Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
Generate a GitHub Personal Access Token for Private Composer Packages

Generate a GitHub Personal Access Token for Private Composer Packages

If you're trying to load a private repository with Composer/Laravel, we'll need to generate a GitHub Personal Access Token (similar to OAuth token) to access the repository during a composer install without entering credentials.

If you have used other Github packages from {my-org} before, you may be able to skip this step.

  1. Visit https://github.com/settings/tokens.

  2. Click Generate new token.

     Token Description: (your computer name)
     Scopes:
         [X] repo
             [X] repo:status
             [X] repo_deployment
             [X] public_repo
             [X] repo:invite
    
  3. Click Generate token.

  4. Copy the generated string to a safe place, such as a password safe.

  5. Open Terminal and add the github token. Note: The file may be empty.

     #  nano ~/.composer/auth.json
    
     {
         "github-oauth": {
             "github.com": "abc123def456ghi7890jkl987mno654pqr321stu"
         }
     }
    
  6. Test if the authentication is working by doing a clone.

     cd ~/Sites/
     git clone https://github.com/my-org/my-private-repo
     (You should not be prompted for credentials)
    
@MikeiLL
Copy link

MikeiLL commented Apr 10, 2018

Thanks for this, man.

@alcohol
Copy link

alcohol commented Jun 4, 2018

Nice, feel free to submit a PR to our documentation through https://github.com/composer/composer/edit/master/doc/articles/troubleshooting.md

I would suggest putting it right after the entry that already talks about the oauth token "API rate limit and OAuth tokens" :-)

@marcelofabianov
Copy link

marcelofabianov commented Sep 26, 2018

Thanks.

@Potherca
Copy link

Potherca commented Jun 5, 2021

Rather than editing the config file, I prefer using:

composer config -g github-oauth.github.com abc123def456ghi7890jkl987mno654pqr321stu

It might also be worth noting that, for GitHub Actions or other build environments, one can set an environment variable:

        COMPOSER_AUTH: '{"github-oauth": {"github.com": "abc123def456ghi7890jkl987mno654pqr321stu"}}'

@adampatterson
Copy link

adampatterson commented Jan 12, 2022

Curious why you are testing by doing a Git Pull?

For example, my Git checkouts work fine, but my composer update via Public and Private reposity stopped working ( I think my token expired ).

I ran composer config --global --auth github-oauth.github.com ghp_xxxxxxxx which saved to my auth.json file but I am still getting errors.

    "github-oauth": {
        "github.com": "ghp_xxxxxxxx"
    },

Is there a cache or something that I should clear?

git@ uses the oAuth while https:// uses basic auth with a username and token for the password.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment