GitHub Community
Fine grain tokens #174752
Replies: 2 comments
-
|
Hello! Using a fine-grained personal access token is a secure way to authenticate. How you use it depends on what you are doing. Here are the most common methods: 1. For Git on the Command Line (HTTPS)When you
Your operating system or a tool like the [Git Credential Manager](https://github.com/git-ecosystem/git-credential-manager) will usually cache the token so you don't have to enter it every time. # When you run a command like this...
git push origin main
# ...you will be prompted for credentials.
Username for 'https://github.com': YOUR_USERNAME
Password for 'https://[email protected]': [PASTE YOUR TOKEN HERE]2. For the GitHub APIWhen making calls to the GitHub REST API, you must include the token in the curl -L \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer YOUR_TOKEN" \
-H "X-GitHub-Api-Version: 2022-11-28" \
https://api.github.com/userNote: Replace 3. In GitHub Actions WorkflowsThe best practice is to store your token as a secret and reference it in your workflow file. Never paste a token directly into a
jobs:
my_job:
runs-on: ubuntu-latest
steps:
- name: "A step that needs authentication"
env:
GH_TOKEN: ${{ secrets.FINE_GRAINED_PAT }}
run: |
# Now your script can use the GH_TOKEN environment variable
# Example: configuring git
git config --global url."https://x-access-token:$%7BGH_TOKEN%7D@github.com/".insteadOf "https://github.com/"
Hope this helps clarify how to use your token! But if none of these above helps, what specific task are you trying to accomplish with the token? |
Beta Was this translation helpful? Give feedback.
This comment was marked as off-topic.
This comment was marked as off-topic.
Uh oh!
There was an error while loading. Please reload this page.
-
Select Topic Area
Question
Body
How do I use a token
Beta Was this translation helpful? Give feedback.
All reactions