Skip to main content
Frecuentemente publicamos actualizaciones de nuestra documentación. Es posible que la traducción de esta página esté en curso. Para conocer la información más actual, visita la documentación en inglés. Si existe un problema con las traducciones en esta página, por favor infórmanos.

About authentication to GitHub

You can securely access your account's resources by authenticating to GitHub, using different credentials depending on where you authenticate.

About authentication to GitHub

To keep your account secure, you must authenticate before you can access certain resources on GitHub. When you authenticate to GitHub, you supply or confirm credentials that are unique to you to prove that you are exactly who you declare to be.

You can access your resources in GitHub in a variety of ways: in the browser, via GitHub Desktop or another desktop application, with the API, or via the command line. Each way of accessing GitHub supports different modes of authentication.

  • Username and password with two-factor authentication
  • Personal access token
  • SSH key

Authenticating in your browser

If you're a member of an empresa con usuarios administrados, you will authenticate to GitHub in your browser using your IdP. For more information, see "Authenticating as a managed user" in the Nube de GitHub Enterprise documentation.

If you're not a member of an empresa con usuarios administrados, you will authenticate using your GitHub.com username and password. You may also use two-factor authentication and SAML single sign-on, which can be required by organization and enterprise owners.

  • Username and password only

    • You'll create a password when you create your account on GitHub. We recommend that you use a password manager to generate a random and unique password. For more information, see "Creating a strong password."

    • If you have not enabled 2FA, GitHub will ask for additional verification when you first sign in from an unrecognized device, such as a new browser profile, a browser where the cookies have been deleted, or a new computer.

      After providing your username and password, you will be asked to provide a verification code that we will send to you via email. If you have the GitHub Móvil application installed, you'll receive a notification there instead. For more information, see "GitHub Móvil."

  • Two-factor authentication (2FA) (recommended)

  • SAML single sign-on

    • Before you can access resources owned by an organization or enterprise account that uses SAML single sign-on, you may need to also authenticate through an IdP. For more information, see "About authentication with SAML single sign-on" in the Nube de GitHub Enterprise documentation.

Authenticating with GitHub Desktop

You can authenticate with GitHub Desktop using your browser. For more information, see "Authenticating to GitHub."

Authenticating with the API

You can authenticate with the API in different ways.

  • Personal access tokens
    • In limited situations, such as testing, you can use a personal access token to access the API. Using a personal access token enables you to revoke access at any time. For more information, see "Creating a personal access token."
  • Web application flow
    • For OAuth Apps in production, you should authenticate using the web application flow. For more information, see "Authorizing OAuth Apps."
  • GitHub Apps

Authenticating with the command line

You can access repositories on GitHub from the command line in two ways, HTTPS and SSH, and both have a different way of authenticating. The method of authenticating is determined based on whether you choose an HTTPS or SSH remote URL when you clone the repository. For more information about which way to access, see "About remote repositories."

HTTPS

You can work with all repositories on GitHub over HTTPS, even if you are behind a firewall or proxy.

If you authenticate with CLI de GitHub, you can either authenticate with a personal access token or via the web browser. For more information about authenticating with CLI de GitHub, see gh auth login.

If you authenticate without CLI de GitHub, you must authenticate with a personal access token. When Git prompts you for your password, enter your personal access token (PAT). Alternatively, you can use a credential helper like Git Credential Manager. Password-based authentication for Git has been removed in favor of more secure authentication methods. For more information, see "Creating a personal access token." Every time you use Git to authenticate with GitHub, you'll be prompted to enter your credentials to authenticate with GitHub, unless you cache them with a credential helper.

SSH

You can work with all repositories on GitHub over SSH, although firewalls and proxies might refuse to allow SSH connections.

If you authenticate with CLI de GitHub, the CLI will find SSH public keys on your machine and will prompt you to select one for upload. If CLI de GitHub does not find a SSH public key for upload, it can generate a new SSH public/private keypair and upload the public key to your account on GitHub.com. Then, you can either authenticate with a personal access token or via the web browser. For more information about authenticating with CLI de GitHub, see gh auth login.

If you authenticate without CLI de GitHub, you will need to generate an SSH public/private keypair on your local machine and add the public key to your account on GitHub.com. For more information, see "Generating a new SSH key and adding it to the ssh-agent." Every time you use Git to authenticate with GitHub, you'll be prompted to enter your SSH key passphrase, unless you've stored the key.

Authorizing for SAML single sign-on

To use a personal access token or SSH key to access resources owned by an organization that uses SAML single sign-on, you must also authorize the personal token or SSH key. For more information, see "Authorizing a personal access token for use with SAML single sign-on" or "Authorizing an SSH key for use with SAML single sign-on" in the Nube de GitHub Enterprise documentation.

GitHub's token formats

GitHub issues tokens that begin with a prefix to indicate the token's type.

Token typePrefixMore information
Personal access tokenghp_"Creating a personal access token"
OAuth access tokengho_"Authorizing OAuth Apps"
User-to-server token for a GitHub Appghu_"Identifying and authorizing users for GitHub Apps"
Server-to-server token for a GitHub Appghs_"Authenticating with GitHub Apps"
Refresh token for a GitHub Appghr_"Refreshing user-to-server access tokens"