@@ -135,7 +135,8 @@ X-GitHub-OTP: required; :2fa-type
135135}
136136</pre >
137137
138- To get around that error, provide your 2FA OTP code in the [ X-GitHub-OTP request header] [ 2fa header ] :
138+ If you enabled 2FA with a mobile application, you can get around that error
139+ by providing an 2FA OTP code in the [ X-GitHub-OTP request header] [ 2fa header ] :
139140
140141<pre class =" terminal " >
141142$ curl -i -u < ; your_username> ; -H "X-GitHub-OTP: < ; your_2fa_OTP_code> ; " \
@@ -154,14 +155,13 @@ HTTP/1.1 200 OK
154155}
155156</pre >
156157
157- If you enabled 2FA with a mobile application, then you can get an OTP
158- code from that application on your phone. If you enabled 2FA with text messages,
159- then you'll get an SMS with your OTP code after making a request to an API
160- endpoint which requires such an OTP code .
158+ To get an OTP code, use the one-time password application on your phone.
159+ However, because these OTP codes expire quickly, an easier workaround is to
160+ create and use a Personal token for authentication. See the
161+ [ OAuth section ] [ oauth section ] below for more information .
161162
162- Because these OTP codes expire quickly, an easier workaround is to create and
163- use a Personal token for authentication. See the [ OAuth section] [ oauth section ]
164- below for more information.
163+ If you enabled 2FA with text messages (SMS), you'll need to create an OAuth
164+ token and use [ OAuth authentication] [ oauth section ] instead of Basic Authentication.
165165
166166### Get your own user profile
167167
@@ -260,6 +260,14 @@ in order to not frighten users with potentially invasive actions. The `201`
260260status code tells us that the call was successful, and the JSON returned
261261contains the details of our new OAuth token.
262262
263+ Again, if you enabled [ two-factor authentication] [ 2fa ] enabled, the API will
264+ return the [ previously described ` 401 Unauthorized ` error code] [ 2fa section ]
265+ for the above request. You can get around that error by providing an OTP code
266+ in the [ X-GitHub-OTP request header] [ 2fa header ] , [ as described above] [ 2fa section ] .
267+ If you enabled 2FA with a mobile application, go ahead and get an OTP code from your
268+ one-time password application on your phone. If you enabled 2FA with text messages,
269+ you'll receive an SMS with your OTP code after making a request to this endpoint.
270+
263271Now, we can use the forty character ` token ` instead of a username and password
264272in the rest of our examples. Let's grab our own user info again, using OAuth this time:
265273
@@ -558,3 +566,4 @@ Keep learning with the next API guide [Basics of Authentication][auth guide]!
558566[ get issues api ] : /v3/issues/#list-issues
559567[ repo issues api ] : /v3/issues/#list-issues-for-a-repository
560568[ etag ] : http://en.wikipedia.org/wiki/HTTP_ETag
569+ [ 2fa section ] : /guides/getting-started/#two-factor-authentication
0 commit comments