gitbutler icon indicating copy to clipboard operation
gitbutler copied to clipboard
verified publisher icon gitbutlerapp

Support for Personal Access Tokens (PAT) as Alternative to OAuth

Open rooty0 opened this issue 8 months ago • 3 comments

I'm really excited about using GitButler, but I've run into a challenge that might affect broader adoption in enterprise environments. My company has strict security policies and does not allow granting OAuth access to clients or tools that aren't on the approved whitelist. As a result, I'm unable to authorize GitButler to interact with our GitHub organization using OAuth.

They've advised that the only viable workaround would be to use a Personal Access Token (PAT) instead. I was wondering if there are any plans to support PAT authentication in the future?

This feels like a significant blocker - not just for me, but potentially for many others working in regulated or strict corporate environments. I believe support for PATs would open the door for wider adoption and make GitButler much more accessible in enterprise settings.

Thanks for considering it

rooty0 avatar Apr 22 '25 22:04 rooty0

Thanks a lot for the suggestion!

To me it seems there should be nothing in the way of supporting PATs as ultimately they should be nothing more than a secret to keep in the keychain and to send along with requests to the forge.

The bulk of the work probably goes into the UI to allow storing them (and do so safely).

Related issue

  • https://github.com/gitbutlerapp/gitbutler/issues/2850#issuecomment-2708250111

Byron avatar Apr 23 '25 10:04 Byron

Yeah this is exactly what I'm doing. I did the oauth flow to generate a config then I went and swapped in my PAT from gh cli in the MacOS keychain:

Image

r4vi avatar Apr 30 '25 09:04 r4vi

That's awesome, thanks for sharing that simply using a different secret will actually work!

All GitButler would have to do is to add support either by means of a flow (if possible) or by adding documentation. This could be as simple as allowing users to paste their own secrets using the UI, which then sets it in the right place in the keychain.

Byron avatar May 02 '25 05:05 Byron

i was able to follow the suggestion from @r4vi

steps i took were

  1. create a PAT following these directions, shortcut: https://github.com/settings/tokens
  2. open mac keychain, find com.gitbutler.app-github_access_token - it should exist and have a token that starts with gho_, update it to the PAT from step 1 which should start with ghp_ and save it

schpet avatar Sep 17 '25 03:09 schpet