Git-Credential-Manager-for-Windows
Git-Credential-Manager-for-Windows copied to clipboard
microsoft
How to store credentials for two different github accounts?
I have 2 github accounts (work & personal) for which I want to store credentials (username + password) in my Windows 10 (in secure way).
git config --global credential.helper manager command sets only single username & password which conflicts between personal repo and work repo in my machine. Both repo are cloned using HTTPS.
I want to store and access more than one credentials (username+password) in a machine. Is it possible?
I know SSH is an option but I would like to know the way for HTTPS clone.
I had also asked this on SO but didn't get proper response. how-to-store-credentials-locally-per-repo
Does useHttpPath help you?
git config --global credential.github.com.useHttpPath true
You'll end up with a login for each repo in GitHub (not each username), but at least you won't have conflicts.
my expectation is to remember both usernames and password in a secure way. if I use useHttpPath I'm being asked for a password each time.
@gouravsamsung the credential.useHttpPath is the "correct" way. Another option for GitHub and Bitbucket authorities is to prefix the URL with a username.
Example:
https://[email protected] and https://[email protected] should be seen as different accounts by the GCM. You will have to remember, however, to ensure that your repository remote's URL in the expected format: {protocol}://{username}@github.com/{repo}.
For example, when I use the "Clone with HTTPS" button on this repository, GitHub places https://github.com/Microsoft/Git-Credential-Manager-for-Windows.git on my clip board. If I want to use an alternate account, I would need to modify that to include my user alias ala https://[email protected]/Microsoft/Git-Credential-Manager-for-Windows.git.
@gistofj I must have misunderstood #363. I thought what you said above only worked in Bitbucket.
@gistofj I must have misunderstood #363. I thought what you said above only worked in Bitbucket.
I may have been too vague, my apologies. The username@ should always work with Bitbucket, in-fact it is basically required by them. The username@ should work with GitHub, because there's no reason it should not - but there is also no guarantee (unless @shiftkey or @Haacked wants to make one 😉). Unfortunately, this isn't something Azure DevOps can support at the moment as they've cooped the username@ as a proxy for account@ information.
The username@ should work with GitHub, because there's no reason it should not - but there is also no guarantee (unless @shiftkey or @Haacked wants to make one 😉).
Yeah, this should work fine (I've seen usage of this in the wild and I don't think we'd break the HTTP world in that way).
adding username at git repo does work but only for storing username, i still need to input the password each time. As I mentioned before I want to store both username and password so that github won't prompt me for this. thanks.
@JerryGoyal the GCM does store the username + password... I mean, that's really all it does. Is your system configured correctly?
Can you share the output of git config --list --show-origin ?
@gistofj sorry for late reply. here's the output:
C:\Users\gourav.goyal>git config --list --show-origin
file:"C:\\ProgramData/Git/config" core.symlinks=false
file:"C:\\ProgramData/Git/config" core.autocrlf=true
file:"C:\\ProgramData/Git/config" core.fscache=true
file:"C:\\ProgramData/Git/config" color.diff=auto
file:"C:\\ProgramData/Git/config" color.status=auto
file:"C:\\ProgramData/Git/config" color.branch=auto
file:"C:\\ProgramData/Git/config" color.interactive=true
file:"C:\\ProgramData/Git/config" help.format=html
file:"C:\\ProgramData/Git/config" rebase.autosquash=true
file:C:/Program Files/Git/mingw64/etc/gitconfig http.sslcainfo=C:/Program Files/Git/mingw64/ssl/certs/ca-bundle.crt
file:C:/Program Files/Git/mingw64/etc/gitconfig http.sslbackend=openssl
file:C:/Program Files/Git/mingw64/etc/gitconfig diff.astextplain.textconv=astextplain
file:C:/Program Files/Git/mingw64/etc/gitconfig filter.lfs.clean=git-lfs clean -- %f
file:C:/Program Files/Git/mingw64/etc/gitconfig filter.lfs.smudge=git-lfs smudge -- %f
file:C:/Program Files/Git/mingw64/etc/gitconfig filter.lfs.process=git-lfs filter-process
file:C:/Program Files/Git/mingw64/etc/gitconfig filter.lfs.required=true
file:C:/Program Files/Git/mingw64/etc/gitconfig core.editor='C:\Program Files (x86)\Notepad++\notepad++.exe' -multiInst -notabbar -nosession -noPlugin
file:C:/Users/gourav.goyal/.gitconfig user.name=gouravsamsung
file:C:/Users/gourav.goyal/.gitconfig [email protected]
file:C:/Users/gourav.goyal/.gitconfig credential.github.com.usehttppath=true
I have tried that:
-
[email protected]/repodoesn't seem to work -
git config credential.github.com.username usernamedoesn't seem to work -
git config credential.useHttpPath truedoes work, but it uses the entire repository as key, so it's annoying if you have multiple repositories under one account.
git config credential.useHttpPath true does not work for me.
git config credentials.github.com.useHttpPath returns true
I have credentials already stored for an existing company repository. Those credentials are for a github repository for which 2FA is enabled. The Windows Credential Manager has an entry of the form
git:https://github.com
UserName: PersonalAccessToken
Password: *******
If I now clone another github repo from my personal account when I attempt to push a change to that account using my personal account I don't get prompted for a password, Git instead tries to use the already stored credentials, which fails.
