diff --git a/go.mod b/go.mod
index 86de7da..1e17ee2 100644
--- a/go.mod
+++ b/go.mod
@@ -3,7 +3,7 @@ module agola.io/agola
 go 1.12
 
 require (
-	code.gitea.io/sdk/gitea v0.11.0
+	code.gitea.io/sdk/gitea v0.12.0
 	github.com/Masterminds/squirrel v1.2.0
 	github.com/Microsoft/hcsshim v0.8.7 // indirect
 	github.com/bmatcuk/doublestar v1.2.2
diff --git a/go.sum b/go.sum
index 3836587..d2a49b0 100644
--- a/go.sum
+++ b/go.sum
@@ -2,8 +2,8 @@ bazil.org/fuse v0.0.0-20160811212531-371fbbdaa898/go.mod h1:Xbm+BRKSBEpa4q4hTSxo
 cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw=
 cloud.google.com/go v0.34.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw=
 cloud.google.com/go v0.38.0/go.mod h1:990N+gfupTy94rShfmMCWGDn0LpTmnzTp2qbd1dvSRU=
-code.gitea.io/sdk/gitea v0.11.0 h1:XgZtmImZsjMC+Z1WBfO6bYTCOJiGp+7w0HKmfhTwytw=
-code.gitea.io/sdk/gitea v0.11.0/go.mod h1:z3uwDV/b9Ls47NGukYM9XhnHtqPh/J+t40lsUrR6JDY=
+code.gitea.io/sdk/gitea v0.12.0 h1:hvDCz4wtFvo7rf5Ebj8tGd4aJ4wLPKX3BKFX9Dk1Pgs=
+code.gitea.io/sdk/gitea v0.12.0/go.mod h1:z3uwDV/b9Ls47NGukYM9XhnHtqPh/J+t40lsUrR6JDY=
 github.com/Azure/azure-sdk-for-go v35.0.0+incompatible/go.mod h1:9XXNKU+eRnpl9moKnB4QOLf1HestfXbmab5FXxiDBjc=
 github.com/Azure/azure-sdk-for-go v38.0.0+incompatible/go.mod h1:9XXNKU+eRnpl9moKnB4QOLf1HestfXbmab5FXxiDBjc=
 github.com/Azure/go-ansiterm v0.0.0-20170929234023-d6e3b3328b78 h1:w+iIsaOQNcT7OZ575w+acHgRric5iCyQh+xv+KJ4HB8=
diff --git a/internal/gitsources/gitea/gitea.go b/internal/gitsources/gitea/gitea.go
index 58ae3de..7631ac1 100644
--- a/internal/gitsources/gitea/gitea.go
+++ b/internal/gitsources/gitea/gitea.go
@@ -37,7 +37,7 @@ import (
 
 const (
 	// TODO(sgotti) The gitea client doesn't provide an easy way to detect http response codes...
-	// we should probably use our own client implementation
+	// https://gitea.com/gitea/go-sdk/issues/303
 
 	ClientNotFound = "404 Not Found"
 )
@@ -165,6 +165,8 @@ func (c *Client) LoginPassword(username, password, tokenName string) (string, er
 	// try to get agola access token if it already exists
 	// use custom http call since gitea api client doesn't provide an easy way to
 	// guess if the username/password login failed
+	// https://gitea.com/gitea/go-sdk/issues/303
+
 	var accessToken string
 
 	tokens := make([]*gitea.AccessToken, 0, 10)
@@ -199,9 +201,8 @@ func (c *Client) LoginPassword(username, password, tokenName string) (string, er
 
