You signed in with another tab or window.Reload to refresh your session.You signed out in another tab or window.Reload to refresh your session.You switched accounts on another tab or window.Reload to refresh your session.Dismiss alert
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.Learn more about bidirectional Unicode characters
description: "Generate, assign, and manage Git user tokens for GitOps Runtimes"
group: administration
sub_group: user-self-management
toc: true
---
As a user in Codefresh, you must authorize access to your Git provider accounts, and authenticate Git-based actions from Codefresh clients, per provisioned runtime.
The authorization method depends on the Git provider and on what authorization has been set up by your account admin.
* If your admin has set up authentication with OAuth2, you can authorize access using OAuth2.
* You can always generate a personal access token from your Git provider and then add the same to Codefresh to authorize access.
As a user in Codefresh, you must authorize access to your Git provider accounts, and authenticate Git-based actions from Codefresh clients, per provisioned GitOps Runtime. This is done through the Git user token, which is an access token unique to each user. For more details, including required scopes and how the Git user token differs from the Git Runtime token, see [Git tokens in Codefresh]({{site.baseurl}}/docs/reference/git-tokens/).
> If you have access to more than one runtime, you can use the same token for multiple runtimes.
You must however authorize access individually for each runtime.
The authorization mode depends on the authorization method set up by your account admin:
* OAuth2
If your admin has set up authentication with OAuth2, you can authorize access using OAuth2.
* Git user access token
You can always generate a Git user token from your Git provider and then add the same to the GitOps Runtime in Codefresh to authorize access.
{::nomarkdown}
</br>
{:/}
## Authorize Git access in Codefresh
Authorize Git access with OAuth2 if your account admin has set up Codefresh as an OAuth application, or alternatively through personal access tokens from your Git provider.
>Notes:
For OAuth2: The adminstrator pre-configures the permissions and expiry date. Once you supply your credentials for authorization, you are automatically directed to the Git Personal Tokens page.
## Authorize Git access to GitOps Runtimes
Authorize Git access to GitOps Runtimes with OAuth2 if your account admin has set up Codefresh as an OAuth application, or alternatively through Git user access tokens from your Git provider.
If you have access to more than one GitOps Runtime in the same or in different accounts, you can use the same Git user token for all the Runtimes you have access to. _You must however authorize access for each GitOps Runtime individually_.
>**NOTE**:
For OAuth2, the administrator pre-configures the permissions and expiry date. Once you supply your credentials for authorization, you are automatically directed to the Git Personal Tokens page.
**Before you begin**
Make sure you have:
Make sure you have:
* For Bitbucket only, your Bitbucket account username
* If needed, a_personal access token_ from your Git provider with the required scopes:
1. In the Codefresh UI, on the toolbar, click your avatar, and then select [**Git Personal Access Token**](https://g.codefresh.io/2.0/git-personal-access-token){:target="\_blank"}.
1. Select the runtime, and then do one of the following:
* To add a token, select **Add Token**.
* To update an existing token by replacing it with a new token, select **Update Token**.
1. For **OAuth2**:
> If the application is not registered, the button is disabled. Contact your admin for help.
* Click **Authorize Access to GitHub**.
* Enter your credentials, and select **Sign In**.
* Complete the verification if required, as when two-factor authentication is configured, for example.
<!---add new screenshot> -->
1. Select the GitOps Runtime to authenticate to, and then click **Add Token**.
1. Do as needed:
* For **OAuth2**:
1. Click **Authorize Access to GitHub**.
1. Enter your credentials, and select **Sign In**.
1. Complete the verification if required, as when two-factor authentication is configured, for example.
* For **Git user access tokens**:
1. Expand **Advanced authorization options**.
1. For Bitbucket, enter your **Bitbucket username**.
1. In the **Personal Access Token** field, paste the token you generated.
alt="Authorize access to GitOps Runtime with OAuth/Git user token"
caption="Authorize access to GitOps Runtime with OAuth/Git user token"
max-width="50%"
%}
For **Git personal access tokens**:
* Expand **Advanced authorization options**.
* For Bitbucket, enter your **Bitbucket username**.
* In the **Personal Access Token** field, paste the token you generated.
{:start="4"}
1. Click **Add Token**.
In the Git Personal Access Tokens list, you can see that the new token is assigned to the GitOps Runtime.
<!---add new screenshot> -->
## Manage Git user tokens for GitOps Runtimes
Once you authorize access to one or more GitOps Runtimes through OAuth or Git user tokens, the GitOps Runtimes and their associated tokens are listed in the Git Personal Access Tokens page.
**Manage Git user access tokens**
You can manage Git user tokens for any GitOps Runtime, without affecting the GitOps Runtime at the account-level. Deleting the Git user token for a GitOps Runtime will deny _you_ access to the Git repositories, Git Sources and other resources associated with that Runtime, while the Runtime itself is not affected.
{:start="4"}
1. Click **Add Token**.
In the Git Personal Access Tokens list, you can see that the new token is assigned to the runtime.
**Notifications for GitOps Runtimes**
If you have turned on notifications for GitOps Runtimes, Codefresh alerts you to GitOps Runtimes with invalid or expired Git personal access tokens.
You can turn off these notifications for selectively for Runtimes for which these alerts are less critical.
{::nomarkdown}
</br>
{:/}
**Before you begin**
Heve your Git user token handy
### Generate GitHub personal access tokens
**How to**
1. In the Codefresh UI, on the toolbar, click your avatar, and then select [**Git Personal Access Token**](https://g.codefresh.io/2.0/git-personal-access-token){:target="\_blank"}.
1. To replace/delete the Git user token for a Runtime, do one of the following:
* To replace, click **Add Token**, and then either click **Authorize Access to Git provider** for OAuth2, or paste your Git user token into the **Git Personal Access Token** field.
* To delete, click **Delete Token**. The token is deleted and the **Add Token** button is displayed next to the Runtime.
1. To turn off notifications, click the context menu at the right of the row with the Runtime and enable **Hide notifications**.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.Learn more about bidirectional Unicode characters
As a Codefresh user, you can manage several settingsin your personal account, including:
As a Codefresh user, you can manage several settingsand resources through your personal account, including:
* Email notifications for builds and build usage
* Select date and time formats for pipeline modules
* Get updates on weekly usage
* Grant account access to Codefresh support
* Grant access to private Git repositories
* Create and manage API keys
* Date and time formats for pipeline modules
* Updates on weekly usage
* Account access to Codefresh support
* API keys
> To manage Git personal access tokens for GitOps, see [Managing PATs]({{site.baseurl}}/docs/administration/user-self-management/manage-pats).
> To manage Gituserpersonal access tokens for GitOps, see [Managing Git PATs]({{site.baseurl}}/docs/administration/user-self-management/manage-pats).
## Access user settings
* In the Codefresh UI, on the toolbar, click the **Settings** icon and then select [**User Settings**](https://g.codefresh.io/user/settings){:target="\_blank"}.
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.