I'm on git version 2.8.1.windows.1, trying to connect to VSTS. Visual studio can connect fine but command line fails.
After a few attempts at installing / reinstalling, if I _git pull_ I am now presented with three "sign in to your account" guis which I need to cancel, before I can enter my personal access token at the command line. This happens with every _git pull/push_
_git config --list_ shows credential.helper=manager
credential.log:
Log Start (2016-04-05 10:48:46Z)
Microsoft Git Credential Manager for Windows version 1.2.2
Program::Get
targetUri = https://
Program::CreateAuthentication
detecting authority type
authority is Azure Directory
Log Start (2016-04-05 10:48:50Z)
Microsoft Git Credential Manager for Windows version 1.2.2
Program::Get
targetUri = https://
Program::CreateAuthentication
detecting authority type
authority is Azure Directory
Log Start (2016-04-05 10:48:52Z)
Microsoft Git Credential Manager for Windows version 1.2.2
Program::Get
targetUri = https://
Program::CreateAuthentication
detecting authority type
authority is Azure Directory
Log Start (2016-04-05 10:49:05Z)
Microsoft Git Credential Manager for Windows version 1.2.2
Program::Store
targetUri = https://
Program::CreateAuthentication
detecting authority type
authority is Azure Directory
Log Start (2016-04-05 10:49:06Z)
Microsoft Git Credential Manager for Windows version 1.2.2
Program::Store
targetUri = https://
Program::CreateAuthentication
detecting authority type
authority is Azure Directory
Log Start (2016-04-05 10:49:06Z)
Microsoft Git Credential Manager for Windows version 1.2.2
Program::Store
targetUri = https://
Program::CreateAuthentication
detecting authority type
authority is Azure Directory
The GCM is aware of VSTS (visualstudio.com) and GitHub (github.com) and attempts to perform their preferred type of authorization before falling back to standard credentials.
Ideally you should not be using simple credentials to authenticate anywhere for anything. They are too easily cracked or stolen. Instead you should be using multi-factor authentication (no long passwords are not a substitute).
The dialogs you are seeing appear to the VSTS Azure authentication dialogs. Have you tried using them? Do they work for you?
No they don't. I see:
An error occurred. Contact your administrator for more information.
Error details•Activity ID: 00000000-0000-0000-763e-0080010000e2
•Relying party: Microsoft Office 365 Identity Platform
•Error time: Tue, 05 Apr 2016 13:56:55 GMT
•Cookie: enabled
•User agent string: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/7.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E; Ion 3.6.1.185; xs-ZtLtRrWABnE;Cm5A8V)
Hello guys,
It seems that I got the similar issue with this tool.
I have just installed Git 2.8.0 X64 on windows 10, then the Windows Security pop-up window always show on my screen to input username and password then login to bitbucket.org by Git Credential Manager for Windows, but it seems that the credential can not login or save my credential token in cache, and the pop-up windows always shows on my screen.

Hope dev team can helping us solve the issue.
Thanks in advance!
Hieu Tran
@jerrybk108, I just had this issue as well.
Instead of using your username, use your BitBucket's email and it should work just fine :smile:
@pentop I agree, something is not working correctly. Firstly I see this:
Relying party: Microsoft Office 365 Identity Platform
Which is incorrect. Unless VSTS and Azure have changes something on the backend that I'm unaware of (and that is possible) MSO365 should not be providing authentication for VSTS. The authority providing authentication should be either Azure Directory or Microsoft Live.
Is the url of your repository something you can share here on GitHub? I do NOT need access to your repository, but with the url I can query the servers and see what the response payload looks like. It is possible Azure / MSO365 changed something and the GCM needs to adapt.
Thanks for the report!
Thank @agustinsaldias so much!
I tried both of them, but I still got the issue.
@jerrybk108 the logic loop is fairly trivial and there are very few place it can go wrong with BitBucket.
Upon success Git will return the credentials to the GCM telling the GCM to store them for future use.
Now... if the remote rejects the credentials, Git will tell the GCM to erase said credentials.
Since your log shows Get then Store operations, and no Erase operations it seems your Windows Credential Manager should contain credentials for BitBucket. You can verify this by:
Thank whoisj so much!
The credential of bitbucket.org is stored in Credential Manager, then I modified it manually, then the pop-up still shows on my screen to require a credential.
Note: I input correct credential of bitbucket.org on GCM for windows, but it seems that it can not work correctly.
Regards,
Hieu Tran
@whoisj thanks for looking at at this. the repository is here: aamdev.visualstudio.com/DefaultCollection/Global%20Platforms/Applications/_git/BrokerManagementRepository
I started having similar problems after upgrading to Git 2.8.x, could that be the culprit? GCM asks for my credentials every time. I can fetch/push just fine, but only if I enter my credentials in the GCM pop-up every time. GCM does cache my credentials (I can see them in Windows' Credential Manager), but it seems to completely ignore cached credentials on the next push or pull. My repo is a private repo hosted by TFS on-premise.
edit
Removing all cached credentials has resolved the issue for me.
@StevenLiekens please see the documentation on the front page of the site. TFS on-premises needs slightly special treatment when configuring the GCM.
https://github.com/Microsoft/Git-Credential-Manager-for-Windows#q-i-thought-microsoft-was-maintaining-this-why-does-the-gcm-not-work-as-expected-with-tfs
@pentop and @agustinsaldias any chance either of you were relying on proxy support?
There was a bug in the proxy support which was resolved by #193 .
I'm experiencing this as well with a VSTS instance. Entering in alternate credentials or personal access tokens doesn't work with the GCM, even if I tell it to use Basic auth in git config; I have to abort any dialogs GCM pops up until git prompts me for username/password on the command line. Then I can enter my alternate access password or personal access token and it works. Although in my case, the Windows credential manager is saving the tokens, so after the first time, it remembers.
@kevinmkane if you set the GCM to 'basic' it should work like basic. I'll attempt to reproduce this issue ASAP.
In the meantime, you should know that the GCM already uses personal access tokens for both VSTS and GitHub without any intervention by you (intervention to set it to basic should enable basic however!)
@whoisj I tried setting it to basic in the git config, but no dice. Is there some other way of "setting to basic" that I'm missing? Changing the git config setting definitely caused a different credential UI to come up.
GCM would pop up a dialog for username and password twice, and each time entering in either the alternate auth credentials or a personal access token would fail. Then I get a prompt in the console window from the built-in credential manager, and then entering either credentials works.
@kevinmkane my guess is that somehow you ended up using the old GitHub experience.
I'm going to close this issue as nearly the entire authentication experience has been revised since this was filed.
If issue persist, please reopen.
Similar problems.
Had to use "personal access tokens" instead of "alternate authentication credentials" and then manually store creds in the Credential Manager before it worked. gah! >.<*
Ok, this thing does not stop popping up. The comments on all these issues indicate an application with a design scope too limited for the actual interactions to be integrated. How can I get back to working with whatever it was that worked before? And what happened to products that include an installer that's been tested and verified for the system/os where the app is supposed to live? I'm tired of people handing me something tied together with bailing wire and spit, and a piece of masking tape with 'hop*' scribbled on it.
Ok, this thing does not stop popping up.
What thing is that? The modal authentication dialog? Do you have it configured to always prompt you? What host are you working with (GitHub, VisualStudio.com, Bitbucket, etc.)? Can you share more about your configuration?
The comments on all these issues indicate an application with a design scope too limited for the actual interactions to be integrated.
I'm not sure I follow you here. The GCM scope is limited by design. It's a Git for Windows credential helper design to facilitate multi-factor authentication with VSTS and/or GitHub.
And what happened to products that include an installer that's been tested and verified for the system/os where the app is supposed to live? I'm tired of people handing me something tied together with bailing wire and spit, and a piece of masking tape with 'hop*' scribbled on it.
I'm sorry you feel this way. We do our best to deliver a package that is as well tested as we can. For better or for worse, this is not a fully funded product like Microsoft Office or Google Chrome. It's a best effort, side project. Microsoft does its part by allocating some of my time to contribute to the project, but I am the only resource and I only get about an hour a week towards it.
As for testing, I tend to use the changes locally for a week or so and ask others who have expressed a willingness to suffer untested authentication helpers to do so as well. If you have a better suggestion or model, please speak up.
That said, we happily take test code contributions if you're willing to make them. :smirk:
I don't believe that the latest version of the GCM is storing username/password correctly if the password starts with an @ sign
@stephenpatten please see #332 , just filed by me (as reported by a user via email).
@whoisj how do you configure it to never pop up? why is that not a default option - popups are generally frowned upon, persistent popups drive users nuts
@StenPetrov git config credential.modalprompt false because in may situations multifactor authentication (which is the gold standard) requires a graphical users experience.
@whoisj this doesn't work, it keeps popping, even with --global added
It would be nice to have a checkbox on the popup to tell it to stop popping
@StenPetrov can you capture a trace? SET GCM_TRACE=1 then run your git command. This should help me understand more clearly what is happening. Thanks.
@whoisj I'm not running any commands, it just keeps popping up.
I added the GCM_TRACE but where would the logs show up?
This is super annoying
@StenPetrov if you're not running the commands, you will not see the logs because =1 means write to standard output. If you need to trace to a file, use the following instead: GIT_TRACE=%userprofile%/git.log and GCM_TRACE=%GIT_TRACE%. This will write a log out to %userprofile%\git.log which you can then look at to figure out what is going on.
It's the worst it's ever been this morning. Normally, the Git Credential Manager for Windows popup appears every several days(not sure how many) but I'm assuming my credentials have expired or something. This morning, I've entered my credentials(using two factor auth) no less than 10 times and the popup keeps appearing. I checked Credentials Manager and my credentials are there. Is there a fix for this? It's been an annoyance for some time, but today it's just covfefe.
today it's just covfefe
Now that made me laugh 😆 Thanks.
@johnmurphy01 any chance you've got a repository with Git-Lfs controlled content? We've been seeing issues with recent versions of Git-Lfs and credential management in general.
I don't think so. All of our repos are well within normal storage sizes. It also seems that the more Visual Studio/Visual Studio Code windows I have open, the more the popup appears.
I know Github was having issues this morning, so that could have also contributed to the large number of popups.
@johnmurphy01 Visual Studio by itself does not perform network Git operations without user interaction, VSCode however will - so that could be the source. The design of Git's credential helper flow means that any failure results in credentials being erased. This can make minor network hiccup rather frustrating.
that is indeed frustrating if that's the case. I knew VS Code performed regular Git operations but I didn't know that any failure would wipe credentials. Is there a plan to handle this or are we just stuck with numerous popups to re-authenticate with Github? I had to end up rebooting my machine and that seemed to alleviate the popups for now, but I'm sure it will happen again several days from now.
@johnmurphy01 well, the GCM does support the credential.preserve=true option, which will prevent credentials from being deleted (barring any bugs, of course). That will not resolve the network issues, but it can mitigate some of the annoyance of having credentials wiped out on you.
would that be git config --global credential.preserve=true?
yes, I believe that should work, but without the = so git config --global credential.preserve true should be what you're looking for.
On a Windows Server 2016 Datacenter VM in Azure, I had to use wincred, to get authentication to work with my company's TFS 2017.
git config --global credential.helper wincred
Understood, but I was forced to use Windows Credential Helper when Git
Credential Manager never popped up to ask me for my credentials.
On Mon, Jul 23, 2018 at 12:41 PM, J Wyman notifications@github.com wrote:
Unfortunately, credential.helper wincred means Windows Credential Helper,
not the Git Credential Manager for Windows, so there's no real way to help
you.You're looking for credential.helper manager to utilize GCM.
—
You are receiving this because you commented.
Reply to this email directly, view it on GitHub
https://github.com/Microsoft/Git-Credential-Manager-for-Windows/issues/178#issuecomment-407141351,
or mute the thread
https://github.com/notifications/unsubscribe-auth/AAWgJOfST_jc2BavQfybP7Ym62Xs61mLks5uJgrKgaJpZM4H_8w9
.
@thargenediad have you tried manually deleting the credentials from the Windows Credential Manager?
Start.Manage Windows Credentials.Remove link to delete it.
Most helpful comment
@jerrybk108 the logic loop is fairly trivial and there are very few place it can go wrong with BitBucket.
Upon success Git will return the credentials to the GCM telling the GCM to store them for future use.
Now... if the remote rejects the credentials, Git will tell the GCM to erase said credentials.
Since your log shows Get then Store operations, and no Erase operations it seems your Windows Credential Manager should contain credentials for BitBucket. You can verify this by: