Skip to content

Commit 420a8e6

Browse files
ajhallhiddeco
ajhall
authored and
hiddeco
committed
Add note about bearer token auth with Git servers
Clarify that some popular Git servers require the bearer token to be provided as basic auth credentials instead of in the Authorization header. Signed-off-by: Andy Hall <[email protected]>
1 parent fcc6ec3 commit 420a8e6

File tree

2 files changed

+16
-0
lines changed

2 files changed

+16
-0
lines changed

docs/spec/v1/gitrepositories.md

Lines changed: 8 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -139,6 +139,14 @@ To authenticate towards a Git repository over HTTPS using bearer token
139139
authentication (in other words: using a `Authorization: Bearer` header), the referenced
140140
Secret is expected to contain the token in `.data.bearerToken`.
141141

142+
**Note:** If you are looking to use OAuth tokens with popular servers (e.g.
143+
[GitHub](https://docs.github.com/en/rest/overview/authenticating-to-the-rest-api?apiVersion=2022-11-28#authenticating-with-a-token-generated-by-an-app),
144+
[Bitbucket](https://support.atlassian.com/bitbucket-cloud/docs/using-access-tokens/),
145+
[GitLab](https://docs.gitlab.com/ee/gitlab-basics/start-using-git.html#clone-using-a-token)),
146+
you should use basic access authentication instead. These servers use basic HTTP
147+
authentication, with the OAuth token as the password. Check the documentation of
148+
your Git server for details.
149+
142150
```yaml
143151
---
144152
apiVersion: v1

docs/spec/v1beta2/gitrepositories.md

Lines changed: 8 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -140,6 +140,14 @@ To authenticate towards a Git repository over HTTPS using bearer token
140140
authentication (in other words: using a `Authorization: Bearer` header), the referenced
141141
Secret is expected to contain the token in `.data.bearerToken`.
142142

143+
**Note:** If you are looking to use OAuth tokens with popular servers (e.g.
144+
[GitHub](https://docs.github.com/en/rest/overview/authenticating-to-the-rest-api?apiVersion=2022-11-28#authenticating-with-a-token-generated-by-an-app),
145+
[Bitbucket](https://support.atlassian.com/bitbucket-cloud/docs/using-access-tokens/),
146+
[GitLab](https://docs.gitlab.com/ee/gitlab-basics/start-using-git.html#clone-using-a-token)),
147+
you should use basic access authentication instead. These servers use basic HTTP
148+
authentication, with the OAuth token as the password. Check the documentation of
149+
your Git server for details.
150+
143151
```yaml
144152
---
145153
apiVersion: v1

0 commit comments

Comments
 (0)