95bd8c84f9
Co-authored-by: Ethan Palm <56270045+ethanpalm@users.noreply.github.com> Co-authored-by: Mislav Marohnić <mislav@github.com> Co-authored-by: Laura Coursen <lecoursen@github.com>
5.3 KiB
title, intro, redirect_from, versions, topics, shortTitle
| title | intro | redirect_from | versions | topics | shortTitle | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Creating a personal access token | You should create a personal access token to use in place of a password with the command line or with the API. |
|
|
|
Create a PAT |
{% note %}
Note: If you use {% data variables.product.prodname_cli %} to authenticate to {% data variables.product.product_name %} on the command line, you can skip generating a personal access token and authenticate via the web browser instead. For more information about authenticating with {% data variables.product.prodname_cli %}, see gh auth login.
{% endnote %}
Personal access tokens (PATs) are an alternative to using passwords for authentication to {% data variables.product.product_name %} when using the GitHub API or the command line.
{% ifversion fpt %}If you want to use a PAT to access resources owned by an organization that uses SAML SSO, you must authorize the PAT. For more information, see "About authentication with SAML single sign-on" and "Authorizing a personal access token for use with SAML single sign-on."{% endif %}
{% ifversion fpt %}{% data reusables.user_settings.removes-personal-access-tokens %}{% endif %}
Creating a token
{% ifversion fpt %}1. Verify your email address, if it hasn't been verified yet.{% endif %}
{% data reusables.user_settings.access_settings %}
{% data reusables.user_settings.developer_settings %}
{% data reusables.user_settings.personal_access_tokens %}
4. Click Generate new token.
5. Give your token a descriptive name.
{% ifversion fpt or ghes > 3.1 or ghae-issue-4374 %}
6. To give your token an expiration, select the Expiration drop-down menu, then click a default or use the calendar picker.
{% endif %}
7. Select the scopes, or permissions, you'd like to grant this token. To use your token to access repositories from the command line, select repo.
{% ifversion fpt or ghes %}
{% elsif ghae %}
{% endif %}
8. Click Generate token.
{% ifversion fpt %}
{% elsif ghes > 3.1 or ghae-next %}
{% else %}
{% endif %}
{% warning %}
Warning: Treat your tokens like passwords and keep them secret. When working with the API, use tokens as environment variables instead of hardcoding them into your programs.
{% endwarning %}
{% ifversion fpt %}9. To use your token to authenticate to an organization that uses SAML SSO, authorize the token for use with a SAML single-sign-on organization.{% endif %}
Using a token on the command line
{% data reusables.command_line.providing-token-as-password %}
Personal access tokens can only be used for HTTPS Git operations. If your repository uses an SSH remote URL, you will need to switch the remote from SSH to HTTPS.
If you are not prompted for your username and password, your credentials may be cached on your computer. You can update your credentials in the Keychain to replace your old password with the token.
Instead of manually entering your PAT for every HTTPS Git operation, you can cache your PAT with a Git client. Git will temporarily store your credentials in memory until an expiry interval has passed. You can also store the token in a plain text file that Git can read before every request. For more information, see "Caching your {% data variables.product.prodname_dotcom %} credentials in Git."