Published on

GitHub Authentication: Generating and Using Personal Access Tokens

4 min read

Authors
  • avatar
    Name
    Christopher Morales
    Twitter
    @
banner

Table of Contents

In this guide, we'll cover the process of generating a GitHub personal access token (PAT) and using it for secure authentication with Git. This method replaces the now-deprecated password authentication for Git operations over HTTPS.

What is a Personal Access Token?

A Personal Access Token (PAT) is a secure alternative to using a password for GitHub authentication. It provides fine-grained control over what the token can access and is more secure than using your GitHub password for tasks such as cloning repositories, pushing changes, and accessing APIs.

Step 1: Generating a Personal Access Token

Follow these steps to generate a personal access token:

  1. Log in to GitHub

    • Navigate to GitHub and log in to your account.

  2. Access Token Settings

    • Click on your profile picture in the top-right corner and select Settings.
    • In the left sidebar, click Developer settings > Personal access tokens > Tokens (classic).

  3. Create a New Token

    • Click on Generate new token (or Generate new token (classic) if using classic tokens).
    • Provide a descriptive name for the token (e.g., "Docker Pterodactyl Minecraft Server").

  4. Select Scopes

    • Choose the appropriate scopes for your use case. For basic Git operations, select:
      • repo: Full control of private repositories.
      • workflow: Access to GitHub Actions workflows (optional).
    • Scroll down and click Generate token.

  5. Copy the Token

    • Once generated, copy the token immediately as you won't be able to view it again. Store it securely (e.g., in a password manager).

  6. Generate a Token in the GitHub CLI (Optional)

    • If you prefer to use the GitHub CLI, run:
      gh auth login
    • Follow the prompts to authenticate and generate a token directly in your terminal.

Step 2: Using the Token for Authentication

Configuring Git to Use the Token (Option A)

  1. Replace HTTPS Password with Token

    • When performing Git operations (e.g., git clone, git push), GitHub will prompt for your username and password.
    • Use your GitHub username as the username.
    • Paste the personal access token as the password.

  2. Cache the Token Locally

    • To avoid entering the token repeatedly, configure Git to store credentials:
      git config --global credential.helper store

  3. Update Repository Remote URL (Optional)

    • Ensure your repository is set to use HTTPS:
      git remote set-url origin https://github.com/<username>/<repository>.git

Alternative Solution: Using SSH Keys (Option B)

If you prefer SSH-based authentication instead of personal access tokens, follow these steps to set up SSH keys:

  1. Generate an SSH Key

    • Run the following command in your terminal:
      ssh-keygen -t rsa -b 4096 -C "your_email@example.com"
    • Press Enter to accept the default file location (e.g., ~/.ssh/id_rsa).
    • (Optional) Set a passphrase for additional security.

  2. Add the SSH Key to GitHub

    • Copy the public key to your clipboard:
      cat ~/.ssh/id_rsa.pub
    • Log in to GitHub and navigate to Settings > SSH and GPG keys.
    • Click New SSH key, paste the key, and save.

  3. Test the Connection

    • Test your SSH key with GitHub:
      ssh -T git@github.com
    • You should see a success message.

  4. Update Repository Remote URL

    • Update your repository to use SSH:
      git remote set-url origin git@github.com:<username>/<repository>.git

Step 3: Securing and Managing Tokens

  1. Token Expiry

    • Set an expiration date for your token during creation for added security. Regenerate the token as needed.

  2. Revoking Tokens

    • If your token is compromised or no longer needed, revoke it from the Personal access tokens page in your GitHub settings.

  3. Storing Tokens

    • Use a secure method to store tokens, such as a password manager or environment variables.

    Example of storing the token as an environment variable:

    export GITHUB_TOKEN=<your_token>

  4. Using Environment Variables in Scripts

    • Reference the token in scripts:
      git clone https://$GITHUB_TOKEN@github.com/<username>/<repository>.git

Conclusion

Using a personal access token is a secure and effective way to authenticate with GitHub. Alternatively, SSH keys provide a robust option for managing secure connections. By following this guide, you'll be able to manage your repositories seamlessly while maintaining security.

For more details, visit the GitHub Documentation.

Discuss on TwitterView on GitHub
© 2025 Christopher Morales