All 3rd party connection to Github failed with 403

I use sourcetree and connect to github via basic auth (already use personal access token as password) but today I can’t pull from origin with error 403
but I can pull form git CLI with same token

and I use webhook in my repository, but today it got same 403 error too

Can someone has any suggestion for me

I’d be curious for an answer, too.
1-2 weeks ago oauth was working. Since this stopped working now, I added two-factor and tried basic auth (using a token as PW).
When adding the token/PW, authentication checks out ok, but pull/push/clone is not possible - error 403

Hi there :wave:

This was part of a scheduled brown out, which was detailed in a couple posts to our blog:

Though, some users have called out that the error message pointed to an outdated blog post that did not include the dates/times.

I can certainly understand how frustrating that is, but git operations via PW auth, should be working again now. Do keep in mind that token based auth will be required in the future.

:bow:

Thanks a lot for the quick reply.
From this, however, I gather, that when using a token, git operations should work - which they don’t.

I tested a bit more and can see that this only affects private repos, for public repos everything seems to work fine

Sorry for any confusion there @BjoernOCTLIGHT – I think the OP relates to the scheduled brown out, and the experience you’re describing is unique.

Because you’re correct, token based auth should function (and should have been functioning since 1-2 weeks ago) with git operations. And to your point:

I tested a bit more and can see that this only affects private repos, for public repos everything seems to work fine

I would be looking for the scope applied to your token:

https://docs.github.com/en/github/authenticating-to-github/keeping-your-account-and-data-secure/creating-a-personal-access-token

I’m assuming you’re referring to a PAT and not necessarily an OAuth App token?

Thanks a lot @nethgato for the hint. I have temporarily tried to enable all scopes, but that did not change something.
I have tried both a PAT and an OAuth App token, in both cases, I can clone a public repo but not a private one, am I overlooking further settings?

@nethgato Thanks for your replied
but I’m using PAT and this PAT can use to connect to my repository from sourcetree (and from CLI) since the day after I open this issue until yesterday :cry:


and today when I try to pull my repository from sourcetree it not work anymore (returned error 403: Support for password authentication was removed) :sob:
but I’m sure I use PAT and this PAT worked until yesterday and it still work in CLI ($ git pull)
please give me some suggestion :cry: :cry:

I have the same issue. Tried everything; adding PAT multiple times, reinstalling Git 2.3,
Github CLI, GitDesktop etc. The password seems to be cached somewhere. But where?

At least 4 ways to login? Why should this be so hard and cryptic?
Github has gone to pieces since Microsoft bought them.