Can't push to GitHub "Refusing to allow an OAuth App to create or update workflow without workflow scope"
When any of your commits contain a new or updated GitHub Action, you need to have the `workflow` scope to push these changes. Git Credential Manager for Windows doesn't request this.
When you do try to push your changes, you'll be greeted by the following error message:
![Remote Rejected] main -> main (refusing to allow an OAuth App to create or update workflow `...` without `worflow` scope)
The error is caused by me trying to push a set of commits to my repo that include a new GitHub Action Workflow. My OAuth token has been generated by the Git Credential Manager for Windows.
A dirty workaround is to generate a new token from the GiHub Developer Settings menu and paste that into your Windows Credential Manager:
This will work for a while, until the Git Credential Manager for Windows refreshes your token it seems, as the scope is revoked after some time.
A better solution
A better solution is to get rid of the "old" Git Credential Manager for Windows and switch to Git Credential Manager Core. The new, cross platform, credential manager for Git, which will actually request the right scopes, doesn't seem to rely on IE11 and supports 2FA properly.
The new credential manager ships with Git 2.28, but isn't enabled by default.
After installing that and deleting the stored credential in the Windows Credential Store, I can now push my Github workflows without issues.
Photo used under Creative Commons: Jordan Morningstar.