>[!quote] In a Nutshell >A **Personal Access Token (PAT)** is a secure alternative to passwords for authenticating to [[- Git Version Control System -|Git]] services like **GitHub, GitLab, and Bitbucket**. It provides **scoped access** to your repositories and can be used with the **command line, APIs, and third-party tools** instead of using a password. --- >[!brainwaves] Why ? >- **Security**: Unlike passwords, tokens can have **limited permissions** (read-only, repo access, etc.), reducing risk. >- **Required for HTTPS Authentication**: GitHub **no longer allows password authentication**, so PATs are required for command-line Git operations. >- **Revocable & Expirable**: You can **revoke** a token anytime without affecting your main account password. --- #### **How to Use a Personal Access Token (PAT)** ... ##### ... for Git Authentication When pushing to a remote repository via **HTTPS**, you’ll use the token instead of your password: ```bash git clone https://github.com/your-username/your-repo.git ``` When prompted for a password, enter the **Personal Access Token** instead. Alternatively, you can store it securely using a credential manager: ```bash git config --global credential.helper cache --timeout=3600 # Cache for 1 hour ``` ##### ... for API Calls If you're making API requests, use the PAT in the `Authorization` header: ```bash curl -H "Authorization: token YOUR_PERSONAL_ACCESS_TOKEN" \ https://api.github.com/user ``` --- #### **How to Create a Personal Access Token (PAT) in GitHub** - Go to **GitHub** → Click your profile picture → Select **"Settings"**. - Scroll down and click **"<> Developer Settings"**. - Select **"Personal Access Tokens"** → Click **"Tokens (classic)"** or **"Fine-grained tokens"**. - Click **"Generate new token"**. - Choose between: - **Classic Token** (Broad access, recommended for general use) - **Fine-Grained Token** (More granular permissions, recommended for security-conscious use) - Choose an expiration date to limit token lifetime. - Select scopes based on your needs: - `repo` → Full repository access - `read:org` → Read organization details - `workflow` → Access GitHub Actions - `admin:repo_hook` → Manage webhooks - `gist` → Access gists - Click **"Generate token"**. - **Copy** the token immediately (you won’t see it again). d_HXVsUTDnUGb-zm8dyb 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 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