You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Composer could be more helpful if you are part of a GitHub organization but forget to enable SSO on your GitHub token. Ideally Composer would detect that SSO is not enabled on the token, or at least mention in the error message somewhere that lack of SSO could be the cause.
Specifically, if the following are true:
You are part of a GitHub organization that requires SSO
You have configured Composer to use a GitHub token
You've not enabled SSO for that token
You try to require a package from that organization (even if the package is public)
... then you get an error message:
Could not fetch [package], please review your configured GitHub OAuth token or enter a new one to access private repos
This is especially confusing when trying to download a public package. I know the error message says in part "review your configured token", but it's easy to infer that the token is missing rather than misconfigured. And then go through an endless loop of wondering why a token is even required for a public package, creating and setting a new token, and getting the same error message over and over until you realize the problem is missing SSO.
This might sound a bit like an edge case but I promise you nearly everyone in an SSO org has gone through this at least once (and in my case, multiple times 😄 )
The text was updated successfully, but these errors were encountered:
It would be a lot easier if someone affected would work on a patch for this tbh, because without access to an SSO-enabled org this is going to be a pain to work on.
Composer could be more helpful if you are part of a GitHub organization but forget to enable SSO on your GitHub token. Ideally Composer would detect that SSO is not enabled on the token, or at least mention in the error message somewhere that lack of SSO could be the cause.
Specifically, if the following are true:
... then you get an error message:
This is especially confusing when trying to download a public package. I know the error message says in part "review your configured token", but it's easy to infer that the token is missing rather than misconfigured. And then go through an endless loop of wondering why a token is even required for a public package, creating and setting a new token, and getting the same error message over and over until you realize the problem is missing SSO.
This might sound a bit like an edge case but I promise you nearly everyone in an SSO org has gone through this at least once (and in my case, multiple times 😄 )
The text was updated successfully, but these errors were encountered: