DagsHub · kbolashev · Dec 10, 2024 · Dec 8, 2024 · Dec 8, 2024
diff --git a/dagshub/auth/__init__.py b/dagshub/auth/__init__.py
@@ -1,4 +1,4 @@
-from .tokens import get_token, add_app_token, add_oauth_token, InvalidTokenError, get_authenticator
+from .tokens import get_token, add_app_token, add_oauth_token, InvalidTokenError, get_authenticator, clear_token_cache
 from .oauth import OauthNonInteractiveShellException
 
 __all__ = [
@@ -8,4 +8,5 @@
     OauthNonInteractiveShellException.__name__,
     InvalidTokenError.__name__,
     get_authenticator.__name__,
+    clear_token_cache.__name__,
 ]
diff --git a/dagshub/auth/tokens.py b/dagshub/auth/tokens.py
@@ -18,7 +18,7 @@
     DagshubAuthenticator,
 )
 from dagshub.common import config
-from dagshub.common.helpers import http_request, log_message
+from dagshub.common.helpers import http_request, log_message, prompt_user
 from dagshub.common.util import multi_urljoin
 
 logger = logging.getLogger(__name__)
@@ -453,3 +453,20 @@ def add_oauth_token(host: Optional[str] = None, referrer: Optional[str] = None,
     host = host or config.host
     token = oauth.oauth_flow(host, referrer=referrer)
     _get_token_storage(**kwargs).add_token(token, host, skip_validation=True)
+
+
+def clear_token_cache(force=False):
+    """
+    Clear the token cache file.
+
+    .. warning::
+        This will remove ALL tokens you have stored for any dagshub instance you connected to.
+    """
+    cache = config.cache_location
+    if not force:
+        prompt = prompt_user(f"This will remove ALL tokens stored in the cache file at {cache}.", default=True)
+        if not prompt:
+            return
+
+    os.remove(cache)
+    print(f"Removed all tokens stored at {cache}")
diff --git a/docs/source/index.rst b/docs/source/index.rst
@@ -31,6 +31,7 @@ run ``pip install dagshub[jupyter]`` to install additional dependencies to enhan
     reference/repo_api
     reference/notebook
     reference/mlflow_util
+    reference/troubleshooting
 
 ..  Files after this one are hidden and aren't exposed (not exposing them to the user due to deprecation)
     reference/metric_logging

diff --git a/docs/source/reference/auth.rst b/docs/source/reference/auth.rst
@@ -39,9 +39,15 @@ Triggering the OAuth flow explicitly
 
 You can also trigger the OAuth flow by doing ``dagshub login`` in CLI.
 
+Clearing the token cache
++++++++++++++++++++++++++++
+
+.. autofunction:: dagshub.auth.clear_token_cache
+
 Connecting to a hosted DagsHub instance
 ++++++++++++++++++++++++++++++++++++++++++++++
 
 If you are a self-serve customer of DagsHub, set ``DAGSHUB_CLIENT_HOST`` environment variable
 to the url of the DagsHub deployment. All client functions will automatically connect to the hosted instance.
 
+
diff --git a/docs/source/reference/troubleshooting.rst b/docs/source/reference/troubleshooting.rst
@@ -0,0 +1,13 @@
+Troubleshooting
+==================
+
+I can't access my repository and/or I'm getting 403 errors.
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+
+Look for the ``Accessing as <user>`` in your logs at the first point you're connecting to DagsHub.
+
+If it's not the user you expect, you might have an old token in your cache. We recommend clearing out the cache with :func:`.clear_token_cache`.
+
+If the user is correct and you're in an organization, ask the administrator of your organization to make sure you have access to the repo.
+
+