Home Explore Blog CI



git
3rd chunk of `Documentation/git-credential.adoc`
caf7dc695b953da1a3d75242b2009ca228170f63c0a388710000000100000c2e
 have an expiry date.
	When reading credentials from helpers, `git credential fill` ignores expired
	passwords. Represented as Unix time UTC, seconds since 1970.

`oauth_refresh_token`::

	An OAuth refresh token may accompany a password that is an OAuth access
	token. Helpers must treat this attribute as confidential like the password
	attribute. Git itself has no special behaviour for this attribute.

`url`::

	When this special attribute is read by `git credential`, the
	value is parsed as a URL and treated as if its constituent parts
	were read (e.g., `url=https://example.com` would behave as if
	`protocol=https` and `host=example.com` had been provided). This
	can help callers avoid parsing URLs themselves.
+
Note that specifying a protocol is mandatory and if the URL
doesn't specify a hostname (e.g., "cert:///path/to/file") the
credential will contain a hostname attribute whose value is an
empty string.
+
Components which are missing from the URL (e.g., there is no
username in the example above) will be left unset.

`authtype`::
	This indicates that the authentication scheme in question should be used.
	Common values for HTTP and HTTPS include `basic`, `bearer`, and `digest`,
	although the latter is insecure and should not be used.  If `credential`
	is used, this may be set to an arbitrary string suitable for the protocol in
	question (usually HTTP).
+
This value should not be sent unless the appropriate capability (see below) is
provided on input.

`credential`::
	The pre-encoded credential, suitable for the protocol in question (usually
	HTTP).  If this key is sent, `authtype` is mandatory, and `username` and
	`password` are not used.  For HTTP, Git concatenates the `authtype` value and
	this value with a single space to determine the `Authorization` header.
+
This value should not be sent unless the appropriate capability (see below) is
provided on input.

`ephemeral`::
	This boolean value indicates, if true, that the value in the `credential`
	field should not be saved by the credential helper because its usefulness is
	limited in time.  For example, an HTTP Digest `credential` value is computed
	using a nonce and reusing it will not result in successful authentication.
	This may also be used for situations with short duration (e.g., 24-hour)
	credentials.  The default value is false.
+
The credential helper will still be invoked with `store` or `erase` so that it
can determine whether the operation was successful.
+
This value should not be sent unless the appropriate capability (see below) is
provided on input.

`state[]`::
	This value provides an opaque state that will be passed back to this helper
	if it is called again.  Each different credential helper may specify this
	once.  The value should include a prefix unique to the credential helper and
	should ignore values that don't match its prefix.
+
This value should not be sent unless the appropriate capability (see below) is
provided on input.

`continue`::
	This is a boolean value, which, if enabled, indicates that this
	authentication is a non-final part of a multistage authentication step. This
Title: Git Credential Attributes and Capabilities
Summary
Git credential attributes include oauth_refresh_token, url, authtype, credential, ephemeral, state, and continue, which provide additional information and control over the credential process, such as handling OAuth tokens, parsing URLs, and managing multistage authentication, with specific rules and capabilities for each attribute.