How to stop the keychain alert 'xxx want to use the keychain'

keychain

In Terminal check what you have set in your git config:

git config -l

You should see an entry for "credential.helper=osxkeychain" which is typically included if you installed git from Homebrew or have a newer macOS version such as Big Sur and the developer tools installed.

There is the option to set a cache timeout so you don't have to type your password to unlock the keychain every time you need git credentials. Think of it like the timeout for sudo where it doesn't always ask for the password if you recently used the password. You can adjust this cache timeout value to whatever you like.

To add a credential.helper cache timeout of an hour to your git config in Terminal:

git config --global credential.helper 'cache --timeout 3600'

From the alert screenshot you have posted, it is clear that it happens whenever you use Git. You have stored your git credentials in the Keychain (which is the right way in macOS), and thus whenever you use Git, it asks the Keychain for the credentials. But not all apps are allowed access to the Keychain as it stores many other passwords / keys / certificates etc. So macOS informs you that this particular app wants access to the Keychain and you get the alert.

To avoid this alert, you can grant access to particular app(s) to only access specific credentials that it needs within Keychain, through the Keychain Access app. To do so:

  1. Open Keychain Access (you can find it in Applications > Utilities).

  2. Use the search field to search for your Git credential (e.g. "Github").

  3. It should show the respective item below. Right-click the correct git credential and from the menu, click Get Info.

  4. It will display a window like this (on macOS Mojave):

Keychain Access Control Settings

  1. Click on the Access Control tab.

  2. Under "Always allow access by these applications:", click the + sign and add the tool mentioned in the alert, i.e. "git-credential-oskeychain" (which I assume is the osxkeychain helper - this may be in different locations depending on whether you installed it using Homebrew or Xcode Command Line Tools).

  3. Click Save Changes button.

  4. Restart your computer.

You can also deselect Ask for Keychain password but (if I remember right) you may still get an alert whenever some tool wants to use it. It is a bad idea to select Allow all applications to access this item as it may allow any rogue application access to your git credentials.

Note: James Brickley's answer is better in terms of security as by caching the password with a timeout, you only allow access to the credentials for a limited time. With the method I have described, the specific app will always have access to the git credentials till you disallow it from Keychain Acess.

Related

How can I fix underscan/overscan when the slider isn't shown in System Preferences?
Copy paste a file inside a folder in List view
Is it possible to swap option and command keys for a specific keyboard?
Set tag color of image in Preview with hotkey/keyboard shortcut
Detect if deserialized object is missing a field with the JsonConvert class in Json.NET
Sending a sequence of commands and wait for response
Create counter with multiple variables [duplicate]
Need help with getline() [duplicate]
Working with an Access database in Python on non-Windows platform (Linux or Mac)
CSS Margin Collapsing
What is the exact meaning of static fields in Java?
Convert Python sequence to NumPy array, filling missing values