git pull with access token, git push with username / password
You already know that every remote stores a URL: origin
literally means https://<username>:<AccessToken>@<domain>/<owner>/<reponame>.git/
.
What you didn't know is that every remote actually stores two URLs. One is used for git fetch
, and the second one is used for push
. The second URL defaults to being the same as the first URL, but if you set it, you can set it to anything else, such as the URL without the access token. To set the second URL, you can use git remote set-url --push
:
git remote set-url --push origin <url>
If you're like me, you might want to know about git config --edit
as well, which will open the configuration file (typically just .git/config
) in the same editor you're having Git use for everything else, where you can just edit it directly. But git remote
is the tool designed for fiddling with the settings attached to each remote-name.
zweiund40
Updated on July 18, 2022Comments
-
zweiund40 almost 2 years
I've got a problem with git push. Here are many threads regarding this issue, but none of them fit to my problem.
The company I work for, has it's own gitlab. Policy is only https, no ssh is allowed. For cloning and pulling, an access token is required. Pushing only with username/password. Don't ask me about the underlaying reason. Unfortunately I don't know it.
Error message is:
$ git push fatal: unable to access 'https://<username>:<AccessToken>@<domain>/<owner>/<reponame>.git/': The requested URL returned error: 403
At least I alread was able to clone a repo, but I'm failing to push the changed content respectively. Ubuntu 18.04 is running on my laptop. What do I need to do to solve my issue?
-
evolutionxbox over 5 yearsWhat's failing? Is there an error?
-
zweiund40 over 5 yearsSorry. Forgot to post the error message. But it's relatively unexciting. It only shows that for pushing the same credentials are used as for pulling. And that's the thing I want to change.
-
evolutionxbox over 5 yearsCan you contact your system administrator?
-
zweiund40 over 5 yearsSigh. They are not really responsive today. I mean, it's Friday afternoon. And another colleague just claimed that it is working with his setup. He just wrote pushing only with user/pw or 2-way factor authentication (which I personally don't want to use) when it is set in the user config. But that's all. No further help.
-
zweiund40 over 5 yearsAnd that's the question. How to set it in the user config for pushing in a way that pulling still is possible using username and access token. I have no idea.
-
evolutionxbox over 5 yearsApparently you access git with this url:
https://oauth2:[email protected]/project_name/project_name.git
(found here). -
zweiund40 over 5 yearsErr ... Yes, I know that. I need to know how to differentiate the url. First "access" is pull with username and access token. Second "access" is push, but that has to be a different url. It needs to be build with username and password.
-
evolutionxbox over 5 yearsWhat do you mean by second access?
-
zweiund40 over 5 yearsI mean push. Pushing is different from pulling
-
evolutionxbox over 5 yearsI understand they’re different. You called it second access. I’ve never heard it referred to like that.
-
-
evolutionxbox over 5 yearsSurely if pull access is required via a PAT, then why wouldn’t push?
-
torek over 5 years@evolutionxbox: I have no idea why an IT department would think this ("only access token to read, only username+password = different and partly cleartext access token to write") makes sense, but if there's a need for asymmetry between fetch and push, there are the two URLs.
-
user6096790 over 2 yearsThank you! git config -edit made it all clearer to me and I was able to directly adjust the url to use the new token as you have outlined. I can now get back to work thanks to you!