The GitHub API credentials you provided aren't valid

I have a projects page to display my Github public projects, Hantsy Bai | projects

Currently, it display correctly, but when startup on local system, there is a warning about Github API authentication.

I have read the jekyll-github-metadata docs, add a JEKYLL_GITHUB_TOKEN in .env, and add gem dotenv. It will fail due to an error like this.

 Liquid Exception: The GitHub API credentials you provided aren't valid. in _pages/projects.md

The content of the projects.md is simple.

<div class="projects">

  {% assign sorted_projects = site.github.public_repositories | sort: "stargazers_count"|reverse  %}
  {% for project in sorted_projects %}
  <div class="card hoverable mt-2">
    <div class="card-body">
      <h5 class="card-title text-lowercase">
        <a href="{{ project.html_url }}" target="_blank">{{ project.name }}</a>
      </h5>
       <h6 class="card-subtitle mb-2 text-muted">{{project.language}} &bull; <i class="fa fa-star"></i> {{project.stargazers_count}} </h6>
      <p class="card-text">{{ project.description }}</p>
    </div>
  </div>
  {% endfor %}
</div>

It’s a nice looking cards list. I have something similar.

You don’t need to set the token at all. Your local build will use unauthorized API requests which means after too many requests you’ll get rate limited and get no data.


If you do decide to use the token, then I would avoid the complexity of a dotenv plugin and first just get it to work a simple way.

export JEKYLL_GITHUB_TOKEN=abcdef123456
bundle exec jekyll serve

Then if that works, you can go one step further and use dotenv library if you want.

I prefer to avoid dotenv library and rather load the value using a make command. And export at the top of Makefile too.

Note for security reasons it is safer to only make a dev auth token in Settings which has read-only access. If you make a write token, then someone who steals your token can write to all of your repositories, not just the one.

Also when you make need to get access to read all public repos under permissions and then generate a new token. Maybe you didn’t tick that before.

You can also test out your token outside of Jekyll by doing a request with it to a repo as per GH REST API docs.

@MichaelCurrin I nerver used Makefile before.

Temperorily I returned to the unauthorized case to continue to use it. Thanks.

You can also use a shell script for your commands in place of Makefile.

serve.sh

!#/bin/bash
source .env
export TOKEN

bundle exec jekyll serve 

When I do not use a .env at all, it worked well.

But when adding it in the project root folder, and add gem dotenv, it will raise the auth error. It means the env is loaded, but it is not valid in the calling of github-metadata plugin.

Not sure if it requires extra setting. I am using a Windows 10/Ruby 2.7.

1 Like

Sorry, what I suggested above was for mac / Linux, using a Bash script. And make is not standard on Windows.

Anyway I think is that dotenv gem is meant to be used in a different context.

Like you would have a script in plugins directory, or in an installed plugin, that would do something like this:

  1. Install dotenv by adding in Gemfile.
  2. Add a Ruby script that uses it.

e.g.

require 'dotenv'
Dotenv.load('./.env')

token = ENV['TOKEN']
puts token

Or some HTTP request with the token.

But, you are using the GitHub Metadata plugin. When that plugin runs, it has no concept of the dotenv plugin or of a script like above.

You’d have to write you own logic which setups up dotenv and then calls the GH Metadata plugin, but that is not worth the effort. And you might end up running the metadata plugin twice.