Try GitHub Copilot CLIAttend GitHub Universe
Back to changelog
Improvement

November 13, 20201 Minute Read

Token authentication required for API operations

As previously announced, GitHub.com no longer accepts account passwords when authenticating with the REST API and now requires the use of token-based authentication (e.g., a personal access, OAuth, or GitHub App installation token) for all authenticated API operations on GitHub.com.

For developers, if you were previously using a password to authenticate against the GitHub API, you must begin using a personal access token instead. If you receive a warning that you are using an outdated third-party integration, you should update your client to the latest version. This includes Visual Studio, Git for Windows and GitHub for Visual Studio.

For integrators, you must authenticate integrations using the web or device authorization flows. Existing personal access tokens generated with a username and password via the legacy authorizations API will continue to work. For more information, see “Authorizing OAuth Apps” and the announcement on the developer blog.

Subscribe to our developer newsletter

Discover tips, technical guides, and best practices in our biweekly newsletter just for devs.

By submitting, I agree to let GitHub and its affiliates use my information for personalized communications, targeted advertising, and campaign effectiveness. See the GitHub Privacy Statement for more details.

Token authentication required for API operations - GitHub Changelog