Enabling OAuth App access restrictions for your organization

Organization owners can enable OAuth App access restrictions to prevent untrusted apps from accessing the organization's resources while allowing organization members to use OAuth Apps for their personal accounts.

When you create a new organization, OAuth App access restrictions are enabled by default. Organization owners can disable OAuth App access restrictions at any time.


  • Enabling OAuth App access restrictions will revoke organization access for all previously authorized OAuth Apps and SSH keys. For more information, see "About OAuth App access restrictions."
  • Once you've set up OAuth App access restrictions, make sure to re-authorize any OAuth App that require access to the organization's private data on an ongoing basis. All organization members will need to create new SSH keys, and the organization will need to create new deploy keys as needed.
  • When OAuth App access restrictions are enabled, applications can use an OAuth token to access information about GitHub Marketplace transactions.
  1. In the top right corner of GitHub.com, click your profile photo, then click Your organizations. Your organizations in the profile menu

  2. Next to the organization, click Settings. The settings button

  3. In the Settings sidebar, click Third-party access. OAuth App access tab in the left sidebar

  4. Under "Third-party application access policy," click Setup application access restrictions. Set up restrictions button

  5. After you review the information about third-party access restrictions, click Restrict third-party application access. Restriction confirmation button

Did this doc help you?

Privacy policy

Help us make these docs great!

All GitHub docs are open source. See something that's wrong or unclear? Submit a pull request.

Make a contribution

Or, learn how to contribute.