Blog-Icon_2_100x385

Introducing Habitat Personal Access Tokens

Salim Alam

By

What are Habitat tokens?

With a recent revision of the Habitat builder site, some brand new functionality has now become available for Habitat users.

Currently, when you are using the Habitat client for operations that require you to be authenticated as a Habitat user and/or origin owner or member, the way you can do this is by using a Github personal access token. However, the use of a Github token may have some downsides – for example, you may not want your token usage to count against any rate limits that Github might impose. Or you may have security practices that lock down the use of Github personal access tokens. There are additional downsides for the Habitat infrastructure as well – due to the way that Github apps work, it is also easier for the Habitat system to reach rate limits with Github as well.

We are now making available a Habitat-native version of a bearer token that can serve the same purpose. In addition to not having the downsides above, it is also a first step toward a path of greater flexibility for Habitat users. Over time, we expect to provide more choices in how you authenticate with Habitat, where you elect to keep your source control, and so on.

How to use Habitat Tokens

The Habitat Personal Access Token can be easily used as drop-in replacement for Github tokens in your Habitat client workflow.

Here’s how to use it:
1. Log into the Habitat Builder site
2. Click on your user icon on the top right of the page and select the Profile link
3. Once on the Profile page, you will see a section for Personal Access Tokens at the bottom of the page
4. Click on the Generate button to create a new token
5. Click on the small Copy icon to copy the token to your clipboard, and then save it to a secure location.

Token Generation

Once you have the token, you can then use it in exactly the same way as you use the Github access tokens with the Habitat client.
For example, you may choose to assign it to the HAB_AUTH_TOKEN environment variable:

export HAB_AUTH_TOKEN=

Now, you can test out that the token works by issuing an authenticated client command. For example, you can search for a private package by issuing a search command:

hab pkg search

That’s all there is to it!

Providing Feedback

We expect to phase out usage of the Github token in the not too distant future, so please try out the new Habitat tokens and let us know how they work for you. If you have any questions or feedback, drop a message in the Habitat Forum, or on our Slack channel, or even open an issue on the Builder repo

Posted in:

Salim Alam

Salim Alam is a Principal Software Engineer at Chef, and a technical lead on the Habitat team. His areas of focus include Habitat Builder, on-premises deployment, OAuth and identity, as well as cross-platform support for features such as certificate management. He has also worked across Chef on products such as Chef Client, Chef DK, and Chef Automate.

Categories

INTERNET US

Company
Using Chef
Legal
Connect with us
Contact Us

Chef is part of the Progress product portfolio. Progress is the leading provider of application development and digital experience technologies.

Copyright © 2024 Progress Software Corporation and/or its subsidiaries or affiliates. All Rights Reserved.

Progress, Telerik, Ipswitch, Chef, Kemp, Flowmon, MarkLogic, Semaphore and certain product names used herein are trademarks or registered trademarks of Progress Software Corporation and/or one of its subsidiaries or affiliates in the U.S. and/or other countries. See Trademarks for appropriate markings.

Do Not Sell or Share My Personal Information

Powered by Progress Sitefinity