there some other "intended" workflow?
There are a few options:
You can create a personal access token in your github settings and use that instead of your account password.
you can use SSH to connect
you can rely on the Git Credential Manager Core which will perform an OAuth check either by popping up a UI or giving you an url to paste into a browser.
some hardware tokens will enable you to perform authentication.
We've got an install of Azure Devops server that currently authenticates against our active directory server and authentication works, but it appears to do so by means of browser basic authentication (the browser modal prompt that asks for a simple user name and password).
I'm wondering if there is some way to configure authentication such that users that have never logged in, actually get a login page... not just the basic authentication prompt in the browser.
I appreciate any input, I've used and administered azure devops in the cloud for a LONG time, but the devops server stuff I'm new to.
NOTE: I've played with IIS settings for authentication (enabling and disabling basic authentication and forms auth etc, but nothing really seemed to help there)
it appears to do so by means of browser basic authentication (the
browser modal prompt that asks for a simple user name and password).
I'm wondering if there is some way to configure authentication such
that users that have never logged in, actually get a login page... not
just the basic authentication prompt in the browser.
What's the login page do you mean?
1.If you mean the login page to connect to TFS web portal, as I know using basic prompt with username+password is the only appraoch.
Web Portal:
Only logic page:
2.But if you mean something used for authentication when accessing the code. I think you must be familiar with PAT which is widely used in Azure Devops Service. IIS Basic Authentication is not recommended. You can check Enabling IIS Basic Authentication invalidates using Personal Access Tokens and Use the TFS Cross Platform Command Line with TFS using basic authentication or personal access tokens (PATs).
Hope it helps to resolve your puzzle :)
So after lots of research, I found that in the differences between azure devops server and azure devops services documentation. In this documentation it states that it uses windows authentication, and you will never be presented with any login experience.
I'd vote that this should be something that be configured to show a login screen, as sometimes we want to log in as users other than the users we logged into the machine as.
I have registered an account with GitKraken and confirmed that I have rights to a repo on VSO. When I attempt to login, my uid and pwd and cleared from the text box and I can't login
Any guesses where the point of failure is? When I use Visual Studio, I can log into that TFS repo no problem
You can't use your VSO login directly in Git Kraken.
There are two ways you can approach this:
- Use a personal access token. In VSO, click on your profile icon -> Security - Personal access tokens. Create a new access token and use that as a password. Personal access tokens have an expiry date, so you will have to create a new one after some time.
use ssh. That is what I am using, as I think it is more convenient, but a bit more steps to set up. Here is a tutorial on how to set it up with VSO: https://learn.microsoft.com/de-de/vsts/repos/git/use-ssh-keys-to-authenticate?view=vsts