Skip to main content

authenticationModule

MS Code Extension API

MS Code Extension API / core/extensionAPI/modules/authenticationModule

core/extensionAPI/modules/authenticationModule

Functions

createAuthenticationModule()

createAuthenticationModule(extId): object

Defined in: core/extensionAPI/modules/authenticationModule.ts:13

Factory function to generate the Authentication API for a specific extension. This module acts as a secure gatekeeper, ensuring extensions cannot silently steal credentials without explicit user consent. *

Parameters

extId

string

The unique identifier of the calling extension (e.g., 'publisher.gitlens').

Returns

getSession

getSession: () => Promise<string | null>

Requests a GitHub authentication session (Token) for the current user.

  • Behavior:
  • If the user has already granted access to this extension, it returns the token instantly.
  • If the user has previously denied access, it returns null.
  • If this is the first time, it suspends execution and prompts the user with a secure dialog: "Extension [Name] wants to sign in using your GitHub account."
Returns

Promise<string | null>

The GitHub Personal Access Token (or OAuth token), or null if denied/not logged in. *

Example
const token = await mscode.authentication.getSession();
* if (token) {
// Use the token to fetch private GitHub data
const res = await fetch('[https://api.github.com/user/repos](https://api.github.com/user/repos)', {
headers: { Authorization: `token ${token}` }
});
const repos = await res.json();
} else {
mscode.window.showErrorMessage("GitHub access is required to view Pull Requests.");
}
getUser

getUser: () => GitHubUser | null

Retrieves the currently authenticated GitHub user's public profile information. This acts as a convenience method to avoid making a manual api.github.com/user fetch.

  • Security: This will return null if the extension has not been granted access via getSession(), even if the user is logged into the IDE globally.
Returns

GitHubUser | null

The user profile object containing login, name, email, and avatar_url. *

Example
const user = mscode.authentication.getUser();
if (user) {
console.log(`Welcome back, ${user.name}! (@${user.login})`);
mscode.window.showInformationMessage(`Logged in as ${user.email}`);
}
hasAccess

hasAccess: () => boolean

Synchronously checks if the extension has already been granted GitHub access. This method is completely silent and will never prompt the user.

  • Useful for checking state during extension activation to toggle UI elements (e.g., showing a "Sign in" button inside a sidebar view if access is missing).
Returns

boolean

true if the user is authenticated globally AND has authorized this extension. *

Example
if (mscode.authentication.hasAccess()) {
mscode.menus.registerMenuItem('sidebar/git/actions', { ... });
}