Brownout Notice: API Authentication via Query Parameters, and the OAuth Applications API for 12 hours
Brownout Notice: API Authentication via Query Parameters, and the OAuth Applications API for 12 hours
GitHub Blog Search
Brownout Notice: API Authentication via Query Parameters, and the OAuth Applications API for 12 hours
Sunsetting API Authentication via Query Parameters, and the OAuth Applications API
We're excited to share a deep dive into how our new authentication token formats are built and how these improvements are keeping your tokens more secure. As we continue to…
Authentication token format updates are generally available
In July 2020, we announced our intent to require the use of token-based authentication (for example, a personal access, OAuth, or GitHub App installation token) for all authenticated Git operations.…
As previously announced, beginning November 13th, 2020, we will no longer accept account passwords when authenticating with the REST API and will require the use of token-based authentication (e.g., a…
Authentication is a critical component to your daily development. When working in open source, you need to prove that you have rights to update a branch with git push. Additionally…
GitHub now supports the WebAuthn standard for authentication. A broad array of security keys can be used across most major browsers (Apple will add support in Fall 2019). The following…
The WebAuthn standard for security keys is making authentication as easy as possible. Now you can use security keys for second-factor authentication on GitHub with many more browsers and devices.
GitHub Enterprise accounts can now use their own SSH certificate authority to issue SSH certificates to organization members that grant access to organization-owned repositories via Git. SSH certificate authorities can…
Enterprise and organization admins can now register their SSH certificate authorities with GitHub, helping their team access repositories over Git using SSH certificates.
You can no longer use password-based HTTP basic authentication for the few endpoints on GitHub.com that previously supported it. The affected endpoints include Atom feeds, a legacy repository archive endpoint,…
May 5, 2021 update: The limited edition U2F Security Keys described in this post are no longer available. To help users better secure their accounts, we are expanding GitHub's authentication…
In addition to seeing your browser session activity, you can now view activity for your SSH keys and OAuth tokens as well. SSH key activity Find the most recent activity…
Today we're adding two-factor authentication to GitHub. When you enable this feature, it adds an additional layer of security to your account. When logging in to GitHub, after providing your…
We've just added site-wide token based authentication. You can find your API token in your account page, front and center. Simply pass login and token to any URL which requires…
We’ve dramatically increased 2FA adoption on GitHub as part of our responsibility to make the software ecosystem more secure. Read on to learn how we secured millions of developers and why we’re urging more organizations to join us in these efforts.
Logging SAML SSO and SCIM identity data in audit log events is generally available
[Public Beta] Bring Your Own Identity Provider to Enterprise Managed Users