To simplify how custom tools work on your instance and bypass authentication requirements, you can allow repository administrators to enable anonymous Git read access to public repositories on your GitHub Enterprise instance.

Please Note: If you enable anonymous Git read access, you're responsible for all access and use of this feature. GitHub will not be responsible for any unintended access or misuse of the feature. Also, you may not use this feature to violate your license from GitHub, including the limit on the number of seats you've ordered from us.

If private mode is enabled, you can allow repository administrators to enable anonymous Git read access to public repositories on your GitHub Enterprise instance. For more information about private mode, see "Enabling private mode."

Allowing anonymous Git read access enables you to bypass authentication for custom tools on your instance. When you or a repository administrator enable this access setting for a repository, unauthenticated Git operations (and anyone with network access to GitHub Enterprise) will have read access to the repository without authentication.

You can also prevent repository administrators from changing a repository's anonymous Git access settings. For more information, see "Preventing users from changing anonymous Git read access to a repository."

To see the repositories with anonymous Git read access enabled, filter the repositories list in the Site Admin dashboard.

Notes:

  • You cannot change the Git read access settings for forked repositories since they inherit their access settings from the root repository by default.
  • If a public repository becomes private, then anonymous Git read access will automatically be disabled for that repository and it forks.
  • If a repository with anonymous authentication contains Git LFS assets, it will fail to download the Git LFS assets since they still require authentication. We strongly recommend not enabling anonymous Git read access for a repository with Git LFS assets.
  1. In the upper-right corner of any page, click . Rocketship icon for accessing site admin settings

  2. In the left sidebar, click Admin center. Admin Center tab

  3. Under "Anonymous Git read access", using the drop-down menu, click Enabled. Anonymous Git read access drop-down menu showing menu options "Enabled" and "Disabled"

Enabling anonymous Git read access for a specific repository

Notes:

  • You cannot change the Git read access settings for forked repositories since they inherit their access settings from the root repository by default.
  • If a public repository becomes private, then anonymous Git read access will automatically be disabled for that repository and it forks.
  • If a repository with anonymous authentication contains Git LFS assets, it will fail to download the Git LFS assets since they still require authentication. We strongly recommend not enabling anonymous Git read access for a repository with Git LFS assets.
  1. In the upper-right corner of any page, click . Rocketship icon for accessing site admin settings

  2. In the search field, type the name of the repository and click Search. Site admin settings search field

  3. In the search results, click the name of the repository. Site admin settings search options

  4. In the upper-right corner of the page, click Admin. Admin Tools

  5. In the left sidebar, click Admin. Admin Tools

  6. Under "Danger Zone", next to "Enable Anonymous Git read access", click Enable. "Enabled" button under "Enable anonymous Git read access" in danger zone of a repository's site admin settings

  7. Review the changes. To confirm, click Yes, enable anonymous Git read access. Confirm anonymous Git read access setting in pop-up window