Understanding GitHub VCS integration and access tokens

We are using a GitHub VCS integration in YouTrack. We've forgotten the details of the setup, when it was first created.

We've noted that it uses a “personal access token”. I believe we used a fine grained access token, as we no longer utilize the old tokens due to security concerns. As we are now required to regenerate it (due to expiry), I'd expect the integration to no longer function, without setting a new access token. However, it still successfully fetches commits.

Should I not be required to update the “person access token” field when regenerating due to expiry?

Does the integration have some other mechanism of staying integrated, that I've missed?

0
3 comments
Official comment

Hi Halvor! YouTrack doesn't fetch these commits; instead, GitHub uses webhooks to connect and send the data to YouTrack. So the token expiry does not affect this process after the integration has been set up. 

Thank you Stanislav Dubin. I see the webhooks now.

So after a repo is set up using GitHub VCS integration, the access token is useless.

But to add a new repo as a GitHub VCS integration it will during setup require a access token.

Is that correct?

0

The token isn't completely useless in the existing integration either, as it can be used if you want to do the “Import commits and open pull requests” option. If you set up a new integration, a working token will be required.

0

Please sign in to leave a comment.