Describe the bug
On MacOS, using gh with OSX Keychain, gh auth logout does not erase the token from keychain.
Affected version
gh version
gh version 2.89.0 (2026-03-26)
https://github.com/cli/cli/releases/tag/v2.89.0
Steps to reproduce the behavior
❯ printf "protocol=https\nhost=github.com\n" | git credential-osxkeychain erase
❯ printf 'protocol=https\nhost=github.com\n\n' | git credential-osxkeychain get |grep password
❯ gh auth login
? Where do you use GitHub? GitHub.com
? What is your preferred protocol for Git operations on this host? HTTPS
? Authenticate Git with your GitHub credentials? Yes
? How would you like to authenticate GitHub CLI? Login with a web browser
! First copy your one-time code: XXXX-XXXX
Press Enter to open https://github.com/login/device in your browser...
✓ Authentication complete.
- gh config set -h github.com git_protocol https
✓ Configured git protocol
✓ Logged in as xxxxxxxxxx
❯ printf 'protocol=https\nhost=github.com\n\n' | git credential-osxkeychain get |grep password
password=gho_XXXXXXXXXXXXXXXXX
❯ gh auth logout
✓ Logged out of github.com account xxxxxxxxxx
❯ printf 'protocol=https\nhost=github.com\n\n' | git credential-osxkeychain get |grep password
password=gho_XXXXXXXXXXXXXXXXX
Expected vs actual behavior
I expect, at the very least, the OAuth token to be removed from MacOS keychain, ideally revoked using REST API.
Describe the bug
On MacOS, using
ghwith OSX Keychain,gh auth logoutdoes not erase the token from keychain.Affected version
Steps to reproduce the behavior
Expected vs actual behavior
I expect, at the very least, the OAuth token to be removed from MacOS keychain, ideally revoked using REST API.