I got an email today while pushing an update to a repo to say that password authentication will be deprecated later this year in favour of access tokens. I want to set myself up for this change now rather than waiting until August. Better fix now rather than later
I read the notice linked to by the email, and the documentation linked from there, and went about setting up a personal access token:
However, I’m a little confounded by the last step which seems to suggest that I have to copy the PAT into the password field for git whenever I make a request?
Quote from the documentation below:
Once you have a token, you can enter it instead of your password when performing Git operations over HTTPS.
For example, on the command line you would enter the following:
$ git clone https://github.com/username/repo.git Username: your_username Password: *your_token*
Is this really the only way to use a PAT? Surely there must be a way to authenticate without my having to copy/paste the token from the clipboard every time I want to push a commit? Moreover, the github website only shows the token to you once when it is created. So do I have to store the token in a plain text file on my machine?
Some guidance here would be much appreciated because I’m quite sure I’ve missed something. I had imagined that there would be a way to use a PAT like a public/private key where I would save it in a secure file on my system, could inform git of the location of the file and then git would handle all necessary authentication automatically in repsonse to requests.
Many thanks for your time!