Where is github authentication token stored on Windows?

Question

If I run a command similar to the following on a private repository:

git ls-remote https://github.com/org/repo.git

I'm getting this following prompt.

I'm using https://gitforwindows.org and looking at the Process Explorer, it appears that the executable that produces this window is \mingw64\libexec\git-core\git-credential-manager.exe relative to Git for Windows installation folder.

When I put in my credentials, I'm getting an email from Github, saying that a new authentication token is created.

Where is this token stored on my PC? When I repeat the command above I'm no longer getting the prompt - as long as I do not revoke the token on the github web site.

Answer 1

By default, Git will use the Windows Credential Manager for storing and retrieving Git credentials via Github for Windows desktop.

Credential Manager lets you view and delete your saved credentials for signing in to websites, connected applications, and networks.

To open Credential Manager, type credential manager in the search box on the taskbar and select Credential Manager Control panel. Select Web Credentials or Windows Credentials to access the credentials you want to manage.

You will find the GitHub - https://api.github.com/{username} entry on the Windows Credentials tab.

Answer 2

Mike Mackintosh is right. Here is how you can access the token.

Install-Module CredentialManager -Scope AllUsers -Force

Change flags on the above command to your liking. Then:

Get-StoredCredential -AsCredentialObject | %{$_} `
  | ?{ $_.targetName -like "*github.com*"} `
  | sort LastWritten `
  | select LastWritten,Targetname,Password

This will get you the list of tokens you may have created. Use Get-Command -Module CredentialManager to list all avialble commands on the module, you can use to manipulate the credentials store.