Git automation with OAuth tokens

You can use OAuth tokens to interact with GitHub via automated scripts.

In this article

Did this doc help you?

Help us make these docs great!

All GitHub docs are open source. See something that's wrong or unclear? Submit a pull request.

Make a contribution

Or, learn how to contribute.

Step 1: Get an OAuth token

Create a personal access token on your application settings page. For more information, see "Creating a personal access token."

Tips:

  • You must verify your email address before you can create a personal access token. For more information, see "Verifying your email address."
  • We recommend that you regularly review your authorized integrations. Remove any applications and tokens that haven't been used in a while. For more information, see "Reviewing your authorized integrations."

As a security precaution, GitHub automatically removes personal access tokens that haven't been used in a year.

Step 2: Clone a repository

Once you have a token, you can enter it instead of your password when performing Git operations over HTTPS.

For example, on the command line you would enter the following:

$ git clone https://github.com/username/repo.git
Username: your_username
Password: your_token

To avoid these prompts, you can use Git password caching. For information, see "Caching your GitHub credentials in Git."

Warning: Tokens have read/write access and should be treated like passwords. If you enter your token into the clone URL when cloning or adding a remote, Git writes it to your .git/config file in plain text, which is a security risk.

Further reading

Did this doc help you?

Help us make these docs great!

All GitHub docs are open source. See something that's wrong or unclear? Submit a pull request.

Make a contribution

Or, learn how to contribute.