Either this just doesn't work, or there is some additional aspect to the configuration required that is not being made clear.
Even if I edit the PersonalAccessToken so that Username is set to the different user names used by each of the GitHub accounts I'm trying to manipulate it still doesn't work. The only way I can do anything with each account is to delete the PersonalAccessToken each time, which of course completely defeats the point.
Preceding the repo url with the username e.g. https://[email protected]/etc/etc also does not help.
@Neutrino-Sunset, please confirm what version of GCM you are on.
An easy way to find this is to set "GCM_TRACE' and do a "git fetch".
I've installed Git for Windows 2.22.0 from https://gitforwindows.org/ with the option to enable the Git Credential Manager For Windows selected. I've just reinstalled it to make sure I have that option selected. If I run git config credential.helper it returns manager.
But I don't see anything in the install directory that's obviously related to the GCM (not that I have any idea what to look for) and if I run set GCM_TRACE=1 and git fetch I don't see any output at all.
please confirm what version of GCM you are on.
An easy way to find this is to set "GCM_TRACE' and do a "git fetch".
Or run git credential-manager version.
$ git credential-manager version Git Credential Manager for Windows version 1.19.0
Thanks @Neutrino-Sunset, this is working for me so let's see if we can find the issue.
Setting GCM_TRACE=1 should output the credential manager log. If you are going against a public repository you will have to issue a command that needs authentication. A 'push' should do this.
Can you please
- go to the directory with your personal repository
- Verify that if you run "git config credential.useHttpPath" in that directory you get "true"
- Ensure GCM_TRACE=1
- Do a "git push"
If you post the results from the log (pls redact any personal info) I'm happy to look.
What I would expect to see is a line saying [CreateAuthentication] detecting authority type for 'https://github.com/your_path'. and not [CreateAuthentication] detecting authority type for 'https://github.com'.
I followed your steps, but before I did so I deleted the GitHub personal access token from the Windows Credential Manager. I found no useful log in the log directory but when I performed a push this got output to the console.
16:36:30.844950 ...\Common.cs:744 trace: [Main] git-credential-manager (v1.19.0) 'get'
16:36:30.902795 ...\Git\Where.cs:348 trace: [FindGitInstallations] found 1 Git installation(s).
16:36:30.907782 ...Configuration.cs:222 trace: [LoadGitConfiguration] git All config read, 32 entries.
16:36:30.910803 ...\Common.cs:505 trace: [LoadOperationArguments] writeLog = 'True'.
16:36:30.910803 ...\Common.cs:543 trace: [LoadOperationArguments] useHttpPath = ''.
16:36:30.912775 ...\Common.cs:318 trace: [EnableTraceLogging] trace logging enabled.
16:36:30.912775 ...\Common.cs:323 trace: [EnableTraceLogging] git local config found at 'C:\Home\Development\Workspaces\Scratch\GitPlayground\GitHubTesting1\.git\config'.
16:36:30.914796 ...\Common.cs:378 trace: [EnableTraceLoggingFile] trace log destination is 'C:\Home\Development\Workspaces\Scratch\GitPlayground\GitHubTesting1\.git'.
16:36:31.003558 ...\Common.cs:85 trace: [CreateAuthentication] detecting authority type for 'https://[email protected]/Neutrino-Sunset/GitHubTesting1.git'.
16:36:31.022476 ...uthentication.cs:151 trace: [GetAuthentication] created GitHub authentication for 'https://[email protected]/Neutrino-Sunset/GitHubTesting1.git'.
16:36:31.024471 ...\Common.cs:176 trace: [CreateAuthentication] authority for 'https://[email protected]/Neutrino-Sunset/GitHubTesting1.git' is GitHub.
16:36:31.025468 ...\Common.cs:765 trace: [QueryCredentials] querying 'GitHub' for credentials.
16:36:31.065396 ...icationPrompts.cs:50 trace: [CredentialModalPrompt] prompting user for credentials for 'https://[email protected]/Neutrino-Sunset/GitHubTesting1.git'.
16:36:48.099861 ...\Authority.cs:101 trace: [AcquireToken] server responded with Created.
16:36:48.101853 ...\Authority.cs:125 trace: [AcquireToken] authentication success: new personal access token for 'https://[email protected]/Neutrino-Sunset/GitHubTesting1.git' created.
