git-credential

Display credential information, retrieving the username and password from configuration files

$ echo "[url=http://example.com]" | git credential fill

$ echo "[url=http://example.com]" | git credential approve

$ echo "[url=http://example.com]" | git credential reject

git credential [options] fill|approve|reject

fill
    Read partial credential info (protocol, host, etc.) from stdin; output full info including password via helpers

approve
    Read full credential from stdin; store it using helpers (formerly 'store')

reject
    Read credential identifier from stdin; erase matching entry from helpers (formerly 'erase')

--file=<file>
    Read input from and write output to <file> instead of stdin/stdout (for testing)

The git credential command is a low-level Git plumbing tool that facilitates interaction with credential storage helpers. Git invokes it automatically during operations requiring authentication, such as HTTPS pushes or pulls to remote repositories needing usernames and passwords (or tokens).

The command supports three main operations via a simple text-based protocol over stdin/stdout: fill retrieves missing credential fields (like password) using configured helpers; approve instructs helpers to store provided credentials for future reuse; and reject (formerly erase) removes stored credentials.

Helpers like store (plaintext file), cache (in-memory), osxkeychain, wincred, or libsecret implement backends, configured via git config credential.helper. Direct use is primarily for testing or scripting, as credentials pass in plaintext through pipes, demanding secure environments.

This subsystem enhances usability by avoiding repeated prompts while delegating security to OS keyrings or encrypted stores where possible.

Plumbing command for internal Git use; direct invocation exposes plaintext credentials in process lists/pipes. Always prefer secure helpers like keychain over 'store'. Not for interactive end-user scripts.

Null-terminated lines on stdin/stdout:
protocol=https
host=github.com
path=/user/repo.git
username=foo
password=bar
Ends with blank line. Only relevant fields exchanged.

Uses credential.helper config (colon-separated list). Prefix 'manager-' invokes git-credential-manager, etc. Test with GIT_CREDENTIAL_HELPER=store git credential fill.

Introduced in Git 1.5.3 (2007) with basic store helper; expanded in 1.6+ for caching and OS integration. Operations renamed approve/reject from store/erase in Git 2.40 (2023) for clarity. Evolved with Git's shift to tokens over passwords.

git(1), git-config(1), git-credential-cache(1), git-credential-store(1), gitcredentials(7)