repo sync

content/graphql/guides/using-global-node-ids.md

@@ -35,7 +35,7 @@ Let's walk through an example.
 If you [request the authenticated user](/rest/users#get-the-authenticated-user):
 
 ```shell
-$ curl -i -u USERNAME:TOKEN {% data variables.product.api_url_pre %}/user
+$ curl -i --header "Authorization: Bearer YOUR-TOKEN" {% data variables.product.api_url_pre %}/user
 ```
 
 you'll get a response that includes the `node_id` of the authenticated user:

content/rest/overview/resources-in-the-rest-api.md

@@ -129,7 +129,7 @@ Read [more about unauthenticated rate limiting](#increasing-the-unauthenticated-
 Authenticating with invalid credentials will return `401 Unauthorized`:
 
 ```shell
-$ curl -I {% data variables.product.api_url_pre %} -u foo:bar
+$ curl -I {% data variables.product.api_url_pre %} --header "Authorization: Bearer INVALID-TOKEN"
 > HTTP/2 401
 
 > {
@@ -143,8 +143,6 @@ the API will temporarily reject all authentication attempts for that user
 (including ones with valid credentials) with `403 Forbidden`:
 
 ```shell
-$ curl -i {% data variables.product.api_url_pre %} -u {% ifversion fpt or ghae or ghec %}
--u VALID_USERNAME:VALID_TOKEN {% endif %}{% ifversion ghes %}-u VALID_USERNAME:VALID_PASSWORD {% endif %}
 > HTTP/2 403
 > {
 >   "message": "Maximum number of login attempts exceeded. Please try again later.",
@@ -170,7 +168,7 @@ For `POST`, `PATCH`, `PUT`, and `DELETE` requests, parameters not included in th
 with a Content-Type of 'application/json':
 
 ```shell
-$ curl -i -u username -d '{"scopes":["repo_deployment"]}' {% data variables.product.api_url_pre %}/authorizations
+$ curl -i --header "Authorization: Bearer YOUR-TOKEN" -d '{"scopes":["repo_deployment"]}' {% data variables.product.api_url_pre %}/authorizations
 ```
 
 ## Root endpoint

content/rest/overview/troubleshooting.md

@@ -65,19 +65,21 @@ On November 13, 2020 username and password authentication to the REST API and th
 If you're using `username` and `password` for API calls, then they are no longer able to authenticate. For example:
 
 ```bash
-curl -u my_user:my_password https://api.github.com/user/repos
+curl -u YOUR-USERNAME:YOUR-PASSWORD https://api.github.com/user/repos
 ```
 
-Instead, use a [{% data variables.product.pat_generic %}](/authentication/keeping-your-account-and-data-secure/creating-a-personal-access-token) when testing endpoints or doing local development:
+Instead, use a {% data variables.product.pat_generic %} or an access token for a {% data variables.product.prodname_github_app %} when testing endpoints or doing local development:
 
 ```bash
-curl -H 'Authorization: Bearer my_access_token' https://api.github.com/user/repos
+curl -H 'Authorization: Bearer YOUR-TOKEN' https://api.github.com/user/repos
 ```
 
+For more information, see "[AUTOTITLE](/authentication/keeping-your-account-and-data-secure/creating-a-personal-access-token)" and "[AUTOTITLE](/apps/creating-github-apps/authenticating-with-a-github-app/about-authentication-with-a-github-app)."
+
 For OAuth Apps, you should use the [web application flow](/apps/oauth-apps/building-oauth-apps/authorizing-oauth-apps#web-application-flow) to generate an OAuth token to use in the API call's header:
 
 ```bash
-curl -H 'Authorization: Bearer my-oauth-token' https://api.github.com/user/repos
+curl -H 'Authorization: Bearer YOUR-OAUTH-TOKEN' https://api.github.com/user/repos
 ```
 
 ## Timeouts

content/rest/webhooks/index.md

@@ -68,10 +68,10 @@ Name | Type | Required | Description
 ``hub.callback``|`string` | {% octicon "x" aria-label="Optional" %} | The URI to receive the updates to the topic.
 ``hub.secret``|`string` | {% octicon "x" aria-label="Optional" %} | A shared secret key that generates a hash signature of the outgoing body content.  You can verify a push came from GitHub by comparing the raw request body with the contents of the {% ifversion fpt or ghes or ghec %}`X-Hub-Signature` or `X-Hub-Signature-256` headers{% elsif ghae %}`X-Hub-Signature-256` header{% endif %}. You can see [the PubSubHubbub documentation](https://pubsubhubbub.github.io/PubSubHubbub/pubsubhubbub-core-0.4.html#authednotify) for more details.
 
-A example request with curl looks like:
+An example request with curl looks like:
 
 ``` shell
-curl -u "user" -i \
+curl --header "Authorization: Bearer YOUR-TOKEN" -i \
   {% data variables.product.api_url_pre %}/hub \
   -F "hub.mode=subscribe" \
   -F "hub.topic=https://github.com/{owner}/{repo}/events/push" \