用于企业凭据授权的 REST API 终结点
使用 REST API 管理企业凭据授权。
Revoke all credential authorizations for an enterprise
Revokes all credential authorizations for all organizations within the enterprise. This includes any guest, outside, or repository collaborators.
For Enterprise Managed User (EMU) enterprises, you can optionally also destroy all
credentials (PATs v1, PATs v2, and SSH keys) owned by enterprise members by setting
the revoke_credentials parameter to true.
This operation is performed asynchronously. A background job will be queued to process the revocations.
Warning
If you use a personal access token to call this endpoint, that token may also be revoked or destroyed as part of this operation.
The authenticated user must be an enterprise owner or have the write_enterprise_credentials permission to use this endpoint.
OAuth app tokens and personal access tokens (classic) need the admin:enterprise scope to use this endpoint.
“Revoke all credential authorizations for an enterprise”的细粒度访问令牌
此端点支持以下精细令牌类型:
细粒度令牌必须具有以下权限集:
- "Enterprise credentials" enterprise permissions (write)
“”Revoke all credential authorizations for an enterprise 的参数
| 名称, 类型, 说明 |
|---|
accept string Setting to |
| 名称, 类型, 说明 |
|---|
enterprise string 必须The slug version of the enterprise name. |
| 名称, 类型, 说明 |
|---|
revoke_credentials boolean Whether to also destroy the actual credentials (PATs and SSH keys) owned by
enterprise members. This option is only available for Enterprise Managed User
(EMU) enterprises. When set to 默认: |
“Revoke all credential authorizations for an enterprise”的 HTTP 响应状态代码
| 状态代码 | 说明 |
|---|---|
202 | Accepted - The revocation request has been queued |
403 | Forbidden |
404 | Resource not found |
422 | Validation error - The |
“Revoke all credential authorizations for an enterprise”的代码示例
如果你在 GHE.com 上访问 GitHub,请将 api.github.com 替换为企业的专用子域,位于 api.SUBDOMAIN.ghe.com。
请求示例
curl -L \
-X POST \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer <YOUR-TOKEN>" \
-H "X-GitHub-Api-Version: 2026-03-10" \
https://api.github.com/enterprises/ENTERPRISE/credential-authorizations/revoke-all \
-d '{"revoke_credentials":false}'Accepted - The revocation request has been queued
Status: 202{
"message": "Credential authorization revocation has been queued"
}Revoke credential authorizations for a user in an enterprise
Revokes all credential authorizations for a single user within the enterprise. This includes any credential authorizations the user has across all organizations in the enterprise.
For Enterprise Managed User (EMU) enterprises, you can optionally also destroy all
credentials (PATs v1, PATs v2, and SSH keys) owned by the user by setting
the revoke_credentials parameter to true.
This operation is performed asynchronously. A background job will be queued to process the revocations.
Warning
If you use a personal access token to call this endpoint and target yourself, that token may also be revoked or destroyed as part of this operation.
The authenticated user must be an enterprise owner or have the write_enterprise_credentials permission to use this endpoint.
OAuth app tokens and personal access tokens (classic) need the admin:enterprise scope to use this endpoint.
“Revoke credential authorizations for a user in an enterprise”的细粒度访问令牌
此端点支持以下精细令牌类型:
细粒度令牌必须具有以下权限集:
- "Enterprise credentials" enterprise permissions (write)
“”Revoke credential authorizations for a user in an enterprise 的参数
| 名称, 类型, 说明 |
|---|
accept string Setting to |
| 名称, 类型, 说明 |
|---|
enterprise string 必须The slug version of the enterprise name. |
username string 必须The handle for the GitHub user account. |
| 名称, 类型, 说明 |
|---|
revoke_credentials boolean Whether to also destroy the actual credentials (PATs and SSH keys) owned by
the user. This option is only available for Enterprise Managed User (EMU)
enterprises. When set to 默认: |
“Revoke credential authorizations for a user in an enterprise”的 HTTP 响应状态代码
| 状态代码 | 说明 |
|---|---|
202 | Accepted - The revocation request has been queued |
403 | Forbidden |
404 | Resource not found |
422 | Validation error - The target user cannot be revoked, or |
“Revoke credential authorizations for a user in an enterprise”的代码示例
如果你在 GHE.com 上访问 GitHub,请将 api.github.com 替换为企业的专用子域,位于 api.SUBDOMAIN.ghe.com。
请求示例
curl -L \
-X POST \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer <YOUR-TOKEN>" \
-H "X-GitHub-Api-Version: 2026-03-10" \
https://api.github.com/enterprises/ENTERPRISE/credential-authorizations/USERNAME/revoke \
-d '{"revoke_credentials":false}'Accepted - The revocation request has been queued
Status: 202{
"message": "Credential authorization revocation for user 'octocat' has been queued"
}