Set up HTTP basic authentication for repositories

  • Published on Feb 12, 2026
Prev Next

You can configure HTTP basic authentication to access private Git repositories that use HTTP or HTTPS URLs. This authentication method uses a username and password (typically a personal access token) to access your repository.

When to use HTTP basic authentication

Use HTTP basic authentication when:

  • Your Git repository requires authentication and uses an HTTP or HTTPS URL
  • You want to use a personal access token instead of SSH keys
  • Your organization's security policies require token-based authentication
  • You need to access repositories on platforms like GitHub, GitLab, or Bitbucket with HTTPS URLs

Prerequisites

  • IAG secret store configured with an encryption key. See Configure IAG secret store.
  • A personal access token or password for your Git repository
  • Administrator role permissions to create secrets and repositories

How HTTP basic authentication works

IAG stores your authentication credentials securely:

  1. You create a secret that contains your password or personal access token
  2. You create a repository and reference the secret by name
  3. When a service runs, IAG uses the stored credentials to access the repository

IAG never exposes your password or token in plain text.

Create a secret for your authentication token

Before you create a repository with HTTP basic authentication, create a secret to store your personal access token or password.

Use the iagctl create secret command with the --prompt-value flag:

iagctl create secret <secret-name> --prompt-value

Example:

iagctl create secret github-token --prompt-value

When prompted, enter your token. IAG encrypts and stores the token securely.

Create a repository with HTTP basic authentication

After you create a secret, you can create a repository that uses HTTP basic authentication.

Syntax:

iagctl create repository <repository-name> \
  --url <https-git-url> \
  --username <git-username> \
  --password-name <secret-name>

Parameters:

  • <repository-name>: A unique name for the repository reference
  • --url: The HTTPS Git URL for your repository
  • --username: Your Git username
  • --password-name: The name of the secret that contains your password or token

Example:
Create a repository that uses GitHub authentication:

iagctl create repository my-private-repo \
  --url https://github.com/example/some-private-repo-with-automations.git \
  --username your-username \
  --password-name github-token

Complete example workflow

This example shows the complete process of setting up HTTP basic authentication for a GitHub repository.

Step 1: Create a secret for your GitHub token (see Configure IAG secret store for details):

iagctl create secret github-token --prompt-value

Step 2: Create a repository with authentication:

iagctl create repository my-private-repo \
  --url https://github.com/example/automation-scripts.git \
  --username myusername \
  --password-name github-token

Step 3: Create a service that uses the repository:

iagctl create service executable backup-service \
  --executable-object bash-standard \
  --repository my-private-repo \
  --working-dir scripts \
  --filename backup.sh