此版本的 GitHub Enterprise 已停止服务 2021-09-23. 即使针对重大安全问题,也不会发布补丁。 要获得更好的性能、改进的安全性和新功能,请升级到 GitHub Enterprise 的最新版本。 如需升级方面的帮助,请联系 GitHub Enterprise 支持

Token expiration and revocation

Your tokens can expire and can also be revoked by you, applications you have authorized, and GitHub Enterprise Server itself.

When a token has been revoked, it can no longer be used to authenticate Git and API requests. It is not possible to restore an expired or revoked token, you or the application will need to create a new token.

This article explains the possible reasons your GitHub Enterprise Server token might be revoked or expire.

Note: When a personal access token or OAuth token expires or is revoked, you may see an oauth_authorization.destroy action in your security log. 更多信息请参阅“查看安全日志”。

Token revoked by the user

You can revoke your authorization of a GitHub 应用程序 or OAuth 应用程序 from your account settings which will revoke any tokens associated with the app. For more information, see "Reviewing your authorized integrations" and "Reviewing your authorized applications (OAuth)."

Once an authorization is revoked, any tokens associated with the authorization will be revoked as well. To re-authorize an application, follow the instructions from the third-party application or website to connect your GitHub Enterprise Server account again.

Token revoked by the OAuth 应用程序

The owner of an OAuth 应用程序 can revoke an account's authorization of their app, this will also revoke any tokens associated with the authorization. For more information about revoking authorizations of your OAuth app, see "Delete an app authorization."

Token revoked due to excess of tokens for an OAuth 应用程序 with the same scope

每个用户/应用程序/作用域组合签发的令牌数量有限。 If an application creates more than 10 tokens for the same user and the same scopes, the oldest tokens with the same user/application/scope combination will be revoked.

User token revoked due to GitHub 应用程序 configuration

User-to-server tokens created by a GitHub 应用程序 will expire after eight hours by default. Owners of GitHub 应用程序 can configure their apps so that user-to-server tokens do not expire. For more information about changing how your GitHub App's user-to-server tokens behave, see "Activating optional features for apps."