«
»

Removing Git Credentials (Windows)

Posted by Claudius Coenen on November 7th, 2023

I found myself in an environment where I need to be able to log out users automatically.

Erasing Stored Credentials

Git on Windows uses the git credential manager by default. It uses the standard git crendential interface described in the documentation. Ultimately, this uses the windows credential manager for storage (unless configured otherwise). You can run an interactive session and ask for credentials to be erased (replace the hostname, of course):

C:\>git credential-manager erase
protocol=https
host=example.com

C:\>

There is an additional empty newline that means “my request is finished, please execute”. This command runs interactively, but you can also prepare a request like this:

C:\> type erase-request.txt > git credential-manager erase

erase-request.txt would just contain the same three lines (two for the request, one for the final newline) and it has the same effect. Now let’s try that without an intermediate text file. Sadly, I did not find a way to do this in the regular cli.exe terminal, but here’s one that works in a PowerShell environment:

PS C:\> echo "protocol=https`nhost=example.com`n" | git credential-manager erase

The PowerShell can do a newline by adding `n to it. So we just generate the three lines with the echo command and pipe them into git credential-manager.

To do this automatically, I added that line above into a script and called it erase-git-credentials.ps1 and put it into a safe location (one that can’t be edited by a regular user, like C:\Program Files. I then place a shortcut to it on my desktop, running powershell.exe -File "C:\Program Files\erase-git-credentials.ps1"

Not even storing them in the first place

On Unix-like systems, you could also configure credential.helper to be cache, which would accept a configurable timeout after which credentials would be forgotten automatically. Sadly, this seems to be unavailable on windows.

Loosely Related: Author Info

If you want to remove credentials, chances are you _also_ want to remove globally stored author info. These can be reset with these commands:

git config --global --unset user.email
git config --global --unset user.name

If you need these, too, you can put them into the same PowerShell script we created earlier.

Filed under Artikel, Technik | Tags:


Comments are closed. Please feel free to Contact me directly!


Author

Claudius Coenen is a tech-enthusiast. He's writing on all kinds of topics, including programming, technology, gadgets and media.

This site features his occasional articles, findings, documentations.

Categories

Connect

RSS Recent Bookmarks

Legal