Next: , Up: GitHub API Authentication   [Index]

1.1.1 GitHub API Authentication—Introduction

This is the first post of a series about different Authentication strategies for GitHub’s APIs. Strategies to be discussed:

  1. Personal Access Tokens
  2. GitHub Actions
  3. Username and Password (basic)
  4. OAuth
  5. WebHooks
  6. GitHub Apps
  7. CLI

One reason to send authenticated requests is to increase the rate limit imposed by GitHub. Unauthenticated requests are limited to 60 per hour, and are based upon IP address. Authenticated requests are limited to 5000 per hour.

Sending an anonymous request responds with ‘X-RateLimit-*’ headers stating that less than 60 more requests can be sent until the rate limit is reset.