Fixed [GitHub API] Deprecation notice for authentication via URL query parameters


Well-known member
Affected version
Hi there,

just received a mail from GitHub:
On February 5th, 2020 at 14:08 (UTC) your application (APP NAME) used an access token (with the User-Agent PHPoAuthLib) as part of a query parameter to access an endpoint through the GitHub API:

Please use the Authorization HTTP header instead as using the access_token query parameter is deprecated.

Depending on your API usage, we'll be sending you this email reminder once every 3 days for each token and User-Agent used in API calls made on your behalf.
Just one URL that was accessed with a token and User-Agent combination will be listed in the email reminder, not all.

Visit for more information.

The GitHub Team


Well-known member
Came here looking for some more info on this also I received the same mail and don't really want to receive it every 3 days as they say! I have quite a few users using GitHub as a web dev forum.

XF Bug Bot

XenForo bug fixer bot
Staff member
Thank you for reporting this issue, it has now been resolved. We are aiming to include any changes that have been made in a future XF release (2.1.8).

Change log:
Update GitHub OAuth implementation to use header authorisation.
There may be a delay before changes are rolled out to the XenForo Community.