Single Sign On for the "GitHub Enterprise" app on Okta works fine for me, I am using SAML 2.0. When a user logs in to Okta and clicks on the "GitHub Enterprise" app, they are authenticated.
I have a "Test" repository on GitHub Enterprise. Users will use the command line or git bash to access (read/write/clone) the "Test" repo. Is there a way to use SAML authentication on the command line rather than asking for username/password or SSH key?
Currently, there is no way for the git command line client to authenticate using SAML 2.0.
You will need to suspend users in GitHub Enterprise to disable their SSH keys.
Related
I'm using same email address on both platforms. Please let me know if it's possible, if not please guide me to best practice.
Thanks in advance.
I have successfully added the key to Bitbucket, all good here. When I tried to login GitHub via CLI (using gh auth login), I have faced this text:
HTTP 422: Validation Failed (https://api.github.com/user/keys)
key is already in use
While using a dedicated key pair for Github is the best practice, you can also use gh auth login with HTTPS and as a password a GitHub PAT (Personal Access Token, typically, a classic one, scope repos)
echo ghp_xxx | auth login -p https --with-toke
gh auth status and gh auth token will confirm you are correctly logged in to GitHub, with the right identity.
I'm using Sourcetree version 3.4.6.
I have followed the instructions for this SO answer. I get the token and in Tools => Options => Authentication tab I click on the Add text:
I use the PAT as password but I get a "Authentication failed" message.
How can I use PAT with SourceTree?
You should first authenticate with your default browser on your github account with your credentials (or just check if you're already authenticated), then choose in the SourceTree app the "OAuth" authentication instead of the Basic then click "Refresh OAuth token". Now you should be able to enter successfully to your github repos.
Just added 2FA for Github but now when I go to push changes from the terminal to a branch and I try to authenticate myself with username + password I get rejected because there's nowhere to input my 2FA code...I know my username and password are correct because I can login to the site (with 2FA code). Terminal doesn't provide a space to input that code. How are others working around this?
You'll need a personal access token or SSH key.
The details are here: Accessing GitHub using two-factor authentication - Using two-factor authentication with the command line
I connected to github from vscode. From what I saw, it generated a OAuth2 token with vscode-auth.github.com
Now, I would like to know:
How I can disable this token from github.com (it doesn't show up in https://github.com/settings/developers)
How I can delete this token from my VSCode installation
How it works on remote sessions: it looks like magic but I would also need to clean the keys from my remote server
The applications which are authorized by OAuth are listed at https://github.com/settings/applications and under tab Authorized OAuth Apps and from there one can revoke the authorization.
GitHub is retiring password based authentication for command line tools: https://github.blog/2020-12-15-token-authentication-requirements-for-git-operations/
Normally I work in some server, git clone https://...., enter my username and password and get the code that I have to deploy.
What am I supposed to do now? Do I create a token, write it down on a piece of paper, take it with me and retype it into a terminal? Seems a bit too convoluted for just getting some code. Is there some other "intended" workflow?
There are a few options:
You can create a personal access token in your github settings and use that instead of your account password.
you can use SSH to connect
you can rely on the Git Credential Manager Core which will perform an OAuth check either by popping up a UI or giving you an url to paste into a browser.
some hardware tokens will enable you to perform authentication.