[GitHub API] Deprecation notice for authentication via URL query parameters

Problem to solve

A customer receiving emails from GitHub regarding the deprecation of some authentication patterns.

In the past few days, we've received alerts from Github that "your application (gitlab) used an access token (with the User-Agent Faraday v0.15.4) as part of a query parameter to access an endpoint through the GitHub API."

The alert goes on to say that using the "access_token" query parameter is deprecated and that the Authorization HTTP header should be used instead. Please see https://developer.github.com/changes/2019-11-05-deprecated-passwords-and-authorizations-api/#authenticating-using-query-parameters for more information.

Please use the Authorization HTTP header instead as using the access_token query parameter is deprecated.

Depending on your API usage, we'll be sending you this email reminder once every 3 days for each token and User-Agent used in API calls made on your behalf. Just one URL that was accessed with a token and User-Agent combination will be listed in the email reminder, not all.

Visit https://developer.github.com/changes/2019-11-05-deprecated-passwords-and-authorizations-api/#authenticating-using-query-parameters for more information.

Thanks, The GitHub Team

Our documentation references using Personal Access Tokens only for GitHub, see github_integration

Links / references

ZD: https://gitlab.zendesk.com/agent/tickets/146116 (internal use only)