Authentication¶

Stack needs to authenticate with your Git provider to create and manage pull requests.

GitHub¶

The easiest way to authenticate with GitHub:

gt auth login github

This opens your browser to complete OAuth authorization. Stack requests minimal permissions:

Alternatively, use a personal access token:

gt auth login github --token

Required scopes:

gt auth login gitlab

You'll be prompted for:

Create a token at Settings > Access Tokens with these scopes:

For self-hosted GitLab instances:

gt auth login gitlab --host gitlab.mycompany.com

Check your authentication status:

gt auth status

Output:

GitHub (github.com)
  Authenticated as: username
  Token: ghp_****...****

GitLab (gitlab.com)
  Not authenticated

Stack supports multiple provider accounts. The correct account is selected based on your repository's remote URL.

# Add GitHub Enterprise
gt auth login github --host github.mycompany.com

# Add self-hosted GitLab
gt auth login gitlab --host gitlab.mycompany.com

Remove stored credentials:

# Logout from GitHub
gt auth logout github

# Logout from GitLab
gt auth logout gitlab

# Logout from all providers
gt auth logout --all

Credentials are stored securely in:

OS	Location
Linux	`~/.config/stack/credentials.json`
macOS	`~/.config/stack/credentials.json`
Windows	`%APPDATA%\stack\credentials.json`

Security

The credentials file contains sensitive tokens. Ensure it's not readable by other users and not committed to version control.

You can also provide credentials via environment variables:

# GitHub
export GITHUB_TOKEN=ghp_your_token_here

# GitLab
export GITLAB_TOKEN=glpat-your_token_here

Environment variables take precedence over stored credentials.

Re-authenticate:

gt auth logout github
gt auth login github

GitHub OAuth tokens don't expire, but PATs might. Generate a new token and re-authenticate.

If Stack is using the wrong account, logout and login with the correct one:

gt auth logout github
gt auth login github