Skip to main content
Publicamos atualizações frequentes em nossa documentação, e a tradução desta página ainda pode estar em andamento. Para acessar as informações mais atualizadas, visite a Documentação em inglês.
� 

� 

Esta versão do GitHub Enterprise foi descontinuada em 2022-10-12. Nenhum lançamento de patch será feito, mesmo para questões críticas de segurança. Para obter melhor desempenho, segurança aprimorada e novos recursos, atualize para a última versão do GitHub Enterprise. Para obter ajuda com a atualização, entre em contato com o suporte do GitHub Enterprise.

Token expiration and revocation

Neste artigo

Your tokens can expire and can also be revoked by you, applications you have authorized, and GitHub Enterprise Server itself.

When a token has been revoked, it can no longer be used to authenticate Git and API requests. It is not possible to restore an expired or revoked token, you or the application will need to create a new token.

This article explains the possible reasons your GitHub Enterprise Server token might be revoked or expire.

Note: When a personal access token or OAuth token expires or is revoked, you may see an oauth_authorization.destroy action in your security log. For more information, see "Reviewing your security log."

Token revoked by the user

You can revoke your authorization of a GitHub App or OAuth App from your account settings which will revoke any tokens associated with the app. For more information, see "Reviewing your authorized integrations" and "Reviewing your authorized applications (OAuth)."

Once an authorization is revoked, any tokens associated with the authorization will be revoked as well. To re-authorize an application, follow the instructions from the third-party application or website to connect your account on your GitHub Enterprise Server instance again.

Token revoked by the OAuth App

The owner of an OAuth App can revoke an account's authorization of their app, this will also revoke any tokens associated with the authorization. For more information about revoking authorizations of your OAuth app, see "Delete an app authorization."

OAuth App owners can also revoke individual tokens associated with an authorization. For more information about revoking individual tokens for your OAuth app, see "Delete an app token".

Token revoked due to excess of tokens for an OAuth App with the same scope

Há um limite de dez tokens emitidos por combinação de usuário/aplicativo/escopo. Se um aplicativo cria mais de 10 tokens para o mesmo usuário e os mesmos escopos, os tokens mais antigos com a mesma combinação de usuário/aplicativo/escopo serão revogados.

User token revoked due to GitHub App configuration

User-to-server tokens created by a GitHub App will expire after eight hours by default. Owners of GitHub Apps can configure their apps so that user-to-server tokens do not expire. For more information about changing how your GitHub App's user-to-server tokens behave, see "Activating optional features for apps."