 	// create access token
 	if accessToken == "" {
+		c.client.SetBasicAuth(username, password)
 		token, terr := c.client.CreateAccessToken(
-			username,
-			password,
 			gitea.CreateAccessTokenOption{Name: tokenName},
 		)
 		if terr != nil {
@@ -271,7 +272,7 @@ func (c *Client) UpdateDeployKey(repopath, title, pubKey string, readonly bool)
 	// the same value it is correctly readded and the admin must force a
 	// authorized_keys regeneration on the server. To avoid this we update it only
 	// when the public key value has changed
-	keys, err := c.client.ListDeployKeys(owner, reponame)
+	keys, err := c.client.ListDeployKeys(owner, reponame, gitea.ListDeployKeysOptions{})
 	if err != nil {
 		return errors.Errorf("error retrieving existing deploy keys: %w", err)
 	}
@@ -303,7 +304,7 @@ func (c *Client) DeleteDeployKey(repopath, title string) error {
 	if err != nil {
 		return err
 	}
-	keys, err := c.client.ListDeployKeys(owner, reponame)
+	keys, err := c.client.ListDeployKeys(owner, reponame, gitea.ListDeployKeysOptions{})
 	if err != nil {
 		return errors.Errorf("error retrieving existing deploy keys: %w", err)
 	}
@@ -348,7 +349,7 @@ func (c *Client) DeleteRepoWebhook(repopath, u string) error {
 	if err != nil {
 		return err
 	}
-	hooks, err := c.client.ListRepoHooks(owner, reponame)
+	hooks, err := c.client.ListRepoHooks(owner, reponame, gitea.ListHooksOptions{})
 	if err != nil {
 		return errors.Errorf("error retrieving repository webhooks: %w", err)
 	}
@@ -381,7 +382,7 @@ func (c *Client) CreateCommitStatus(repopath, commitSHA string, status gitsource
 }
 
 func (c *Client) ListUserRepos() ([]*gitsource.RepoInfo, error) {
-	remoteRepos, err := c.client.ListMyRepos()
+	remoteRepos, err := c.client.ListMyRepos(gitea.ListReposOptions{})
 	if err != nil {
 		return nil, err
 	}
diff --git a/tests/setup_test.go b/tests/setup_test.go
index 00c8fea..3b6ffb0 100644
--- a/tests/setup_test.go
+++ b/tests/setup_test.go
@@ -120,7 +120,8 @@ func setupGitea(t *testing.T, dir, dockerBridgeAddress string) *testutil.TestGit
 
 	// Wait for gitea api to be ready
 	err = testutil.Wait(30*time.Second, func() (bool, error) {
-		if _, err := giteaClient.ListAccessTokens(giteaUser01, "password"); err != nil {
+		giteaClient.SetBasicAuth(giteaUser01, "password")
+		if _, err := giteaClient.ListAccessTokens(gitea.ListAccessTokensOptions{}); err != nil {
 			return false, nil
 		}
 		return true, nil
@@ -392,7 +393,8 @@ func createLinkedAccount(ctx context.Context, t *testing.T, tgitea *testutil.Tes
 	giteaAPIURL := fmt.Sprintf("http://%s:%s", tgitea.HTTPListenAddress, tgitea.HTTPPort)
 	giteaClient := gitea.NewClient(giteaAPIURL, "")
 
-	giteaToken, err := giteaClient.CreateAccessToken(giteaUser01, "password", gitea.CreateAccessTokenOption{Name: "token01"})
+	giteaClient.SetBasicAuth(giteaUser01, "password")
+	giteaToken, err := giteaClient.CreateAccessToken(gitea.CreateAccessTokenOption{Name: "token01"})
 	if err != nil {
 		t.Fatalf("unexpected err: %v", err)
 	}
@@ -1564,7 +1566,8 @@ func TestPullRequest(t *testing.T) {
 					t.Fatal("failed to create user02: %w", err)
 				}
 
-				giteaUser02Token, err := giteaClient.CreateAccessToken(giteaUser02, "password", gitea.CreateAccessTokenOption{Name: "token01"})
+				giteaClient.SetBasicAuth(giteaUser02, "password")
+				giteaUser02Token, err := giteaClient.CreateAccessToken(gitea.CreateAccessTokenOption{Name: "token01"})
 				if err != nil {
 					t.Fatalf("failed to create token for user02: %v", err)
 				}