Good day, there!
I'm simply curious as to what the best practices are for using app passwords.
Is it necessary to create app passwords for each repository we're working on?
Or, instead, you could use the same app password for all repositories?
Thank you very much!
Hi @claudio andres jara yañez and welcome to the community!
When you create an app password, you cannot set its scope to a specific repository only.
So, if you create an app password with permissions Repositories:Read and Repositories:Write, that app password can be used to access all repos that your account has access to.
Considering that, it may be easier to have a single app password for all repositories, than multiple ones.
Multiple app passwords would be useful if you need them for different scopes.
E.g. if you need an app password to trigger Pipelines from a script, you can create an app password with permissions for Pipelines only (instead of using an app password that has permissions for both Repositories and Pipelines).
Kind regards,
Theodora
Thank you for your answer.
Best Regards.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.