diff options
| author | M Hickford <mirth.hickford@gmail.com> | 2025-01-10 22:54:37 +0000 |
|---|---|---|
| committer | Junio C Hamano <gitster@pobox.com> | 2025-01-10 15:10:00 -0800 |
| commit | a90ff409f0490aef6266f17656fa626154af9715 (patch) | |
| tree | 3700f2656b8e775fdfce2548a5f255d0f5cc02fe | |
| parent | cf5b8276dcfdad44f02c082a934be5589ff14586 (diff) | |
| download | git-a90ff409f0490aef6266f17656fa626154af9715.tar.gz | |
docs: discuss caching personal access tokens
Describe problems storing personal access tokens in git-credential-cache
and suggest alternatives.
Research suggests that many users are confused about this:
> the point of passwords is that (ideally) you memorise them [so]
> they're never stored anywhere in plain text. Yet GitHub's personal
> access token system seems to basically force you to store the token in
> plain text?
https://stackoverflow.com/questions/46645843/where-to-store-my-git-personal-access-token#comment89963004_46645843
Signed-off-by: M Hickford <mirth.hickford@gmail.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
| -rw-r--r-- | Documentation/git-credential-cache.txt | 17 |
1 files changed, 17 insertions, 0 deletions
diff --git a/Documentation/git-credential-cache.txt b/Documentation/git-credential-cache.txt index 487cc557a8..54fa7a27e1 100644 --- a/Documentation/git-credential-cache.txt +++ b/Documentation/git-credential-cache.txt @@ -78,6 +78,23 @@ variable (this example increases the cache time to 1 hour): $ git config credential.helper 'cache --timeout=3600' ------------------------------------------------------- +PERSONAL ACCESS TOKENS +---------------------- + +Some remotes accept personal access tokens, which are randomly +generated and hard to memorise. They typically have a lifetime of weeks +or months. + +git-credential-cache is inherently unsuitable for persistent storage of +personal access tokens. The credential will be forgotten after the cache +timeout. Even if you configure a long timeout, credentials will be +forgotten if the daemon dies. + +To avoid frequently regenerating personal access tokens, configure a +credential helper with persistent storage. Alternatively, configure an +OAuth credential helper to generate credentials automatically. See +linkgit:gitcredentials[7], sections "Available helpers" and "OAuth". + GIT --- Part of the linkgit:git[1] suite |