Skip to content

Token authentication required for API operations

As previously announced, no longer accepts account passwords when authenticating with the REST API and now requires the use of token-based authentication (e.g., a personal access, OAuth, or GitHub App installation token) for all authenticated API operations on

For developers, if you were previously using a password to authenticate against the GitHub API, you must begin using a personal access token instead. If you receive a warning that you are using an outdated third-party integration, you should update your client to the latest version. This includes Visual Studio, Git for Windows and GitHub for Visual Studio.

For integrators, you must authenticate integrations using the web or device authorization flows. Existing personal access tokens generated with a username and password via the legacy authorizations API will continue to work. For more information, see “Authorizing OAuth Apps” and the announcement on the developer blog.

Unwatch recommendations

GitHub will recommend you unwatch repositories that you are no longer interacting with. You will see these recommendations when:

When you dismiss recommendations we will not show you another recommendation for thirty days.

Screen shot of web notifications showing a recommendation

View your recommendations at

See more