Constantly being asked to authenticate keychain on MacOS against Azure Devops #2079
Description
Version
2.6.1+786ab03440ddc82e807a97c0e540f5247e44cec6
Operating system
macOS
OS version or distribution
26.0.1 (25A362)
Git hosting provider(s)
Azure DevOps
Other hosting provider
No response
(Azure DevOps only) What format is your remote URL?
https://{org}.visualstudio.com
Can you access the remote repository directly in the browser?
Yes, I can access the repository
Expected behavior
Authentication at a reasonable frequency (no more often than once a day)
Actual behavior
My issue is the same as #435, which was closed due to inactivity.
For reference, I am a data scientist working at Microsoft.
I have to authenticate ~once an hour when I do git pull or push, which includes having to type my password for keychain. "Always Allow" does not help.
The other thread asked for the result of security find-generic-password -gs git:dev.azure.com/XXXXXXXXhq where the last bit is the url to the ADO org. Ours is e.g. https://orgX.visualstudio.com.
❯ security find-generic-password -gs git:https://<redacted>.visualstudio.com (notesUtilityMetrics-3.12-2025-10-16)
keychain: "/Users/thomas/Library/Keychains/login.keychain-db"
version: 512
class: "genp"
attributes:
0x00000007 <blob>="git:https://<redacted>.visualstudio.com"
0x00000008 <blob>=<NULL>
"acct"<blob>="<redacted>@microsoft.com"
"cdat"<timedate>=0x32303235303931373135323834345A00 "20250917152844Z\000"
"crtr"<uint32>="aapl"
"cusi"<sint32>=<NULL>
"desc"<blob>=<NULL>
"gena"<blob>=<NULL>
"icmt"<blob>=<NULL>
"invi"<sint32>=<NULL>
"mdat"<timedate>=0x32303235303931373135323834345A00 "20250917152844Z\000"
"nega"<sint32>=<NULL>
"prot"<blob>=<NULL>
"scrp"<sint32>=<NULL>
"svce"<blob>="git:https://<redacted>.visualstudio.com"
"type"<uint32>=<NULL>
password: "<redacted>"
Logs
I'd prefer to avoid pasting sensitive logs, but can provide specific things on-demand.