Конечные точки REST API для авторизации учетных данных предприятия
Используйте API REST для управления авторизациями корпоративных учетных данных.
Revoke all credential authorizations for an enterprise
Revokes all credential authorizations for all organizations within the enterprise. This includes any guest, outside, or repository collaborators.
For Enterprise Managed User (EMU) enterprises, you can optionally also destroy all
credentials (PATs v1, PATs v2, and SSH keys) owned by enterprise members by setting
the revoke_credentials parameter to true.
This operation is performed asynchronously. A background job will be queued to process the revocations.
Warning
If you use a personal access token to call this endpoint, that token may also be revoked or destroyed as part of this operation.
The authenticated user must be an enterprise owner or have the write_enterprise_credentials permission to use this endpoint.
OAuth app tokens and personal access tokens (classic) need the admin:enterprise scope to use this endpoint.
Детализированные токены доступа для «Revoke all credential authorizations for an enterprise»
Эта конечная точка работает со следующими точными типами маркеров:
Маркер с точной детализацией должен иметь следующий набор разрешений.:
- "Enterprise credentials" enterprise permissions (write)
Параметры для «Revoke all credential authorizations for an enterprise»
| Имя., Тип, Description |
|---|
accept string Setting to |
| Имя., Тип, Description |
|---|
enterprise string Обязательное полеThe slug version of the enterprise name. |
| Имя., Тип, Description |
|---|
revoke_credentials boolean Whether to also destroy the actual credentials (PATs and SSH keys) owned by
enterprise members. This option is only available for Enterprise Managed User
(EMU) enterprises. When set to По умолчанию.: |
HTTP-коды статуса ответа для «Revoke all credential authorizations for an enterprise»
| Код состояния | Description |
|---|---|
202 | Accepted - The revocation request has been queued |
403 | Forbidden |
404 | Resource not found |
422 | Validation error - The |
Примеры кода для «Revoke all credential authorizations for an enterprise»
Если вы получаете доступ к GitHub на GHE.com, замените api.github.com на выделенный поддомен вашего предприятия в api.SUBDOMAIN.ghe.com.
Пример запроса
curl -L \
-X POST \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer <YOUR-TOKEN>" \
-H "X-GitHub-Api-Version: 2026-03-10" \
https://api.github.com/enterprises/ENTERPRISE/credential-authorizations/revoke-all \
-d '{"revoke_credentials":false}'Accepted - The revocation request has been queued
Status: 202{
"message": "Credential authorization revocation has been queued"
}Revoke credential authorizations for a user in an enterprise
Revokes all credential authorizations for a single user within the enterprise. This includes any credential authorizations the user has across all organizations in the enterprise.
For Enterprise Managed User (EMU) enterprises, you can optionally also destroy all
credentials (PATs v1, PATs v2, and SSH keys) owned by the user by setting
the revoke_credentials parameter to true.
This operation is performed asynchronously. A background job will be queued to process the revocations.
Warning
If you use a personal access token to call this endpoint and target yourself, that token may also be revoked or destroyed as part of this operation.
The authenticated user must be an enterprise owner or have the write_enterprise_credentials permission to use this endpoint.
OAuth app tokens and personal access tokens (classic) need the admin:enterprise scope to use this endpoint.
Детализированные токены доступа для «Revoke credential authorizations for a user in an enterprise»
Эта конечная точка работает со следующими точными типами маркеров:
Маркер с точной детализацией должен иметь следующий набор разрешений.:
- "Enterprise credentials" enterprise permissions (write)
Параметры для «Revoke credential authorizations for a user in an enterprise»
| Имя., Тип, Description |
|---|
accept string Setting to |
| Имя., Тип, Description |
|---|
enterprise string Обязательное полеThe slug version of the enterprise name. |
username string Обязательное полеThe handle for the GitHub user account. |
| Имя., Тип, Description |
|---|
revoke_credentials boolean Whether to also destroy the actual credentials (PATs and SSH keys) owned by
the user. This option is only available for Enterprise Managed User (EMU)
enterprises. When set to По умолчанию.: |
HTTP-коды статуса ответа для «Revoke credential authorizations for a user in an enterprise»
| Код состояния | Description |
|---|---|
202 | Accepted - The revocation request has been queued |
403 | Forbidden |
404 | Resource not found |
422 | Validation error - The target user cannot be revoked, or |
Примеры кода для «Revoke credential authorizations for a user in an enterprise»
Если вы получаете доступ к GitHub на GHE.com, замените api.github.com на выделенный поддомен вашего предприятия в api.SUBDOMAIN.ghe.com.
Пример запроса
curl -L \
-X POST \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer <YOUR-TOKEN>" \
-H "X-GitHub-Api-Version: 2026-03-10" \
https://api.github.com/enterprises/ENTERPRISE/credential-authorizations/USERNAME/revoke \
-d '{"revoke_credentials":false}'Accepted - The revocation request has been queued
Status: 202{
"message": "Credential authorization revocation for user 'octocat' has been queued"
}