Add HTTPS + PATs in advanced SSH section #934
Conversation
Aariq
changed the title
|
btw, this is in response to this comment: #895 (comment) |
| @@ -214,7 +264,9 @@ git config --global --unset credential.helper | |||
| FIXME: Windows 10: Credential Manager | |||
| FIXME: remove git credential. | |||
There was a problem hiding this comment.
I wasn't exactly sure what the existing notes meant, so I just left them for now. Happy to delete or flesh out if someone can provide a little more detail
|
@Aariq Thanks for expanding this episode. I have a couple of questions re the use of PATs. When GitHub first required the increased security, I could only find the term "Personal Access Token" in relation to Microsoft products (GitHub, Azure, Microsoft, but mostly GitHub). Now, the terminology seems to have migrated to other git/version control/cloud collaboration services (Atlassian, GitLab, and some smaller providers). Have you seen PATs in widespread use? Are their implementation in other services the same as in GitHub? Thanks! |
|
I have not seen the term "Personal Access Token" / PAT in widespread use, but the concept and terminology is closely related to other kinds of access tokens that are widely used for authentication via HTTPS—e.g. API tokens, bearer tokens, etc. To be honest, it's not clear to me how exactly PATs differ from any other kind of access token. From a user standpoint, they seem to function about the same and the skills gained by learning to use GitHub PATs are very transferrable, IMO. Even if "Personal Access Tokens" are not commonly used, the use of access tokens to authenticate via HTTPS is quite common (e.g. for some data APIs) and is a useful skill for researchers. |
|
GitLab appears to have many more types of tokens including Personal Access Tokens, Group Access Tokens, Project Access Tokens, etc. But it doesn't actually look like they are used for authenticating with git. Bitbucket appears to use PATs the same way as GitHub—you can use them when prompted for a password by git |
|
@Aariq What do you think about changing the
? |
|
Yeah, that makes sense to me. How's this look now? |
Looks good. Thanks! |
I fleshed out the section on HTTPS and PATs a bit. Something I didn't do that would probably be nice is add screenshots from GitHub. I could add some, but I thought it would be better for continuity if they matched the user and repo name from earlier in the lesson. I changed the bit about PATs being unique to GitHub in the beginning because they aren't. Bitbucket also has an option to use HTTPS + PAT and you'll find plenty of other non-git services that use PATs for authentication. Hopefully I've explained that succinctly in the language I added.