16:36:48.103848 ...uthentication.cs:201 trace: [InteractiveLogon] token acquisition for 'https://[email protected]/Neutrino-Sunset/GitHubTesting1.git' succeeded
16:36:48.475150 ...\Authority.cs:200 trace: [ValidateCredentials] credential validation for 'https://[email protected]/Neutrino-Sunset/GitHubTesting1.git' succeeded.
16:36:48.475150 ...\Common.cs:873 trace: [QueryCredentials] credentials for 'https://[email protected]/Neutrino-Sunset/GitHubTesting1.git' found.
16:36:48.477146 ...\Common.cs:709 trace: [LogEvent] GitHub credentials for 'https://[email protected]/Neutrino-Sunset/GitHubTesting1.git' successfully retrieved.
16:36:49.656063 ...\Common.cs:744 trace: [Main] git-credential-manager (v1.19.0) 'store'
16:36:49.724878 ...\Git\Where.cs:348 trace: [FindGitInstallations] found 1 Git installation(s).
16:36:49.729865 ...Configuration.cs:222 trace: [LoadGitConfiguration] git All config read, 32 entries.
16:36:49.732857 ...\Common.cs:505 trace: [LoadOperationArguments] writeLog = 'True'.
16:36:49.733855 ...\Common.cs:543 trace: [LoadOperationArguments] useHttpPath = ''.
16:36:49.734851 ...\Common.cs:318 trace: [EnableTraceLogging] trace logging enabled.
16:36:49.735849 ...\Common.cs:323 trace: [EnableTraceLogging] git local config found at 'C:\Home\Development\Workspaces\Scratch\GitPlayground\GitHubTesting1\.git\config'.
16:36:49.736846 ...\Common.cs:378 trace: [EnableTraceLoggingFile] trace log destination is 'C:\Home\Development\Workspaces\Scratch\GitPlayground\GitHubTesting1\.git'.
16:36:49.799708 ...\Common.cs:85 trace: [CreateAuthentication] detecting authority type for 'https://[email protected]/Neutrino-Sunset/GitHubTesting1.git'.
16:36:49.819625 ...uthentication.cs:151 trace: [GetAuthentication] created GitHub authentication for 'https://[email protected]/Neutrino-Sunset/GitHubTesting1.git'.
16:36:49.820623 ...\Common.cs:176 trace: [CreateAuthentication] authority for 'https://[email protected]/Neutrino-Sunset/GitHubTesting1.git' is GitHub.
16:36:49.821619 ...\Program.cs:526 trace: [Store] storing GitHub credentials for 'https://[email protected]/Neutrino-Sunset/GitHubTesting1.git'.
Enumerating objects: 5, done.
Counting objects: 100% (5/5), done.
Delta compression using up to 8 threads
Compressing objects: 100% (2/2), done.
Writing objects: 100% (3/3), 282 bytes | 282.00 KiB/s, done.
Total 3 (delta 1), reused 0 (delta 0)
remote: Resolving deltas: 100% (1/1), completed with 1 local object.
To https://github.com/Neutrino-Sunset/GitHubTesting1.git
f1759d9..4825578 master -> master
This resulted in the creation of a personal token in the Windows Cedential Manager that contained the full repository path.
After this I did the same process in my company repository and it did the same thing. So it seems to be working now.
I'm not sure what I've done differently to get this working. Possibly deleting the personal access token first. I seem to recall that last time I set the useHttpPath I used for form credential.github.com.useHttpPath, I'm not sure whether that would have a bearing, or perhaps I simply failed to set that configuration globally or in both repositories.
Anyway, it's working now so thanks very much for the help.
I faced the same problem as mentioned in the original post – I'm glad that credential.useHttpPath seems to work. But as noted above too, having a token per repository is too fine-grained in many cases and becomes annoying when dealing with multiple repositories.
Instead, I would expect that even with credential.useHttpPath = false the credential manager should use the user name if present in the path. For instance, for URL https://[email protected]/group/repo.git, it should create and use the token with the name git:https://[email protected] and the UI could even pre-fill the user name in the login window before creating the token.
I may remember it wrong, but didn't it work in that way before? I can see in my credential store some older tokens in the git:https://[email protected] form, but it does not work in that way anymore.
This may help:
set GCM_NAMESPACE=git-account2
git clone https://github.com/account/repo.git
cd repo
git config credential.namespace git-account2
To enable trace in gitbash I had to do export GCM_TRACE=1. Just setting it will not work, it has to be exported. Might be helpful to future googlers.
This works for me: git config credential.authority Basic
Features like 2FA have been disabled, but it seems to save credentials for each user anyway!
GCM seems to save as git:https://github.com (not git:https://[email protected]) in the case of github.com. So, it seems to work like others when disabling the authority to automatically detect hosts to provide special features
