Personal git tokens

Description

Personal git tokens allow every user to add one or more git credentials in Brainboard to be able to do pull requests.

Pull requests initiated by the user will use the credential specified with its associated scope in a way that you can track who does which pull request.

If you use GitHub, refer to this page to setup GitHub app integration.

Supported git providers

Gitlab

To add Gitlab personal git tokens in Brainboard, you first need to generate Gitlab access token.

To add the generated token in Brainboard:

1. Go to personal git tokens settings page:
2. Click on Gitlab row, then click on the plus button location on the right:
3. Add your credentials in the displayed window:

   • Name of the token. This is only for Brainboard, it will not be used when you do a pull request.

   • The URL of your GitLab server: by default Brainboard uses https://gitlab.com, but if you have a private Gitlab instance accessible through the internet or if you use a single-tenant Brainboard offering, you can specify a different URL.

   • Token: the token (secret) generated from your GitLab account.
4. Then click on Submit button.

5. Brainboard will verify if the credentials are valid. If they are not, you'll receive this error:
6. If the token is valid, you'll now configure the scope associated to it:
7. Click on Submit button to save the configuration.

GitHub

To add GitHub personal git tokens in Brainboard, you will first need to install the Brainboard github app in your organization.

To add a personal GitHub token:

1. Go to personal git tokens settings page:
2. Click on GitHub row, then click on the plus button location on the right:
3. Click on the Connect with GitHub button:
4. The GitHub website will open in a new tab, asking you to authorize Brainboard app to access your GitHub account. Click on the Authorize Brainboard button:
5. You will then be redirected to Brainboard personal git tokens page, with a confirmation that the GitHub connection was successful:

Azure DevOps

To add Azure DevOps personal git tokens in Brainboard, you first need to generate an Azure DevOps personal access token.

To add the generated token in Brainboard:

1. Go to personal git tokens settings page:
2. Click on Azure DevOps row, then click on the plus button location on the right:
3. Add your credentials in the displayed window:

   • Name of the token. This is only for Brainboard, it will not be used when you do a pull request.

   • The URL of your Azure DevOps organization.

     • To get this URL, the simplest way is to click on Azure DevOps on the top-left button then copy the URL of the browser
   • Token: the token (secret) generated from your Azure DO account.
4. Then click on Submit button.

5. Brainboard will verify if the credentials are valid. If they are not, you'll receive this error:
6. If the token is valid, you'll now configure the scope associated to it:
7. Click on Submit button to save the configuration.

Bitbucket

To add Bitbucket personal app password in Brainboard, you first need to generate it in your Bitbucket account.

To add the generated token in Brainboard:

1. Go to personal git tokens settings page:
2. Click on Bitbucket row, then click on the plus button location on the right:
3. Add your credentials in the displayed window:

   • Name of the token. This is only for Brainboard, it will not be used when you do a pull request.

   • The URL of your Bitbucket server: by default Brainboard uses https://api.bitbucket.org/2.0 but you can set your own URL.

   • Username: this is not your email. You get it from your personal Bitbucket account settings.
   • Password: the app password generated from your Bitbucket account.
4. Then click on Submit button.

5. Brainboard will verify if the credentials are valid. If they are not, you'll receive this error:
6. If the token is valid, you'll now configure the scope associated to it:
7. Click on Submit button to save the configuration.

Git token scope

Brainboard allows you to specify where a git token will be used by setting its scope. This provides you with fine grain flexibility when managing tokens and separating concerns.

So, when you add a personal git token, you can specify in which project, environment or architecture it will be used. This is what is called setting the scope of the credentials.

GitHub personal access tokens do not have any scope, as you can only create one token, which will be available for all your projects, environments, and architectures.

To change the scope of the token:

1. Go to personal git tokens settings page:
2. Hover the token row you want to change, and click on the Change the scope of the credential button:
3. Choose from the list of the projects, environments and architectures displayed where you want this credential to be used

Edit token

To edit a personal git token:

1. Open the git provider row for the token you intend to edit, and click on the Edit the credential button:
2. Change the information of the credential, then click on the Submit button to save the changes.

Delete token

To delete a personal git token:

1. Open the git provider row for the token you want to delete, and click on the Delete the credential button:
2. You'll be prompted to confirm your action. If you click on the Delete button, the credential will be permanently deleted.

Best practices

1. It is a best practice to define at least one default git credential.

   • To achieve it, click on the toggle Default credentials for all your organization:
2. Always set an expiration date for your personal git tokens on your git provider.

3. When you rotate your personal git tokens, don't delete and add new ones in Brainboard but edit them to only change the token.