I'm using GitCredentialManager as per this answer but I can't find a way on how to use multiple Personal Access Tokens (PAT).
I have
- a
Windows terminal
gist at https://gist.github.com/lkeersmaekers/4884d047b3b90ccd697a4d7ec21be49d - a
dotvim
repo at https://github.com/lkeersmaekers/dotvim
I created
- a PAT for the
Windows terminal
gist (Create gists scope) - a PAT for the
dotvim
repo (Access public repositories scope)
When pushing the Windows terminal
the gist a first time, git asks for a username/password(=PAT) as expected, the push succeeds and I can see the credential in Windows Credential Manager.
When pushing the dotvim
repo thereafter however uses that stored credential (PAT) from Windows terminal
and the dotvim
push fails.
I'm unsure at what is the best practice here.
- Instead of the two PAT's, I could create one PAT with enough access rights but that way, I'll probably end up with one PAT with all checkboxes checked which seems utterly wrong.
- I have no idea how to have two credentials in Windows Credential manager that would allow
git push
somehow to use the correct one.
CodePudding user response:
There are a couple different approaches you can take here. One is to create a single token with the gist
and repo
scopes and use that generally. That token does have access to all your repositories, but if you're using a credential helper, then it's stored in an encrypted way and it shouldn't be too risky.
Since you're actually using two different domains here (github.com
and gist.github.com
), you can use separate tokens without a problem. Tokens are stored scoped on the domain, so there's no conflict here. Just use each credential on its respective domain.
If you want to use different tokens for different repositories, you can do that by setting credential.usehttppath
to true. That can also be scoped to a particular URL pattern (including wildcards) such that you it only applies to GitHub (e.g., with git config --global credential.https://github.com/.usehttppath true
. Each repository will then have its own set of credentials, and you can store as many tokens as you like. If you have a lot of repositories, this will likely become inconvenient quickly, though.
Finally, if you just want to have different tokens for public and private access, you can do this for GitHub by taking advantage of the fact that GitHub ignores the username when you use a token. You can therefore clone public repositories by putting a public@
before the hostname (e.g., https://[email protected]/git/git.git) and then using
private@` for private repositories. Git's credential helpers will store separate credentials for these fake usernames and the respective token will be used.