To keep your account secure, you must authenticate before you can access certain resources on GitHub Enterprise. When you authenticate to GitHub Enterprise, you supply or confirm credentials that are unique to you to prove that you are exactly who you declare to be.
You can access your resources in GitHub Enterprise in a variety of ways: in the browser, via GitHub Desktop or another desktop application, with the API, or via the command line. Each way of accessing GitHub Enterprise supports different modes of authentication.
- Username and password with two-factor authentication
- Personal access token
- SSH 密钥
You can authenticate to GitHub Enterprise in your browser in different ways.
- Username and password only
- You'll create a password when you create your user account on GitHub Enterprise. We recommend that you use a password manager to generate a random and unique password. For more information, see "Creating a strong password."
- Two-factor authentication (2FA) (recommended)
- If you enable 2FA, we'll also prompt you to provide a code that's generated by an application on your mobile device or sent as a text message (SMS) after you successfully enter your username and password. 更多信息请参阅“使用双重身份验证访问 GitHub”。
- In addition to authentication with a mobile application or a text message, you can optionally add a secondary method of authentication with a security key using WebAuthn. For more information, see "Configuring two-factor authentication using a security key."
You can authenticate with GitHub Desktop using your browser. 更多信息请参阅“向 GitHub 验证”。
You can authenticate with the GitHub Enterprise API in different ways.
- In limited situations, such as testing, you can use a personal access token to access the API. Using a personal access token enables you to revoke access at any time. For more information, see "Creating a personal access token."
- Web 应用程序流程
- For OAuth Apps in production, you should authenticate using the web application flow. For more information, see "Authorizing OAuth Apps."
- GitHub 应用程序
- For GitHub Apps in production, you should authenticate on behalf of the app installation. 更多信息请参阅“向 GitHub 应用程序 验证”。
You can access repositories on GitHub Enterprise from the command line in two ways, HTTPS and SSH, and both have a different way of authenticating. The method of authenticating is determined based on whether you choose an HTTPS or SSH remote URL when you clone the repository. For more information about which way to access, see "Which remote URL should I use?"
You can work with all repositories on GitHub Enterprise over HTTPS, even if you are behind a firewall or proxy. Every time you use Git to authenticate with GitHub Enterprise, you'll be prompted to enter your credentials to authenticate with GitHub Enterprise, unless you cache them with a credential helper. For enhanced security, we recommend using a personal access token (PAT) instead of a password. Treat your PAT just like a password and enter your PAT when prompted for a password. For more information, see "Creating a personal access token."
You can work with all repositories on GitHub Enterprise over SSH, although firewalls and proxys might refuse to allow SSH connections. Using SSH requires you to generate an SSH public/private keypair on your local machine and add the public key to your GitHub Enterprise account. Every time you use Git to authenticate with GitHub Enterprise, you'll be prompted to enter your SSH key passphrase, unless you've stored the key. For more information, see "Generating a new SSH key and adding it to the ssh-agent."