There isn't a timeline when this will actually be disallowed, but they send an email every three days, so it's quite annoying.
Full email recieved from GitHub when logging in with the current build:
Hi @jackodsteel,
On February 4th, 2020 at 01:03 (UTC) your application (REDACTED) used an access token (with the User-Agent Go-http-client/1.1) as part of a query parameter to access an endpoint through the GitHub API:
https://api.github.com/user
Please use the Authorization HTTP header instead as using the `access_token` query parameter is deprecated.
Depending on your API usage, we'll be sending you this email reminder once every 3 days for each token and User-Agent used in API calls made on your behalf.
Just one URL that was accessed with a token and User-Agent combination will be listed in the email reminder, not all.
Visit https://developer.github.com/changes/2019-11-05-deprecated-passwords-and-authorizations-api/#authenticating-using-query-parameters for more information.
Thanks,
The GitHub Team
GitHub has deprecated the use of
access_token
as a query parameter for thehttps://api.github.com/user
endpoint.Instead we should now use the
Authorization
header as per:https://developer.github.com/changes/2019-11-05-deprecated-passwords-and-authorizations-api/#authenticating-using-query-parameters
There isn't a timeline when this will actually be disallowed, but they send an email every three days, so it's quite annoying.
Full email recieved from GitHub when logging in with the current build: